[welcome our new handler, Mari Kirby Nichols! JBU]
One of the first ways to start a security discussion is with physical security. Yes, I know this is a technical forum, but really, is the system secure physically? Make sure the location can be secured. Utilize some type of locking mechanism to keep the machine safe. This may be a cable lock for a laptop computer or a lock on the CPU case. This is a pretty basic rule, but surprisingly many people forget this essential component of cyber security. One of the ways to increase your information security effort is to combine your program with the physical security department. Have you met with them and pooled your resources? Are you able to obtain audit logs of physical access as easily as you are able to pull up an event log?
Second, remember to configure the administrator password. Most likely the system will come with no administrator password, or a default password common to many systems. Before you go ahead, think about a good password. A good password is long and uses a diverse set of characters, numbers and special characters (~!@#$%^&*()_). One approach to a good password is a pass-phrase. A pass-phrase is a short, easy to remember sentence. No worries, it’s easy. Just think of a phrase that is on your mind like:
No hurricanes for
Here are some other ideas I like:
Use a thing, like a USB Device
It’s easy to come up with a complex though easy to remember pass phrase. If you need help remembering your password, just write down a word (hint) that reminds you of the phrase, NOT the password. Next, don’t forget to write down your administrator password and keep it in a safe place (for example a safe, safety deposit box or store it in a sealed envelope with a friend or relative). It makes sense to keep one copy of the password in your safe and another copy off site.
While we on the subject of the administrator account, let’s discuss the idea of having two accounts. While you may need an administrator account to accomplish loading software and making updates, do you really need administrator access to write e-mail and surf? No. So make yourself a regular account without administrator access and use it as your “normal day-to-day” account. Only use your administrator account to accomplish administrative duties.
Well, now that I have droned on about pass phrases and administrative accounts, let's get on to XP Vista specific tips. We would like to hear from you warriors out there in MS land, especially for
XP Tips from one of our Canadian readers:
-install latest patches, and enable Windows Update
Vista Tip from Boris:
Oct 17th 2007
1 decade ago