Recent changes
Aug 17, 2020
Device priority
Work device
Operating system
Sign-in account
Sign in with Microsoft ID
Log-in security
    • Windows Hello PIN
Account permissions
Administrator account
Security updates
Automatically allow security updates only
Windows UAC
Always notify
Malware samples
No - Malware samples are not purposely downloaded
Real-time Malware protection
  1. Microsoft Defender
  2. Comodo Firewall
Firewall protection
Microsoft Defender Firewall
RTP configuration
Microsoft Defender:
  1. Configure Defender at High Settings
  2. Hard_Configurator using Windows_10_MT_Windows_Security_hardening profile.
  3. Firewall Hardening using recommended values
  4. Run by Smartscreen installed
Comodo Firewall
  1. Using Cruel Sister settings
  2. Chrome and Firefox Sandboxed (Sandboxing Edge causes errors)
Periodic scanners
Malwarebytes Free (On Demand)
Hitman Pro Free (On Demand)
Kaspersky Virus Removal tool (Monthly)
VPN and Privacy
Adguard Extension configured with additional rules from here and here.
Browser(s) and Add-ons
Secure: Edge Browser using a modified banking profile based on this thread with enabled Flags and anti-exploit settings.
  1. Adguard Extension with additional rules from here and here.

Main : Chrome
  1. Birdefender TrafficLight
  2. Netcraft Extension
  3. Adguard extension
  4. Microsoft Defender Browser Protection
Backup: Firefox
  1. Birdefender TrafficLight
  2. Netcraft Extension
  3. Adguard extension
Edge is used to access banking and government related sites. Chrome is used for regular browsing and Firefox is used for backup. Both Firefox nd Chrome are sandboxed by Comodo based on Cruel Sister's guide.
Maintenance tools
  • Windows Disk Cleaner
  • PatchmyPC
  • Revo Uninstaller Free
Photos and Files backup
Onedrive
File backup schedule
Changes are automatically sync'd to my cloud storage provider
Backup and rollback
Aomei Backupper
Backup schedule
Manually managed on a monthly basis
Activity usage
  1. Financial and sensitive documents
  2. Generic web browsing
  3. Working from home
Computer hardware
13" Macbook Pro (early 2015 model)
  • CPU: Intel Core i5-5257U.
  • GPU: Intel Iris Graphics 6100.
  • Storage: 256GB SSD.
  • RAM: 8GB
Your changelog
17 August
  • Changed Hitman Pro scans from Daily to Ondemand.
  • Changed Malwarebytes scans from Weekly to Ondemand.

nefty1029

Level 1
Here is the configuration for my work laptop. Compared to my main laptop, my work laptop is much more locked down and with minimal software installations. The only other major software installed that is Office 365.
This is mainly used to type documents and edit spreadsheets, as well as access banking and government related websites.
I have also made a standard user account just in case my family wants to use the PC.
 

security123

Level 28
Verified
"Hitman Pro Free (Daily)"
With your setup this isn't needed. Same for weekly scans.

"Secure: Edge Browser using a modified banking profile based on this thread with enabled Flags and anti-exploit settings."
(y) :emoji_beer:
With the profile based Edge setup you don't need other browsers ;)

"KeePass XC"
Under Windows I recommend the original KeePass which is audited and provide secure desktop mode and plugins like for Windows Hello
 

nefty1029

Level 1
"Hitman Pro Free (Daily)"
With your setup this isn't needed. Same for weekly scans.
Changed Hitman Pro scanning from daily to ondemand. Same with Malwarebytes.
"Secure: Edge Browser using a modified banking profile based on this thread with enabled Flags and anti-exploit settings."
(y) :emoji_beer:
With the profile based Edge setup you don't need other browsers ;)
True but I like separate my work from casual browsing and having a different browser is much easier for me than using multiple Edge profiles.

"KeePass XC"
Under Windows I recommend the original KeePass which is audited and provide secure desktop mode and plugins like for Windows Hello
I actually used Keepass for some time before importing my database to KeepassXC. I still prefer the UI of KeepassXC.