Basic Security Cardenas' Security Configuration 2022

Last updated
Feb 1, 2022
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
Log-in security
Security updates
Allow security updates
User Access Control
Always notify
Smart App Control
Network firewall
Real-time security
Windows Security
Sophos Home
Glasswire
Firewall security
Microsoft Defender Firewall
About custom security
Windows Security: Periodic Scanning enabled
Glasswire: VirusTotal integration enabled
Periodic malware scanners
Emsisoft Emergency Kit
Malware sample testing
I do not participate in malware testing
Browser(s) and extensions
Browser: Brave
Search: Bing
Extensions:
- Microsoft Defender Browser Protection
- Adguard
- Adguard VPN
- Keeper
- Several cryptocurrency related extensions
- Honey

All data except cookies is deleted when browser is closed.
Secure DNS
Adguard DNS
Desktop VPN
ProtonVPN (OS)
Adguard VPN (Browser)
Password manager
Keeper
Maintenance tools
None
File and Photo backup
OneDrive
Cryptomator
ProtonDrive (Backup of OneDrive)

All data is automatically stored on OneDrive. Important data is encrypted with Cryptomator and stored on OneDrive. OneDrive data is backed up to ProtonDrive.
System recovery
None.

Device and OS is setup that device recovery is unnecessary. In such event, important data is already backed up or a clean install of Windows would be done.
Risk factors
    • Working from home
    • Browsing to popular websites
    • Browsing to unknown / untrusted / shady sites
    • Opening email attachments
    • Buying from online stores, entering banks card details
    • Logging into my bank account
    • Downloading software and files from reputable sites
    • Sharing and receiving files and torrents
    • Gaming
    • Streaming audio/video content from trusted sites or paid subscriptions
    • Streaming audio/video content from shady sites
Computer specs
Custom built PC
- AMD Ryzen 9 5900X
- ASUS ROG GeForce RTX 3090 STRIX
- G.Skill 64GB RAM (4x16GB, 3600Mhz, Cas Latency: 16)
- 1TB Samsung 980 Pro SSD (Windows/Boot)
- 2TB Western Digital Black SN850 SSD (Games)
- Two 4TB Western Digital Black HDD's (Unused)

Full computer specifications listed here.
Notable changes
03/16/22 - Changed UAC setting from "Default" to "Maximum"
What I'm looking for?

Looking for medium feedback.

cardenas

Level 1
Thread author
Verified
May 20, 2019
15
Security configuration for my main desktop PC.

My laptop, living room PC, and travel PC are all setup similarly other than a different VPN on each device. My significant other's PC needs to be modified. She doesn't really use her PC as she owns a MacBook Air. May replace her PC with a Mac Mini.

Laptop: MSI GS66 (Specifications)
- Windscribe VPN
- Glasswire isn't installed due to battery life

Living Room PC: Custom Built PC (Specifications)
- IVPN
- Also used as a PLEX server

Travel PC: Custom Built ITX PC (Specifications)
- Windscribe VPN

Significant Other PC: Custom Built PC (Specifications)
- Windscribe VPN
- Glasswire isn't installed
- Potentially need to setup with standard user access

Experimental/Learning PC: Raspberry Pi 4 (4GB RAM, 256GB SSD)
- Kali Linux OS
 

Gandalf_The_Grey

Level 79
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,859
Phew… Not the only one using Sophos Home anymore. :sneaky:

Also, a long time ago a wise wizard by the name of @Gandalf_The_Grey told me not to use the Honey extension: Advanced Plus Security - SecureKongo's Computer Security Config 2022
The wise wizard also tells people to set UAC to always notify to prevent bypasses:
Gebert's straightforward mitigation advice to prevent UAC bypass attacks is setting UAC to "Always Notify." Doing so will always show the user UAC prompts before high-risk applications are executed.

And our Spanish wizard @harlan4096 tell people that a full device backup can save you precious time when recovering from user, Windows, or hardware failures.
 

cardenas

Level 1
Thread author
Verified
May 20, 2019
15
Phew… Not the only one using Sophos Home anymore. :sneaky:

Also, a long time ago a wise wizard by the name of @Gandalf_The_Grey told me not to use the Honey extension: Advanced Plus Security - SecureKongo's Computer Security Config 2022
I read the article, thought about removing Honey; decided to keep using the extension. Most of the issues brought up in the article deal with privacy concerns or "what-if" security vulnerabilities. Honey is owned by PayPal which is a service I also use, so the privacy issues don't really concern me. The security implications of using Honey don't seem as something to worry about either.
The wise wizard also tells people to set UAC to always notify to prevent bypasses:


And our Spanish wizard @harlan4096 tell people that a full device backup can save you precious time when recovering from user, Windows, or hardware failures.
Changed the UAC setting from "Default" to "Maximum." Thanks.

A full device backup would be redundant for me. I perform a clean install whenever there is an issue with Windows.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top