Jump to content

My Security Checklist

ghemachandar1

By ghemachandar1
in Lounge

Recommended Posts

ghemachandar1 Rookie

ghemachandar1

Posted
Posted

Hi Guys!

Being a Server Administrator and as someone who frequently handles sensitive client information I probably have one of the most elaborate security checklists around here. With spate of reports on Fiverr accounts getting hacked, thought would share my security practices with you.

The checklist is divided into four parts. The first is stately perpetual checks. And the other three are routines that are to be performed at regular intervals - which I do on Daily, Bi-weekly, Half-Yearly intervals.

Before getting into the details, some notes:

  • Beware! It requires certain amount of discipline and dedication to maintain.

  • This post is about Workstation security on an Windows PC. For Linux and MacOS, best practices should defer and are usually fewer.

  • It does not cover mobile security, an important vector of attacks these days.

  • It does not cover behavioral best practices. Usual advises like ‘Do not run unknown executables’, ‘Do not click suspicious links’, ‘Confirm url & https before login’ would still apply.

So, here we begin…

PERPETUAL CHECKS

These are “best practices” that are to be ticked anytime.

  1. USE DYNAMIC IP: Your ip address must change every time you connect to the internet. This prevents anyone from specifically targeting you. If your ISP does not offer this, try a VPN.

  2. USE GOOD ANTI-VIRUS + ANTI-MALWARE: This is a must. For anti-virus I recommend: Eset, Kaspersky, BitDefender. For anti-malware: Malwarebytes free version is good enough.

  3. USE SECURE BROWSER: Isolated tab processes and built-in block lists are essential features of a secure browser. I recommend: Google Chrome, Opera and Safari (on Mac). Further, I would suggest to set, “Delete cookies on closing the browser”.

  4. USE SECURE E-MAIL: A good e-mail service should come with plenty of security measures. Gmail is recommended. For business e-mail: try Google’s G-Suite.

  5. DON’T USE JAVA: Or, for that matter don’t install any software unless you really have to.

  6. DISABLE WIFI AND BLUETOOTH: Unless you really need them.

DAILY CHECKS

These are daily checks I perform before the start of the Work-day.

  1. RUN DIGITAL CLEANUP: This is an performance measure rather than an security one. I use CCleaner to wipe all the extraneous data like temporary files, dumps and caches gathered over day-to-day system functions.

  2. RUN PHYSICAL CLEANUP: Again a performance measure. Laptop came with an on-demand fan cleanup software. Overheating is by far the most common reason for shorter device lives.

BI-WEEKLY CHECKS

These are the checks I perform once every two weeks - more specifically on 1st and 15th of every month.

  1. CHECK AND UPDATE OPERATING SYSTEM

  2. CHECK AND UPDATE ALL SOFTWARES INSTALLED.

  3. RUN FULL SYSTEM ANTI-VIRUS SCAN

  4. RUN FULL SYSTEM ANTI-MALWARE SCAN

HALF-YEARLY CHECKS

These are the checks I perform once every 6 months - more specifically on 1st January and 1st July.

  1. CHANGE PASSWORDS FOR ALL ONLINE ACCOUNTS: Usual recommendations would apply - choose a password that is atleast 10 characters long, with atleast one capital, one number and one special character. One may choose common password for all online accounts but important accounts like e-mail, Fiverr, Paypal must have unique passwords… especially e-mail!! Once you e-mail account is compromised all your online accounts are compromised.

  2. VERIFY 2FA AND SECURITY QUESTIONS: I verify if 2 Factor Authentications and Security questions are available, required and enabled. Further, I verify if I have 2FA’s backup codes and actually remember the answers to security questions.

  3. VERIFY BACKUPS: Check is if the most important information on your PC has an online backup. A rule of thumb is to ask, “What would I loose if the I lost the computer today?”

That’s all!

Customize or extend the list to fit your purpose. 🙂

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...