Introduction This presentation will guide you through basic security principles for Windows XP
NTFS Use NTFS for all your partitions FAT16/FAT32 offer no data security and leave the volume open to attack. NTFS is faster and allows permissions to be set for a single to multiple files. NTFS allows you to encrypt your files. If you are unsure what type of partition you currently have then open My Computer, right click on the volume/drive and select Properties. If the drive is FAT then you can convert the volume by going here. ConvertFatToNTFSConvertFatToNTFS
Passwords Use passwords on all your accounts. Windows XP allows you log on to your computer without a password. BLANK PASSWORDS ARE BAD! Be sure to assign a password to the Administrator account. To do this see the tutorial titled Managing Groups and Users By default in XP Home Edition all new users are administrators. This is a bad practice, change this as soon as you create a new user. There should be only one administrator.
Simple File Sharing XP Pro and Home Edition both come with Simple File Sharing on if they are not part of a domain (this is default) Any attempt to access the computer across a network will force the use of the Guest account. This will allow just about anyone to access your shared folders and files. This primarily affects Home Edition because you cannot disable this option and this edition will not allow you to join a domain. If you own Home Edition then be sure to set your shared folders to read-only and hide the shares by using a $ sign after the share name. See next for illustration.
Simple File Sharing cont… If your using the NTFS file system then use the Make Private option in the folder properties. By disabling Simple File Sharing any user that tries to access the folder will have to authenticate themselves first.
Administrative Group If I had a nickel….. It is far too common to see home and business users applying the administrative privileges to local accounts. Not only does this give users the ability to alter other users accounts, but it also gives hackers more opportunity to compromise your system. Do not use the administrator group as your default login account, instead try using the power user group.
Use a Firewall Originally, Windows had the firewall off by default but now, with service pack 2, it is on by default. If you do not have service pack 2 or you want to know how to turn on the firewall go to Windows firewallfirewall
ANTIVIRUS Software Virus have been around now for decades, please defend your computer and install antivirus software. Most major brands will protect you from malicious code. If you would like a free version, I recommend AVG from Grisoft.AVG from Grisoft Be sure that you update you antivirus definitions daily. Most software gives you the option to automatically update at a time/date of your choosing.
Windows Updates Do them! Windows is a complex program that continually requires updates and fixes. By not completing your updates, you give hackers an opportunity to compromise your computer. As of Service Pack 2 Microsoft Updates are automatic, but be sure that they are being done.
Windows Updates cont… To check if your updates are being done right-click My Computer and select properties. Choose the Automatic Updates tab. Select the Automatic (recommended) radio button. And choose a daily time for Windows to check for updates. If you are using Windows 2000 the Automatic updates can be found under the control panel.
Your Screen Saver Be sure that your screen saver is password protected. This will prevent against an internal threat using your machine while you are away from your system. You should get into the habit of locking your workstation every time you are away from it. A keyboard shortcut to do this is press the windows key (to the left of the Alt key on the left hand side of the keyboard) in combination with the L key. Windows Key + L
Secure your Backups! Keep your backups locked up and away from the workstations. Your best solution is to keep your backups offsite. This way if a fire destroys your work area, your backups will be safe in another location. For added security encrypt the contents of your backups.
Wireless networks Unfortunately, wireless security is a huge topic that goes beyond the scope of this tutorial. To determine how to secure your wireless access point read the manufactures user manual and visit this pagepage
Lastly Use alphanumeric for all passwords. A4rdable is much harder to crack than 246810. Please, do not use post-it notes to tape your password to your monitor!
Thank you! To contact us, please visit our web site at http://sdg.cllrnet.ca http://sdg.cllrnet.ca or call us at 519.661.2111 x 88995