General Security Guidelines

1.Disable services you don't need.
Turning off services you don't use is simply common sense and can greatly reduce the risks while online. File and Print Sharing is probably the single most common Windows security vulnerability. Don't use it unless you really need it. You can check if it's turned on (In Win 9x) under "Control Panel > Network > File and Print Sharing". If, on the other hand you have a LAN and need to share files, follow the guidelines below:
  • Unbind File and Print Sharing and Client for MS Networks from TCP/IP - you will need to check all TCP/IP Entries in "Control Panel > Network".
  • Install NetBEUI and bind File and Print Sharing to it.
  • Turn access on just for the necessary directories/drives and make it read-only.
  • Use strong passwords for all your shares.
  • Install a software/hardware firewall.

2. Use strong passwords.
Whenever you use paswords, being an online banking interface, network share or even a forum, common sense dictates you should make them hard to guess/crack. Although some of the suggestions below might seem trivial, they are not followed by many users and it might be a huge security risk. Use the following guidelines with passwords:

  • use both lower and upper case letters
  • use some non-alphanumeric characters as well
  • don't base your passwords on a dictionary word, name, place or date.
  • use long passwords
  • use different passwords for different places

3. Stay current with updates.
Download and install all available security patches for your OS, as well as new anti-virus definitions, etc. For example, all Windows-based computers should have the latest service pack installed. Also check the Windows Update site on a regular basis (or use automatic updates) for the latest security updates.


4. Use the encryption available to you.
FTP/SMTP/HTTP and many other protocols widely used on the Internet transmit information in ASCII (clear text). What that means is, all information transfered to/from servers, including your passwords is transmitted in clear text, and is readily available to any network device it passes through to get to its destination. When possible, use the secure variations of those protocols to avoid personal information being transmitted unencryted.

© 2013