How to secure a Windows Workstation
The workstation can be of some great importance for someone who is involved in some massive and serious works. So, making sure that the work station has been secured should be one's ultimate goal while installing that. There are several ways through which one can ensure its security and for that purpose, one would have to be vigilant. Here one can learn about some practices and the things which can help contributing towards the good activities like the accounts availability, the desktop security, the passwords complexity etc.
Following are the ways which an help the securing of workstation;
Setting strong passwords:
One can take the help of the passwords and some usernames so that the resources on the computer cannot be accesses by all the people and the ones who are on the network. It is very important that the password that one has are very strong there and they contain some strong characters. It is not very unusual that when someone is going to ix the password, a single word should not be used since one might hack it easily and they can go to the dictionary and detect the word. Also one should not be using something that is understood. Like, some people might use the names of the dogs or the cats they have. Maybe, someone might even put the name of their husbands or the wives. They all are so easy and can be guessed very easily. One should be using some of the upper cases and the lower cases, so that it is difficult and one faces some hard time while guessing the passwords. They all can also be of the lower cases. But if someone tries and mixes them up, then it would become so easy since no one would be able to hack the password. One should not be using some special character. One should not use the "^", sign. It is very common, also using the numbers instead of the letters are not going to help a lot. Like, someone should not be using the 0 instead of the o. or the letter t should not be replaced with the number 7. The problem is that hackers already do know that one should think about doing that. When the hackers try using the brute force they already try replacing the things like he Os with the 0s. Also, if the website can allow, then one should try and making it become the phrase. It is simple that the many words can make the password become so powerful that brutal force isn't so useful there. Or, if one knows some phrase, then using the every first letter form it can make a good password too.
When someone logs into the computer, he might not be asked for the surname and the password. This thing is really bad. The reason is that one would like to protect the inform ton that one has in the computer and he should be setting up some passwords for that. So it is very important that there is some password which is require day the one who is trying to have access to the computer.
Restricting user permissions:
Here comes the thing which is good. This is that the access that one can have to the computer can become limited. One might not like making everyone an administrator on the commuter since the administrators can have more access to many files. One might like assigning the permissions and the rights to some of the people only and only for some specific amount of the time. But this ting thing might be difficult since if someone has the past history of giving the administrative access to many of the people, then it would become a bad thing to do. Also, one can think of some of the permissions and the rights which can be based upon the groups. One can group the people all together. All the departments can have their own groups, like the supply chain department can have their own group. The marketing department can have their own group. Also one can assign some of the permissions and the access which can be based on the groups as well. Like, one can assign some specific access to one group which is not assigned to the other group. When someone is removed from that certain group, then the one would no longer have any access to the information. It becomes so easy thing when done on some per user base. Also, it becomes so easy to do this in some way when one has to audit the things and have to make sure that all the people have adequate rights and the permissions of the things they are required to do.
Changing default user names:
No matter what OS is being used by one, there are some of the user accounts that are created when the OS is being built. They might be used or might not be used. One can find some accounts like the mail account, the root account or some guest account. It is to be noted that not all of the addresses are required for the one. So, one can deleted them or can create even more of them. So, one should make sure that one would disable the accounts which are not used that often. Also, they will never be used again. One might also like that the user names which are not required, get changed. There are some of the applications which can use the many of the applications using the default usernames that are present in the OS. Also, this way, the hackers can know that which of the account would not be sued and where they should attack the person. By just changing the administrative username, one can also try the brute force. They can do that with the help of some old name, which means that they won't be trying any of the passwords. Also, they will never ever be able to get the access with the help of the particular sets of credentials. Another thing is that one should keep changing the default username. If the username is default, it may indicate that one isn't so active and is not so conscious about the security but if it is changed, it might means that someone is active and hence the hacker might not even try to have access to the one's computer. Also, changing the username frequently can create confusion for someone too who is trying to access and one who is setting them up, can be sure of the security,
Disabling guest account:
The guest account is the account which has some of the limited access. When the operating system is set up, one might not notice but he can have some of the guests account. One should take notice of this thing and should remove it immediately. If one is using the guest account then it is okay. One can set up some of the password there. But if the scenario is, that the guest account has been made but no one uses it, then it would be useful if someone tries and sets so many passwords at some other account. The reason behind this is that the main reason for the password is the protection. If it happens that one username has password protection and the others don't, it is like a glass has two holes and only one of them is covered. One can easily take out the juice from the glass using the other hole. This other whole is the guest account in our case. So, one should ensure to deleted it if this account is useless so that he can endure the maximum security of the operating system.
Screensaver required password:
At the desktop, there are the things which can be done to help one with some security of the data. Of them is the setting up of the screen saver. Screen saver means that when someone is active on the computer, then the computer stays up but when someone goes far, then the screen becomes blank and it doesn't appear again. Then one would have to come back and move the mouse. One can set the screen saver and then can even add the password to it, it is something so helpful. Then when someone comes back, he will move the mouse and instead of getting the welcome screen, all he would be getting would be the authentication confirmation which would be asking some password to the user. This thing helps a lot. The reason is that the screens never would appear when someone is away and is not working on the computer. Then, if someone comes back and tried to open up the desktop, he would be asked to write down the screensaver password. So when the screen save so on, the computer is again locked and is protected y that certain password. Also, where would be some of the single check box? So, one who has the administrative powers, can use them here to protect the computer. That can be done just by one click.
Disable auto run:
In the windows old versions which are windows XP and the Vista, one can find some of the capabilities which are very useful for the security of the OS. One of them is known as the Auto run. That capability was used and it still common in many windows. Here one can simply insert some piece of the media into the computer and then the program would not ask for any permission and would start running itself. That might sound bad to some people and yes, it was actually bad. Many of the hackers, which are the bad guys, figured that when they are going to put some code in the USB or in some CD, then they can put that in the computer. The mechanism was simple. When the CD or the USB was inserted, the auto run ability never asked for permission and infected the whole computer. This was threatening since if one is away and no matter how many passwords are set in, one could simply destroy one's work there. Hence, the Microsoft figured out some way and then gave the users an ability which was about the disability of this ability. One could disable this thing in the registry. In the operating system's registry, hence this worked well and the fear of having the virus only with some attachment of the devices was reduced a lot. But the great thing is, that in the versions of the windows 7, one cannot even have that auto run ability, means whenever we open some application, then the auto run cannot be run and always a window will pop up, axing for the permission. At times, we play many of the programs. So it is good thing that windows 7 doesn't contain the auto run application since at one time we can open many downloaded programs and if they are opened without permission, then it can surely bring the virus as well. But someone people like the auto run. Because when someone runs so many of the files, it is sometimes difficult to click allow on each of them. But this thing is for users own security since it helps reducing some great risks of the virus attacks.
Hence, there are many ways through which one can take some measures for protecting the precious data that one has. But there is one thing, that it requires some in depth knowledge and the stamina. Also, one should be sure that he has got some of the antivirus, because as it has been mentioned, if someone doesn't have so much good management ability and on forgets to delete some unwanted account that doesn't have password, then there would be the penetrating point for some virus. So having the other tools too is very important when it comes to protecting the operating system.