The desktop computer is the heart of business. It is, after all, where business gets done. But so much effort goes into securing our servers (and with good reason), that often the desktops are overlooked. That does not need to be the case. Outside your standard antivirus/anti-malware/firewall, there are ways of securing desktops that many users and techs might not think about. Let’s take a look.
Although many updates occur for feature-bloat, some updates do in fact happen for security reasons. One of the first things you should do, prior to deploying a desktop, is apply all the patches available for it. Do not deploy a desktop that has known, gaping security holes. If you are deploying a desktop that has not been fully updated, it will be vulnerable from the start. And this tip applies to all platforms, not just Windows.
Those who must share files can ignore this tip. But if you have no need to share files on your desktop, you should turn this feature off. For Windows XP, click Control Panel | Network Connections | Local Area Connection Properties. From that window deselect File And Printer Sharing, and you’re good. In Windows 7, open the Control Panel and then go to the Network And Sharing Center. Now click Change Advanced Sharing Settings in the left pane. From this new window, expand the network where you want to disable sharing and select Turn Off File And Printer Sharing. Done.
Guest accounts can lead to trouble. This is especially true because so many users leave guest accounts without password protection. This might not seem like a problem, since the guest user has such limited access. But giving access to a guest user creates a security risk. You are much better off disabling the guest account. The same goes for unused accounts. This is such a common mistake. Machines get passed around from user to user in many businesses, and the old users do not get deleted. Don’t let this happen to you. Make sure the users on your system are actually active and need access to the machine. Otherwise, you have yet another security hole.
This should go without saying. SHOULD. But how many times do you come across the word “password†as a password? Do not allow your users to make use of simple passwords. If the password can be guessed with little effort, that password should never be used. This can be set in server policies. But if you don’t take advantage of policies, you will have to enforce this on a per-user basis. Do not take this lightly. Weak passwords are one of the first ways a machine is compromised.
You can enable folder/file sharing on a machine but still have private folders. This is especially important for personal information. Some businesses might not allow personal files to be saved on desktop machines, but that’s a rarity. If you work in a company that allows you to house personal data, you probably won’t want your fellow employees to have access to it.
The how-to on this will vary from platform to platform (and is made even more complex by the various editions of the Windows platform). But basically, you change the security permissions on a folder so only the user has access to the folder. To do this, right-click on the folder and select Properties. From within the Properties window, go to Security and edit the permissions to restrict access to just the user.
I wish I could say there was a definitive way to make sure a desktop was 100% secure. But the only way to ensure that is to unplug it from the network and power it off. That doesn’t make for a very efficient work environment. But if you follow these tips, those desktops will be more secure than they would be otherwise.
Related Articles
16 users responded in this post
I found your blog on google and read a few of your other posts. I just added you to my Google News Reader. Keep up the good work Look forward to reading more from you in the future.
Hello, Thats impressive. Are you able to inform me wherever did you receive the designer for this blog form of website you happen to be utilizing? It seems to be nice. Its not wordpress proper?
Quality post, I will be viewing back again regularly looking for fresh news.
inordinate post you’ve acquire
I was seeking this specific the other day. i don’t generally post inside forums but i needed to say thank you!
Nice blog post. Most of the time uncover good articles right on this blog. Thanks for sharing. I plan to add this website to my favorites list. One more thing, I am curious about getting ad space on this blog. Sure would be a good website to advertise on. Excellent posts and beautiful style. Send email the advert info if you are taking new advertisers. Thanks again!!!!!
Fantastic article post.Really thank you! Awesome.
Muchos Gracias for your article.Really looking forward to read more. Really Great.
I really enjoy the blog article.Thanks Again. Keep writing.
I’d have to give blessing with you here. Which is not something I typically do! I enjoy reading a post that will make people think. Also, thanks for allowing me to comment!
Appreciate you sharing, great blog.Really looking forward to read more.
Very originative, one of the gracious sites I have realized today. Hold the fantastic work.
This will be a very with child imagination that you are supplying and you pass it away for free. I relish seeing websites that start to see the value of furnishing a prime resource for free. I truly enjoyed reading your Wiley Post. Thanks! .
I’d have to give the go-ahead with you on this. Which is not something I typically do! I love reading a post that will make people think. Also, thanks for allowing me to comment!
Yes, it is extremely simple to use anything at all on my site. a web site link to my internet internet site can be appreciated.
I couldn’t have really asked for a much better blog. You happen to be ever present to present excellent guidance, going right to the point for straightforward understanding of your readers. You’re truly a terrific pro in this area. Many thanks for remaining there for folks like me.