Securing Your Computer

From GIS CS4
Jump to: navigation, search

Securing Your Computer

Securing Windows

WINDOWS XP IS DANGEROUS!


Admin vs Normal User


Configure restrictive Windows Policies to stop malware from running

  • Install CryptoPrevent (free)
    • Corporate PC policies automatically apply such restrictive policies. Unfortunately domestic/home computers are left fully open by default.


Run Anti-Virus Software

  • Any is better than none - Microsoft's free Security Essentials is excellent!
  • Whatever AV you have, make sure you update daily


Latest Update

  • Install latest Windows updates monthly
    • Microsoft normally update all Windows computers on the 2nd Tuesday of each month. Make sure you update!
  • Uninstall any software you do not really need
    • JAVA - do you need this?
    • FLASH - do you need this? Google Chrome provides own version of FLASH

Install latest updates for any software you use

    • JAVA
    • FLASH
    • etc


Securing Mac OS X

Admin vs Normal User

  • Create a new Admin user (with password)
  • Logout, and log in as this new Admin user
  • Change your user to be a normal user
  • Reboot - login as your (now Normal) user


Latest Updates

  • Install latest Mac/Apple OS X updates when they appear
  • Uninstall any software you do not really need
    • JAVA - do you need this?
    • FLASH - do you need this? Google Chrome provides own version of FLASH

Install latest updates for any software you use

    • JAVA
    • FLASH
    • etc


Securing Your Mobile Device

Android

  • Should be considered compromised
    • Do NOT store sensitive information - especially banking
  • Apply Latest Updates
  • DO NOT JAIL-BREAK
    • JAIL-BREAK = COMPROMISED


iOS

  • DO NOT JAIL-BREAK
    • JAIL-BREAK = COMPROMISED
  • Apply Latest Updates
  • Fully updated iOS device is considered most secure of all current platforms
    • Out-of-date should be considered insecure


Secure Networking

  • Cannot always trust DNS provided by local network
    • ALWAYS use either
      • OpenDNS - 208.67.222.222 208.67.220.220
        • OpenDNS protects you from malicious sites
      • Google DNS - 8.8.8.8 8.8.4.4
    • Make Sure DNS queries cannot be intercepted


3rd Party Software

  • Avoid downloading random software 'just to try it out'
  • If you DO wish to experiment, do so in Virtual Machine

USB Memory Sticks

  • NEVER touch a USB memory stick you do not know 100% where it came from
    • Found memory sticks - throw away/destroy


Compartmentalisation

  • Keep as much of your computer network separate
    • Separate WIFI for you and guests
    • Backups NOT on local computer


Backup

  • Backup EVERYTHING important
    • Off-Site backup


Securing Web Browser

Web Browsers are now very much like operating systems - you need to protect them just as much as the host Windows/Mac/Linux computer.


Secure Banking

  • Reboot into different Operating System
    • Dual Boot computer
    • Linux on USB/CD/DVD
  • Use different web browser to normal web surfing
  • Make SURE HTTPS is always displayed in URL - otherwise Man-In-The-Middle attack