True IT guys seem to be few and far between in the world of public accounting, but I have noticed more and more of us starting to get sucked into the wonderful world of audit spreadsheets, AICPA guidelines and risk frameworks!

After spending the past year roaming the halls of the Atlanta Grant Thornton office, I still stick out a bit with my thick beard, plaid shirts, and Timex weekender watch. Guess what is one of the most popular questions people like to ask the “IT Guy”, once they learn a little bit about me.

How do I keep my computer from getting viruses?!

In this post, I’m going to outline how I go about securing a personal computer. This method isn’t full proof or perfect, but it has worked pretty darn well for me over the last half a decade, and the best thing about it- these techniques are cross platform.

Securing, Hardening & Preventing Viruses on Windows and Mac OS X!

As I mentioned above, these safeguards are cross platform. I have deployed these steps on both PCs and Macs and I see no reason you couldn’t carry these same steps over to a Linux environment as well.

This guide assumes you have a clean system and are not in the process of fighting a virus. These are all preventative measures.

1. Implement an Admin account or Admin/Root Password

The first and best line of defense against most malware is simply preventing it from running or installing in the first place.

2. Install the Chrome or Firefox web browser (preferably Firefox) with security plugins

Both Chrome and Firefox enjoy being supported by a community of developers who are very concerned with IT security.

  • Install Plugins: Once installing either Chrome or Firefox, I suggest installing the Disconnect, and uBlock Origin plugins. These plugins help protect your privacy and block a lot of malicious sites from being able to connect to your computer in the first place.
  • Firefox Pro Tip: Firefox relies on its own CA Certificate Store instead of relying on your OS’ built in store, which may add an additional layer of protection from any bad root certificates that may get installed on the OS (as was the case with the Lenovo Superfish vulnerability).

3. Apply the MVPS Hosts File to your System

The Hosts file dates back to the early days of computing and is the first file that all systems using DNS look to when doing internet address lookups.

Hosts File Warning: Traditionally viruses have not attacked the hosts file, but I have read recent reports of this happening. The makes it all the more important that you are following Step 1- implementing an Admin Account/Root password.

Further, some anti-virus applications may scan the Hosts file and flag your changes as a threat, requiring you to create a custom rule to not scan the Hosts file.

4. Use OpenDNS for added filtering.

OpenDNS is a service that is free for personal use which allows you to point your DNS queries to the OpenDNS webservers. From there, you can create an account and associate your IP address with your account and implement custom web filtering.

Hard Code OpenDNS in your Router

Hard Code OpenDNS in your Router

  • Once you create an Open DNS account: install the DNS updater on your system and implement custom filtering options:
Open DNS Filtering Settings

Open DNS Filtering Settings

5. Enable the built in Firewall on your Router and your OS

Your router is your first line of defense! Buy a decent router with a built in firewall and make sure it is enabled. Also verify that your OS firewall is enabled.

Use IPConfig to find the Default Gateway in Windows

Use IPConfig to find the Default Gateway in Windows

Have any great tips of your own to add? Please share in the comments!