SECURE: Basic Shmu26 Config in 2018

Most recent changes
Aug 13, 2018
Operating System
Windows 10
Windows Edition
Pro
Build
April Update (1803 Redstone 4)
System type
64-bit OS
Security Updates
Automatic Updates - All security and feature updates
User Access Control
Always Notify - For App installs, Modify system & User settings
Device Firewall
Windows Firewall - Network security provided by Microsoft
Device Security
Windows Defender SmartScreen
User Account
Administrator - User has complete control over the device
Recent Security Incidents
No malware or privacy issues
Malware Testing
No Malware on host PC or VM
Real-time Web & Malware Protection
Windows Defender with Attack surface reduction (ConfigureDefender)
Software Restriction Policy (Hard_Configurator)
Security Protection settings
Custom - Major changes for Increased Security
Virus and Malware Removal Tools
Emsisoft Emergency Kit
Browsers and Extensions
Chrome
Web Privacy
uBlock Origin w/added filters, uBlock Origin Extra, Netcraft
Password Management
LastPass
Default Web Search
Google
System Utilities collection
Windows Disk Cleanup
CCleaner
DriverStoreExplorer
PatchCleaner
Personal data Backup
Dropbox
OneDrive
Intervals between Personal data backups
Always-on Sync
Disk Imaging Backup
Macrium Reflect Home
Intervals between System Image backups
Regularly
Joined
Oct 16, 2015
Messages
908
OS
Windows 10
Antivirus
Comodo
#3
Great security configuration.

The only note I would like to make is for you to try to use a physically separate computer to run your virtual machines on, for maximum security, or even use a separate subnet for the virtual machines, to avoid contact with your main productive PC altogether.

You obviously have backup images covered as well, so... I guess I cannot recommend anything else. :D

Thanks for sharing your new config. :p
 

Parsh

Level 24
Trusted
AV-Tester
Joined
Dec 27, 2016
Messages
1,326
OS
Windows 10
Antivirus
Default-Deny
#19
That's a pretty no-nonsense setup. Total coverage :)
I hope I get to try reHIPS sometime!

By curiosity , what ERP will cover that KIS won't? (I don't know much of KIS because i don't like it ^^)
Why dislike KIS :/
Is it the alerts or something else? I am aware of your lockdown approach :) but you said you dislike a particular AV solution, that triggered my curiosity.
In terms of standard AV solutions, it goes well beyond. I'll rate it in top two any time based on the features and protection.. my learning.
but you can still enables those alerts no?
KIS, by default, "disables" HIPS (the traditional alerts).
Yes we can enable..And when enabled, it showers with notifications right :D
Most of the times, looking at the application, I'll either "Trust the application" so that that sub-application/application related popups in the sequence are minimized. If it is not exactly trustable, I'll either respond to each (popups except during installations are quite less comparatively) or will trust the sequence for skipping its recurrence.

If at all the concerned app is risky and I allow some initial actions, the System Watcher+other restrictions+ZETA approach of Kaspersky (and my complementary protections) should further do the guarding.
 

_CyberGhosT_

Level 52
Trusted
Joined
Aug 2, 2015
Messages
4,180
OS
Linux Mint
Antivirus
Default-Deny
#20
Forgot your password?