Results 1 to 1 of 1

Thread: Security Tips

  1. #1
    Administrator Lloyd_mcse's Avatar
    Join Date
    Jun 2008
    Location
    Sudbury, Suffolk
    Posts
    2,911

    Default Security Tips

    I thought I would create a thread with some security tips to help keep you and your data safe.

    1. Make sure Windows is up to date.
    Ensure you install Windows updates as soon as they are available or your system tells you they are available.
    Planned updates are available on Tuesdays 1700 GMT

    2. Use a full "Internet Security" package
    Using just an Antivirus and Windows Firewall is no longer enough, a full suite with a firewall is a must.
    I recommend Norton Internet Security at the moment.

    3. Use a secondary Malware scanner for weekly or monthly scans
    A second opinion is always a good idea, I recommend Malwarebytes as a secondary scanner.
    It's designed to run along side your main security suite, and comes in two flavours; free and Pro.
    Pro comes with scheduling and always on protection, both will remove just about everything.

    4. Remove Java, or at the very least disable in browsers.
    A massive target for malware

    5. Make sure Adobe Flash is up to date
    Another target for malware.

    6. Open pdf's from unknown locations in protected view.
    In Adobe Reader or Acrobat go to Edit -> Preferences -> Security (Enhanced) -> and tick Protected View for files from potentially unsafe locations.

    7. Use an Ad Blocker/NoScript/DoNotTrackMe
    Advertising syndicates often get compromised making usually safe websites unsafe.

    8. Enable HTTPS where available.
    On sites like Facebook, Twitter and Outlook.com you can force HTTPS connections, making sure you are logging into the real site.

    9. Data Encryption
    Encrypt your data, probably the easiest way to do this is use BitLocker with Password at boot.

    10. Use secure mail server ports
    Always use secure ports (ISP/Mail Provider dependent) for logging onto mail servers. Secure ports are usually
    POP 995
    IMAP 993
    SMTP 587 TLS

    11. Digitally sign and encrypt your mail (S/MIME)
    You can buy a Digital Id for less than 20, VeriSign are $19 and COMODO about the same.
    Or you can get a free Digital ID from InstantSSL, who now do up to 4096bit keys.

    12. Digitally Sign and Encrypt your email (PGP)
    The free alternative to Digital ID's, is PGP. Sign and Encrypt your email, after creating your own PGP Key.
    You'll need some additional software for Windows - GPG4Win

    13. Install Microsoft's Enhanced Mitigation Experience Toolkit (EMET)
    The Enhanced Mitigation Experience Toolkit (EMET) helps raise the bar against attackers gaining access to computer systems. EMET anticipates the most common actions and techniques adversaries might use in compromising a computer, and helps protect by diverting, terminating, blocking, and invalidating those actions and techniques. EMET helps protect your computer systems even before new and undiscovered threats are formally addressed by security updates and antimalware software. EMET benefits enterprises and all computer users by helping to protect against security threats and breaches that can disrupt businesses and daily lives. Download

    I will add more when I get chance.
    Last edited by Lloyd_mcse; 15-02-2016 at 11:54.

    Main PC : Intel i9-9900K | ASUS Maximus XI Hero | 32GB Corsair Vengeance LPX 3000MHz | ASUS GTX 1060 OC 6GB Expedition | 1x Samsung 850 Pro 512GB | 2x WD 1TB Black | ASUS STRIX SOAR | Coolermaster CM 690 II USB 3.0 | Corsair AX860i Digital | Corsair H100i PRO

    | Windows 10 Professional x64 |
    | Full PC List |


Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •