Defensive Measures at User Application Layer
This is the third layer of the defense in depth model. The defensive measures that have to be taken at this layer are:
* Keep up-to-date security patches and update releases for Application software.
* Do not install programs from unknown origin
* Precautions with E-mail
* Chat clients
* Securing Web browser
Keep up-to-date security patch and update releases for Application Software
Just as new vulnerabilities appear regularly in the Operating System, so too they also appear in applications. Hence keeping applications patched is important.
In general, the announcement of new product vulnerabilities can be monitored by subscribing to one or more of the e-mail based free security alerting services. These services describe the latest vulnerabilities and generally indicate either how to get the required patch or the workaround pending a patch release.
Do not install programs of unknown origin
Installing programs of unknown origin exposes the user to the possibility of running malicious code. In general, programs to be installed should have been authored by company that is trusted and the download site should be a similarly trusted source.
Virus scanning of any such program prior to installation is always recommended. It is also recommended that user should not use pirated software’s, as these pirated software’s might install some kind of backdoors which can be used to hack the system as and when the hacker wants.
Precautions for Downloading Softwares
·Do not download the softwares through file sharing as they may contain some malicious softwares along with that.
·Do not download the software for which you have no license or not registered. There many sites which disturb the registered software by violating the license agreement and the users who download from these sites may get in to trouble.
·Download software only from a trusted website.
·Never download softwares through email attachment as most organizations does not send them via email attachment.
·Always maintain a backup of critical data of your system. This will help you to restore to original state in case something happened to your system while downloading.
·Though the software is downloaded from trusted site, scan the downloaded part, before installing it in to the system.
·Read the License agreement carefully before installing the software in to the system.
·Open the downloaded files after disconnecting from the web and scan with Anti virus software.
·Check the validity of the certificate and issuer of the certificate for a site from which the software is downloaded.