If you haven't learned anything, the best piece of advice I can provide you is, "log off when you're finished". Why? Keeping yourself logged on exposes the personal information and it is accessible to anyone that has physical access to your system. While it's a pure convenience to keep yourself logged on to Facebook, Gmail, AIM, and all of the most popular websites, take a step back to observe what the criminals are thinking. You are making yourself an easy target and most likely a victim of cyber theft. Leaving yourself logged on to your banking session while stepping away for a cup of coffee at work is a really bad idea. The activities on your session are unmonitored and all of your personally identifiable information is in the hands of a stranger. I'm sure your co-workers won't steal your identity but in a public or open area it's quite possible for someone to walk up and download your bank statement. It's not hard for someone to copy all of your website passwords either. Physical security is key and once that is compromised, it's hard to control what the thief has access to.
I heard many times from ordinary people about securing their wireless routers in their homes by implementing a form of encryption and hiding the SSID (service set identifier). While the former is a great idea, the latter is a bad idea. Here is why, research and Microsoft's TechNet articles state that you will not benefit by hiding your SSID because there are other means of determining your router's SSID. If a non-broadcast network is configured as preferred, the XP client will now probe for it every 60 seconds, in effect broadcasting the SSID of the network. Source: Microsoft Enterprise Networking Team, http://blogs.technet.com/b/networking/archive/2008/02/08/non-broadcast-wireless-ssids-why-hidden-wireless-networks-are-a-bad-idea.aspx. Windows 7 also warns you that you will be exposing your security of your network when you connect even if your network is not broadcasting. Why is this option even available to you? For more information on this topic, check out http://technet.microsoft.com/en-gb/library/bb726942.aspx. My advice, leave your SSID settings well alone. Go ahead and lock down your wireless settings with a WPA or WPA2 passphrase to keep honest people out. If someone really wanted to get into your network, they will succeed. It's only a matter of time before they figure out your passwords. More on that topic next time! Stay tuned...
Tim Go, MCITP, MCP, ACE