Review saved passwords and form data in Internet Explorer By default, all versions of Internet Explorer offer to save form data, user names, and passwords for Web sites you visit. This saved information can unintentionally reveal information about you, such as searches you've made, and can allow unauthorized users to access password-protected Web sites that contain confidential information about you. Your browser's history can also divulge sites you've visited. Read Covering Your Tracks, to learn how to configure these features to match your preferences and how to eliminate any stored information.

Obtain a personal certificate for signing and encrypting e-mail Electronic mail is not secure. If you routinely send and receive sensitive mail, consider purchasing and installing a personal digital certificate from a certification authority such as VeriSign or Thawte Technologies. This option allows you to digitally sign and encrypt messages so that they can't be read or tampered with by anyone who intercepts the traffic. We provide full instructions (and a number of important cautions) in Chapters 4 and 9; see Obtaining a Personal Certificate, and Protecting E-Mail from Prying Eyes.

Restrict executable file attachments in e-mail The overwhelming majority of viruses that attack Windows arrive via e-mail. Recent versions of Microsoft Outlook (a component of Microsoft Office) and Outlook Express 6 restrict a user's ability to view, save, or execute file attachments whose extensions are on a restricted list. These features are controversial, and their implementation varies widely, depending on the specific e-mail client you use. In Outlook 2002, for instance, certain file types are automatically blocked, and the user cannot disable or tweak this setting. In Outlook Express, by contrast, the option to block dangerous attachments is turned off by default, as shown here. We explain your options fully in Blocking Dangerous Attachments.


Set up virtual private network connections for remote access If you need to allow remote access to a computer on your network, set up a VPN connection, restrict it to only those users who need access, and protect those accounts with strong passwords. VPN connections encrypt traffic over the Internet and provide dramatically better security than other remote access options. For Windows 2000, the complete set of steps is described in Knowledge Base article Q257333, "How to Configure Windows 2000 Professional to Windows 2000 Professional Virtual Private Network Connections." In Windows XP, you can use the Create A New Connection Wizard in the Network Connections folder to quickly create a VPN connection. To explore VPN connections in depth, read Setting Up a Virtual Private Network.

Set up encryption for wireless networks Do you have a wireless network? Unlike conventional wired networks, wireless networks add security risks. Unless you take special precautions, anyone who roams into the range of your wireless access point can intercept network traffic and potentially break into any computer on the network. You have a number of configuration options; we explain how to tighten wireless security in Chapter 16, "Wireless Networking and Remote Access."