Perhaps the hardest problem in all of security is resisting the urge to download and install untrusted software. The Internet is full of programs that can pose security problems, from peer-to-peer and file sharing services that are full of spyware and worse, to virus and Trojan horses that corrupt your data or offer attackers a wide-open back door into your system. And then there are programs that are simply poorly coded, or that haven't...
been fully tested. These can accidentally overwrite your data or corrupt Windows .dll, system files or even the registry.
Despite all these risks, you may have users who really, really want to install some games, or a screensaver with dancing babies, or that Tiny Elvis animated icon. Or perhaps, if you're running a system in a home office, your kids need a system they can use to learn, but you can't afford to have your computer down because you need access to your accounting software or email.
One solution for the home office is to dual-boot your machine. Often you may run a professional version of Windows, like Windows 2000 Pro for home-office applications, and install Windows 98 on a second hard drive for better game support. The problem is, that unless you've formatted the Windows 2000 hard drive volume with NTFS, a malicious program in Windows98 can still see the data. NTFS will provide some protection that may be adequate, but it is still theoretically possible to access the 2nd hard drive because it is still connected to the system and powered on.
A better solution is a removable disk drawer. This device lets you swap IDE or SCSI hard drives (even ATA100/133) without having to open the case and diddle with cables every time you want to switch OS. It usually takes a 5 1/4" bay on the front of your computer's case. In this way, you can remove the drive with sensitive data or professional applications on it, when someone else is using the computer. In an office setting, you can have separate drives for different users of the same computer. And if you're operating in an environment with classified information, then you can remove the drive and lock it in a safe for security overnight.
Using this device, which you can get for $16 for basic functionality and $40 with LCDs, bells and whistles (enter "removable drive drawers" in your favorite search engine), you can not only protect your data from attackers on the network, but it makes it very easy for you to secure it physically as well.
Thomas Alexander Lancaster IV is a consultant and author with over ten years experience in the networking industry, focused on Internet infrastructure.