How to Secure Your Windows 7 System – Part 1
I recently purchased a new computer that had Windows 7 installed. With my new computer I figured it would be a new start with both the new operating system and security. Over the past month I have been busy reading, learning, and applying various security measures on my new computer.
I have learned a bit more about security during that time, and feel that I have a fairly secure desktop, and have now decided to write several posts that outline what I have done on my Windows system to make it more secure.
Securing the Access Point
Before I get into securing the actual Windows system, I thought I would start with securing the Internet connection, more specifically the access point. I am starting with this because I currently have a wireless network installed in my home, so it was there before I setup my new desktop.
Another reason I wanted to start with this is because many of the tools I will be recommending in future posts will require downloading of those tools. To ensure you keep your system safe, you must first make sure your access point to the Internet is secure.
One of the biggest concerns today is the security of wireless routers. Many of the most popular posts on Technically Easy has to do with wireless routers, and they are becoming more popular each year. However, it is very important to make sure you secure them properly to prevent unauthorized access to your Internet connection, and any LAN you have created in your home.
Securing the Wireless Router
A wireless router is usually the middle-man between the modem and your computers. The router will be the access point from the Internet to your local network, so it should be secured.
A few things that will need to be done to secure your router include the following:
- Change the administrator password on your router. Make sure the password is something complex, and possibly change the administrator ID, if possible.
- Limit the number of IP addresses assigned by your router. Determine the number of systems/devices that will connect to your router and have your router assign that many IP addresses.
- Use WPA2/WPA with AES and a long passphrase. The longer the passphrase the better. If you need help, you can use the random Ultra-High Security Password Generator and use either the 64 or 63 character versions.
- Enable HTTPS when accessing the administrative pages. I know some routers also allow you to access the administrative pages using the secure HTTPS protocol, which is great, especially if you access the pages using a wireless connection.
- Turn on MAC filtering. This is a debatable one, and one that I don’t use. It will provide an additional hoop for a hacker to jump through, but a true hacker can bypass this fairly quickly.
You may have noticed that I don’t include disabling the SSID broadcast. There are a number of reasons. One reason is because I have had trouble connecting certain systems to the network when it is disabled. Another reason is that hackers use tools that can see the SSID regardless of whether it is broadcast or not, so it doesn’t really provide any protection for your network.
Security Through Power Protection
One type of security that isn’t mentioned too much is that of providing power protection for your systems. I include this into security because, unlike malware, a power surge can not only prevent your computer from booting, but it can also destroy your entire system. This could potentially lead to a total loss of all your data, and you may not be able to recover it.
To protect you systems you should invest in more than just surge protectors. I would also look at buying an uninterruptible power supply (UPS). These are pieces of hardware that you place under your desk, or anywhere out of the way, that provides a connection between the wall outlet and you system and devices.
A UPS contains one or more batteries that will then provide power to any devices connected to it when there is a power outage. This should give you a few minutes to shutdown any devices connected to it. Why is this important? Lets say you are working on your computer, the hard drive saving and retrieving data, and then there is a power outage. Immediately your system grinds to a halt. The problem is that if you hard drive was reading/writing data, it could possible be damaged during those operations if the power was suddenly cut, causing possible data loss or worse. With a UPS, your system would still be powered for a few more minutes allowing the hard drive to complete what it was doing, and then giving you time to properly shut the system down.
A UPS also provides all the devices connected to it with clean power, so the devices don’t experience the spikes and drops of the power that comes from wall outlets. This feature provides even more protection for your systems.
The points mentioned above are good reasons to invest in a UPS if you want to keep your computer and devices protected from sudden power surges.
To keep my computer protected and secure, I use both a wireless router, with a build-in hardware firewall, and a UPS. The next few parts will focus on the Windows settings and software that I use to secure my Windows system.