Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Most important layers in security setup
Message
<blockquote data-quote="Windows_Security" data-source="post: 785492" data-attributes="member: 50782"><p>My take, everybody to its own preference because mileage may vary under different PC usage and User habits:</p><p></p><p>1. Backups</p><p>With everything becoming digital, a DATA backup is a must and a IMAGE backup advisable</p><p></p><p>2. Updates</p><p>Quick updates are the easiest way to keep vulnability windows as small as possible: so update automatically</p><p></p><p>3. Disable what you don't need (Harden)</p><p>Rich content enriches the digital experiences. Sadly most nasty infections often arrive via rich content in seemingly normal documents delivered through downloads and mails. Because this malware uses build-in execution, most AV's have a hard time blocking this stuff, so better disable those security holes. Use free software Syshardener and DocumentsAntiExploit to close these building front-doors.</p><p>a) Think of all remote/shared access stuff on your PC. Close this door to your PC when you don't use external support</p><p>b) Think of all OS-related shells and script engines and all Office-related macro's-dde-add-on-active-X stuff which most home users don't use anyway.</p><p></p><p>4. Go beyond the default settings of your Anti-Virus</p><p>In our home PC's we use Windows Defender with the excellent freebie Configure Defender to enable advanced options of Windows Defender exploit protection and protected folders option. When you prefer another AV, visit their support forum to get an idea of the advanced options (how easy-hard they are to set and use).</p><p></p><p>5. Use what is already in the OS (Tweaks for advanced users)</p><p>Have a look at HardConfigurator or Simple Software restriction policies when you don't dare to tweak your system yourself.</p><p>a) UAC - deny elevation of unsigned programs</p><p>b) SRP - at least run as basic user (allowing admin to install stuff)</p><p>c) ACL - Access Control List - by adding a deny execute/traverse folder for Everyone on your documents/music/pictures/video and download folder, you are creating a zero-overhead deny execute with zero functional impact</p><p></p><p>6. Firewall</p><p>Learn how to use Windows firewall or use free third party like TinyWall or SimpleWall</p><p></p><p>7. Last but not least</p><p>Use a browser with build-in sandbox (edge-chrome-opera) when on Windows 10</p></blockquote><p></p>
[QUOTE="Windows_Security, post: 785492, member: 50782"] My take, everybody to its own preference because mileage may vary under different PC usage and User habits: 1. Backups With everything becoming digital, a DATA backup is a must and a IMAGE backup advisable 2. Updates Quick updates are the easiest way to keep vulnability windows as small as possible: so update automatically 3. Disable what you don't need (Harden) Rich content enriches the digital experiences. Sadly most nasty infections often arrive via rich content in seemingly normal documents delivered through downloads and mails. Because this malware uses build-in execution, most AV's have a hard time blocking this stuff, so better disable those security holes. Use free software Syshardener and DocumentsAntiExploit to close these building front-doors. a) Think of all remote/shared access stuff on your PC. Close this door to your PC when you don't use external support b) Think of all OS-related shells and script engines and all Office-related macro's-dde-add-on-active-X stuff which most home users don't use anyway. 4. Go beyond the default settings of your Anti-Virus In our home PC's we use Windows Defender with the excellent freebie Configure Defender to enable advanced options of Windows Defender exploit protection and protected folders option. When you prefer another AV, visit their support forum to get an idea of the advanced options (how easy-hard they are to set and use). 5. Use what is already in the OS (Tweaks for advanced users) Have a look at HardConfigurator or Simple Software restriction policies when you don't dare to tweak your system yourself. a) UAC - deny elevation of unsigned programs b) SRP - at least run as basic user (allowing admin to install stuff) c) ACL - Access Control List - by adding a deny execute/traverse folder for Everyone on your documents/music/pictures/video and download folder, you are creating a zero-overhead deny execute with zero functional impact 6. Firewall Learn how to use Windows firewall or use free third party like TinyWall or SimpleWall 7. Last but not least Use a browser with build-in sandbox (edge-chrome-opera) when on Windows 10 [/QUOTE]
Insert quotes…
Verification
Post reply
Top