From the November 2005 issue of Entrepreneur

Ho-hum, another day, another critical Windows vulner-ability threatening to let some stranger enslave my PC and drain my bank account. What's on the menu today? Phishing? Pharming? Spyware? Maybe some new Trojan/worm soufflé?

We don't need terrifying statistics anymore to convince us the sky is falling. But here's another meteor on the noggin: Gartner Inc. reports that online bad guys stole an average of $900 from each of 3 million Americans in the past year. And that doesn't count the many PCs rendered useless by spyware.

Not that they'll find $900 in my bank account, but I long ago succumbed to fear, uncertainty and doubt. I scan for bugs more often than Monk's Tony Shalhoub washes his hands. When was your PC's last good scrubbing?

Certainly, you don't want to browse the web these days without the kind of broad protection you get from the just-updated Norton, PC-cillin or Zone-Alarm suites. An unprotected machine on the net can be infected in less than 15 minutes. Still, surveys show that a third of consumers browse without security, and 60 percent of wireless business networks are unencrypted. And they call me crazy.

None of these programs can guarantee your safety, but their out-of-the-box settings should protect against 99 percent of known threats and their variants. The caveat is necessary because bad guys have proved remarkably clever at finding ways to exploit Windows.

I'll never understand why Microsoft doesn't spend whatever amount to uncover Windows holes itself, but it seems content to let security companies find them and hope we all download patches before hackers release their exploits. The trouble is, having figured out how to turn spam, spyware and botnets into cash, hackers keep stepping up the pace. With all the time I waste on security, I can still wake up to a warning that "critical security problems" will kill my PC if I don't download another 6MB worth of "high priority" OS patches from Windows Update.

Hide in Plain Sight
Luckily, I don't depend on Microsoft. Norton, PC-cillin and ZoneAlarm have secured my various PCs against just such emergencies for years. To be honest, I'd rather they all ran ZoneAlarm (the favorite of propellerheads). But then, I couldn't testify to the efficacy of PC-cillin and Norton, both of which have unique appeal for other types of users.

The main thing is that they all work; all are good implementations of the latest tools--from firewalls to local network management to virus, spyware, spam and phishing blockers. All will spot and block an old con with a bad facelift and give Microsoft time to slap another Band-Aid on Windows.

The idea is to hide in the middle of the herd and keep an eye on the tall grass since hackers, like lions, don't like to work hard for lunch. The firewalls in these suites cloak your PC's 65,000-plus ports, making them invisible to the predatory bots that methodically probe IP addresses for open doors.

Of course, you have to keep some ports open for e-mail and other legitimate network traffic, so these suites also scrupulously inspect everything coming and going. That's a much bigger job these days than just checking e-mail attachments.

Pieces of today's blended threats can piggyback onto a legitimate file download or arrive at different times in ActiveX or Java code. They can dress up like a component of some popular program, or hide deep in the registry or other system files. A web bug in an HTML e-mail or a link in an IM might just be a test of your physical or psychological defenses.

Security software can't simply delete everything it knows to be harmful or annoying anymore. You may have agreed to that browser toolbar or be willing to accept pop-up ads as the price for that MP3 downloader. Instead, today's suites monitor all PC activity for suspicious behavior like keystroke logging, and then ask your preferences--at least on the first instance.

Besides being a first-rate bug hunter, ZoneAlarm offers the ultimate in situa-tional tweaks--you can block VBScript but not ActiveX from this website, do the reverse for the next. If you don't want to get that involved, Norton offers just as much protection delivered in more easily understood generalities. Even the slimmed-down 2006 version, though, requires the kind of processor and memory usually found only in newer PCs. PC-cillin is neither detailed nor suave, but it's quick, effective and small enough for even outdated PCs.

Any of these will protect you for $50 to $70, but none can operate without your involvement anymore. Users often complain about all the scanning and pop-up alerts, but it's just a different world. All that broadband and wireless networking, instant messaging and cell phone calling, all those portable devices making us more productive--they also mean greater exposure for your enterprise.

You don't have to get as crazy as I am about security. On the other hand, just because we're paranoid doesn't mean everyone isn't out to get us, right?

Grab Your Security Blanket
Norton Internet Security 2006

  • Pros: Plain-language interface aggregates everyday security tasks in a new Norton Protection Center; suggests system setting improvements
  • Cons: Still demands more processor speed and memory than many PCs have to give

PC-cillin Internet Security 2005

  • Pros: Smart, nimble, compact enough for old PCs, extras like Wi-Fi network detection
  • Cons: Nice features hidden beneath a somewhat clumsy interface

ZoneAlarm Security Suite 6.0

  • Pros: Small, quick, extremely customizable with superior protection right down to Windows' kernel
  • Cons: Pops up a lot of alerts while it learns your preferences

Mike Hogan is Entrepreneur's technology editor.