Each year, consumers and businesses spend a considerable amount on security-oriented software and/or services. As January approaches, and with it the end of the fiscal year (not to mention lowered bank balances and exhausted budgets due in part to a spate of December gift-giving), it’s easy to find oneself or one’s business a bit short on funds. Fortunately, you don’t necessarily need to spend money for top-notch security software. If you resolve to stay secure in the New Year, here are a half-dozen no-cost ways to do it.

Go Gratis for Anti-Virus/Anti-Malware

You’d be a little crazy to go without anti-virus software these days, but it’s almost as crazy to shell out every year for an anti-virus subscription when there so many good free AV programs available.

Case in point: Microsoft’s own Microsoft Security Essentials has acquitted itself well since its launch over a year ago, and notably, it was recently made available for use by small businesses with up to 10 PCs. But MSE isn’t the only free anti-virus utility in town—there are other good options, such as the free versions of “the A List”-- Avast, AVG, andAvira. And if you’re dealing with a system that’s already become infected, you’d do well to check out Malwarebytes.

Encrypt Your Data

If you have sensitive data on a system—particularly one easily lost or stolen like a laptop—don’t count on something like an operating system password to keep it from prying eyes. To really protect your data, you need to encrypt it.

TrueCrypt, available for Windows, Mac, and Linux, can create an encrypted storage container disguised as an ordinary file and can encrypt whole entire disk partitions or drives, including USB drives and those that have an operating system installed. And on a modern PC, there’s no perceptible performance penalty.

Start Using Real Passwords

Far too often people use the same easy-to-guess password for countless sites around the Internet because the secure approach--coming up with strong and unique passwords for each site you frequent-- requires considerable effort (to say nothing of trying to remember them all). If this sounds familiar, getting a password manager will increase your security without doing the same to your workload.

Roboform and LastPass are two excellent password managers - both can generate complex passwords and use them to automatically log you into sites, allowing you to remember a single master password instead of a stack of them. Roboform stores your passwords locally or online, and is available for Windows systems, as an IE, Firefox, or Chrome plug-in, in a portable version for USB storage devices, and in iPhone and Android versions, all for free. LastPass, which is advertising-supported and offers only cloud-based password storage, works with all these platforms, plus several more--including the Opera and Safari browsers-- but requires you to ante up $12 annually to use any of the mobile versions (this also banishes the ads).

Keep Your Software Patched

Out-of-date software can be a major potential source of infections (particularly when it comes to certain ubiquitous programs, such as Adobe Reader, Adobe Flash, and the Java runtime). But if you’re like most, the amount of time you spend checking for and applying updates ranges from nil to none, and even if you are inclined to check for and apply updates regularly, it’s not always obvious whether a given update addresses a security problem or just adds new features you don’t really need.

Secunia Personal Software Inspector (PSI) (for Windows) can save some time and guesswork when it comes to finding and obtaining security-related updates. It scans your operating system and installed applications for known vulnerabilities (Secunia says its database covers thousands of programs), and if it finds any, provides links to the appropriate security patches.




Secunia Personal Software Inspector (PSI)


Switch Your DNS

A great way to boost your protection against phishing and other kinds of malicious Web sites is to ditch your ISP’s DNS service and go with an alternative DNS that will automatically check the sites you visit against a database of those known to be dangerous or questionable.

Sunbelt Software’s ClearCloud is one such option, while another good choice is OpenDNS, which adds a content filtering feature to boot. Both services are free (though OpenDNS does offer several paid upgrade versions for home and business users) and getting them set up is as easy as a making a quick adjustment to a router’s (or PC’s) DNS configuration. ClearCloud’s DNS server address is 74.118.212.1, while OpenDNS uses 208.67.222.222 and 208.67.220.220.

Go Virtual

If you frequently visit sketchy Web sites and/or download software of unknown or questionable origin, you’re really rolling the dice no matter what kinds of protection you may have in place. But you can keep any nasty stuff you may stumble across at bay and isolated from your everyday system by confining your riskier activities to an expendable virtual machine.

Oracle’s VirtualBox is a free, open source virtualization software that‘s available for Windows, Mac, and various flavors of Linux, and can run most versions of those same operating systems as a separate “guest” OS. If you have Windows 7 Professional or Ultimate, another option is to take advantage of Windows XP Mode, which is ostensibly for running older software on the newer OS, but works just as well as an isolated browsing environment. Though XP Mode limits you to running Windows XP as the guest OS, it has the benefit of including a licensed and pre-configured copy of the operating system, saving you the trouble of having to install it from scratch.

Joseph Moran is a veteran technology writer and co-author of Getting StartED with Windows 7 from Friends of Ed.

Keep up with browser security news – Follow eSecurityPlanet on Twitter: @eSecurityP.