Not an imaginary conversation.
Me – How are you handling all the crazy new cyber threats currently being thrown at us on the Internet?
She – I’m cool! I’ve got the best Anti-virus program there is (her reference – the neighbourhood geek.)
Me – Good to hear that. So, what are you doing to take care of the rest?
She – What rest?
Rinse, wash and repeat this conversation a thousand times – and, the “rest” almost always becomes the new focus of attention. As it should – it’s here, in an often murky area (at least to a typical user), that, that user, runs a major risk of stumbling.
Security – both physical and electronic – isn’t about eliminating all risk – if it was, you and I (on the physical side), wouldn’t cross the road. Similarly, in Internet security, we can’t eliminate all the risks – short of unplugging the connection. Instead, a more realistic approach requires that we focus our attention on eliminating as many known risks as possible (just as we do in the physical world.)
In other words – we need to engage with the proactive side of Internet security rather than continuing to focus on the reactive side – the, “I’ve got the best Anti-virus program there is” side.
Luckily, there’s a terrific little application – OPSWAT’s Security Score – that in a matter of just a few seconds, evaluates and sets out the “rest” – and, should the application determine that a security issue needs to be addressed, helpful tips/hints are provided.
Regular readers may remember that I first reviewed this application several months ago, and while I agreed in principal with the concept, the execution (in my view), was not up to standard. OPSWAT has since revised and expanded the application in such a way, that Security Score should be considered a “must have” addition to a security toolbox. Particularly for those users who are less familiar with the ever changing cyber threat landscape.
Let me backtrack just a little and put up a graphic from the first run through with Security Score, in April. As you can see, the application teased out a score of 60/100. A less than impressive score for a security professional.
Good News:
The issues which prevented Security Score from digging into the system in order to provide an authentic result have been addressed and, are reflected in the following graphic – June 7, 2013.
The above graphic indicates an encryption raw score of zero which reflects the fact that I choose not to use Windows BitLocker.
However, as I wrote in my previous review – “I don’t do full disk encryption. I do however, encrypt selected files/folders (a much better choice for most users in my view), using what has long been considered the premier free encryption application available – TrueCrypt. Still, it’s good to see that the application addresses an issue which often escapes the notice of less experienced users.
Since application and operating system patches are often neglected by average users, a key component in Security Score measures the users adherence to a patch management routine.
Often not considered as part of a layered security approach, system/file backup is, in fact, a key element in any such process. You’ll note from the following graphic that Security Score has picked up on my use of a number of backup schemes including Google Drive…
… and Microsoft’s SkyDrive.
As the following graphic indicates, I’ve been marked down slightly on AV coverage since the application cannot be aware that I substitute full on-board AV scans with weekly scans using a Linux Live CD.
Given the conditions that we are now forced to deal with on the Internet – active PC monitoring with a view to insuring the security status of the machine is in good order is not just a preference or a recommendation – it’s an absolute necessity.
Sure, you can do all that this application does, manually. Choosing this route however, one could increase the risk of possible shortcomings in an otherwise acceptable security strategy. So, do yourself a favor and install OPSWAT’s Security Score. Better yet, introduce your friends/relatives/co-workers, to this neat freebie – we’ll all be the better for that.
Download at: OPSWAT
How OPSWAT calculates your security score:
OPSWAT’s score calculation is based on security industry and market research reports, over ten years of expertise in the security field, and feedback from leading security technology vendors on the relative importance of the categories and status of security software.
<source>
This requires Internet Explorer in order to download it. As I have that browser blocked from being able to access the internet (except for the system update site) for security reasons this means that I would need to lower the security on my system in order to download it – something I never do.
Thank you Bill,
I got a 100% score in all areas, except anti-virus, and using Windows Security I expected more than 80.
I have Kaspersky on two laptops and a desktop XP PC which I am junking. As my Kaspersky allows three computers I will now test on the two laptops and if the score is better, well, bye bye Windows , er, Security.
Cheers.
Bill,
My score is 90. I received a “0” on Patch Management.
There is NOTHING (unless you can suggest something) on my computer that cannot be viewed by an outsider.
No credit card or banking info.
Thanks
2 ‘puters. 1 running WIN7, the other running WIN8. Downloaded & installed with Firefox, downloaded & installed with Chrome. Applications downloaded/installed/ran & reported (100%), with no problem(s).
Did I miss something?
Thanks, I got an 88 but am uncertain how to raise my “red” scores.
Dan
After I installed it OPSWAT started with no problem but I don’t see a shortcut on my desktop (nor is it clear which “exe” to create one from in the OPSWAT directory).
I’m sure it’s staring me in the face but how do I start OPSWAT?
Thanks,
Dan