When it comes to information security there is no silver bullet to stop attackers from infiltrating your firm. The “defense-in-depth” approach to information security is simple: add many layers of protection between yourself and the outside world. Hardening your computer is exactly what it sounds like, adding security measures to increase the difficulty of an attacker compromising your system. Below you will find a checklist of system hardening best practices, each of these are easy to implement and are critical in protecting your computer.
- Virus and Spyware Protection – Antivirus and malware/spyware software should be installed and set to receive updates regularly. Malicious attacks change on a daily basis, antivirus software that does not receive virus definition updates is practically the same as having no protection at all. In fact, we recommend moving away from traditional antivirus software to a next-generation endpoint protection solution like that offered by SentinelOne.
- User Account Control – User account control is one of the most annoying features on a Windows computer, but also one of the most valuable. User account control requires user intervention before giving an application administrator privileges to your PC. This is highly effective in stopping malware and other malicious software from installing itself on your computer.
- Windows Updates – Operating systems must be patched regularly in order to be secure. For most workstations, letting Windows automatically download and apply updates is sufficient. Machines will have to be periodically rebooted to apply updates. This should be done on at least a weekly basis.
- Application Updates – Keeping your applications up to date is critical – hackers exploit software vulnerabilities just as easily as operating system vulnerabilities. Most applications release security updates regularly; ensuring you have the latest versions is especially important for high-risk applications, such as Java, Adobe, and QuickTime.
- Remove Unused Software – Each application installed on your PC opens another vulnerability to the outside world. A good rule of thumb is if you don’t use it, uninstall it. Free applications are notorious for bundling bloatware into their installs. Be careful what you download and install.
- Firewall – Enabling a software firewall such as the Windows firewall will greatly secure your workstation from outside threats. Windows firewall will filter incoming traffic and block unknown connections that you don’t specifically allow.
- Passwords – A workstation that anyone can access is not a secure PC. Use a strong password or passphrase to help protect the integrity of your workstation. Do not write this password on a sticky note and leave it under the keyboard.
Need help hardening your law firm or business' workstations? Get a free cybersecurity consultation.