A-Z Index     help.missouri.edu    
home

Best Practices: Windows Desktop

  1. Disable the shared folder.
    This folder is available to anyone on the network. By disabling this folder, you prevent other people on the network from accessing any folder on your computer.
    • Windows XP:
      • From the Start menu, click My Computer.
      • Click the Shared Documents folder.
      • From the File menu, click Properties.
      • Uncheck the Share this folder on the network checkbox.
      • Click OK.
      • The Shared Documents folder is no longer available on the network.
  2. Set a secure administrator password.
    Every machine has a local computer account called the administrator account. This account allows total control over your computer. You should make sure that you have a secure password set, as scanning networks for blank or weak administrator passwords is a very common practice for hackers. If your administrator password is missing or weak, then a hacker could gain full control over your system. For information on how to set your administrator password, call the Division of IT Help Desk at (573)882-5000.
    Setting an Administrator Password in Windows XP:
    • Go to the Start menu and select Control Panel.
    • Click on Switch to Classic View located in the top-left corner.
    • Select Administrative Tools.
    • From the left-hand window, choose Computer Management, then open Local Users and Groups.
    • From the right-hand window, right-click on Administrator (or whatever ID functions as Administrator) and select Set Password.
    Setting an Administrator Password in Windows 7
    • Under the Start menu, right-click Computer.
    • Select Manage.
    • Under Local Users and Groups, select Users.
    • Right-click on Administrator (or whatever ID functions as Administrator) and choose Set Password.
  3. Rename the administrator account.
    The administrator account cannot be locked out, which means that someone can attempt to crack the password an unlimited number of times. A good way to defeat this tactic is to rename your administrator account so its identity is not immediately obvious.
    • For Windows 7: Click on Start then right-click on Computer, Choose Manage.  Select Local Users and Groups, then choose Users.  Right click on Administrator and choose Rename.
    • For Windows 2000/XP: Click on Start-Settings-Control Panel. Choose Administrative Tools, then Computer Management. Select Local Users and Groups, then choose Users. Right click on Administrator and choose Rename.
    • For Windows XP Home: Click on Start - Settings - Control Panel. Choose User Accounts, then choose "Pick an account to change". Click on "Administrator", then "Change My Name", then "change name".
  4. Disable the guest account
    This account allows anonymous access to your computer. By disabling this account, other people will be prevented from using services you may have left accidentally open.
    • Windows 7:
      • Click on Start and right-click Computer.
      • Choose Manage.
      • Select Local Users and Groups - Users.
      • Right click on the Guest account and choose Properties.
      • Click the box that says "Account is disabled." In Windows 7, the guest account is usually disabled by default. You should still follow these steps to ensure it is.
    • Windows 2000/XP:
      • Click on Start - Settings - Control Panel.
      • Choose Administrative Tools - Computer Management.
      • Select Local Users and Groups - Users.
      • Right click on the Guest account and choose Properties.
      • Click the box that says "Account is disabled."  In Windows XP, the guest account is usually disabled by default.  You should still follow these steps to ensure it is.
    • Windows XP Home Edition:
      • Click on Start - Settings - Control Panel.
      • Choose User Accounts.
      • Click on "Pick an account to change," then choose guest.
      • Click "Turn off the guest account."
  5. Shut down ports that are not necessary.
    Shutting down ports cuts the number of options an intruder has to hack into your system. For Windows XP users, you may opt to just run the firewall. However, doing so can sometimes cause other problems with your system. If this occurs, then disable the firewall as your first troubleshooting move.
  6. Maintain a secure password.
    Make sure your Pawprint password conforms to Division of IT password requirements and change your password on a regular basis. You should never write your password down or share it with anyone. If you suspect your password has been compromised, change it immediately and contact isam@missosuri.edu.
  7. Run anti-virus software and keep it current.
    Make sure you have a reputable anti-virus program on your computer, and update it on a regular basis. See the Division of IT  Anti-Virus Software recommendation site at http://doit.missouri.edu/software/anti-virus.html for more information. Generally, if you choose to register your anti-virus software you can choose to be automatically notified of updates. If you schedule an automatic update, make sure it occurs at a time when your computer will be powered on. Any machine that is believed to be infected should be removed from the network immediately and not returned until the virus has been removed. You should update your definition file at least once a week. Monday afternoons are a good time to do so, as new viruses often appear over the weekends.
  8. Keep your operating system up to date.
    Be aware of service packs that are released for your operating system, especially critical fixes. Make sure you apply patches and upgrades in a timely manner. At a minimum, check for security patches every month. You can also choose to turn on the Windows automatic update feature. Another option is to go to Microsoft Windows Update to scan your computer to see if updates are available. You should check for updates at least once a week. You can also use the critical update notification service available through Microsoft. This service automatically notifies you when critical updates become available.
  9. Keep your applications up to date.
    Visit Microsoft updates (http://windowsupdate.microsoft.com/) if you're using Microsoft Office and scan your computer to see if there are available updates. For non-Microsoft products, visit the vendor's Web site regularly and check for updates you might need to install.
  10. Disable services you don't need.
    Disable any services running that you do not use, such as simple file sharing or Internet Information Services (IIS) if applicable. You should carefully test to ensure that you are disabling the correct services.
  11. Double-check patches and configurations regularly.
    Install and regularly run Microsoft Baseline Security Analyzer.

Additional services running on your system may require special attention. If you have questions or concerns about specific security issues, contact isam@missouri.edu for assistance.

IT Security
Monthly Topic

Finding the Silver Lining with Cloud-Based Computing Services

The cloud is an effective, powerful, and prolific technological tool specifically designed to store and manage your data and files over the Internet (as opposed to using your computer’s local hard-drive). Thus, you must be aware of the risks when granting a service provider access to your private data in order to utilize cloud computing services.

Read more...

National Cyber Security Awareness Month

University of Missouri / UM System
Division of Information Technology
615 Locust Street, Columbia, MO 65211
(573)882-2000

Copyright 2009 Curators of the University of Missouri.
DMCA and other copyright information.
An equal opportunity/affirmative action institution.