Monday, January 23, 2012

Windows Desktop Security 101

Windows Desktop Security 101
If you ask around, what need to have in order for you to secure your laptop or desktop. The first answer they will said will be install antivirus. But they are not wrong as mostly what they see more is virus or malware. As for security administrator we know what antivirus really do which is only scan the system files whether it is tamper by other software. Below will be some of the best practices you can apply and train your users. Although you may think this is a simple task, but from the attacker point of view this is an opportunity. Let me side you an example, if in a company you have 11 server and 500 desktop. Just imagine you don't have a proper security for the 500 desktop. what would be the likelihood the computer compromised and get access into your server. The most standard practices will be :
  • Always login to your machine with a non admin users  and when you need to run a program with admin rights just do a right click and select “run this program as…” and select admin. In Windows Vista/7 turn UAC on to maximum. It might be annoying, but you don’t install programs so often, do you?
  • Disable autorun (which is one of the most used sources of spreading viruses especially for worms)
  • Enable screensaver
  • Use only trusted sources (e.g. USB drive)

No comments:

Post a Comment