Professional Documents
Culture Documents
Running Header: Windows Application Policy 1: Securing Windows Applications Policy Name Instructor Institution Date
Running Header: Windows Application Policy 1: Securing Windows Applications Policy Name Instructor Institution Date
Name
Instructor
Institution
Date
WINDOWS SECURITY GUIDE 2
Windows security defaults are not strong enough to protect one’s computer from threats.
There are various vulnerabilities in a windows PC: vulnerabilities in apps like Skype that come
bundled with Windows, non-Microsoft Software, unpatched drivers, and unsecured firmware.
The first step is to have a system restore point (enabled). This will act as a backup/save point for
the machine in case of a compromise. All software in the operating system as well as the drivers
should be up to date with the latest versions (Roth et al, 2016). This can be done with a windows
Windows offers administrator options to have one or multiple user accounts which are in
turn protected by a passwords and other optional authentication mechanisms. The password
policy should only require users to have a strong password (has all the keyboard characters and a
minimum of 12 characters). To increase this security during the sign in process, one can install a
Microsoft feature known as windows hello that offers two step verification process. Users should
configure these accounts to authorize groups, users and computers access to network resources.
For instance, only the primary local administrator account should have the rights to modify
system configurations and install software. On the other hand, secondary accounts should be set
To protect data from getting stolen, one way is enabling Bitlock device encryption that
encrypts all data using XTS-AES standard. It’s also wise to enable the antivirus and firewall
protection in the OS (Chari et al, 2016). these are available in the Windows Defender Security
Centre as well as the System and Security (available in the Control Panel). Windows users
should also configure their PC to prevent nonauthorized apps from running (application
whitelisting policy). One way is to allow apps only downloaded from the store to run.
WINDOWS SECURITY GUIDE 3
Other configurations that harden windows computer are disabling remote access,
disabling automatic login, setting up user account, using lock screen with a timeout, enabling
controlled folder access, not using the administrator account, installing antispyware software
from trusted sources, ignoring spam, securing your network, constantly removing unnecessary
files and software among others (Czyz et al, 2016). Lastly, with the threat landscape being
complex, there should be a continuous integrity validating and monitoring of the layered security
approach.
WINDOWS SECURITY GUIDE 4
References
Chari, S. N., Molloy, I. M., Park, Y., & Teiken, W. (2016). U.S. Patent No. 9,288,232.
Chari, S. N., Molloy, I. M., Park, Y., & Teiken, W. (2016). U.S. Patent No. 9,246,945.
Czyz, J., Luckie, M., Allman, M., & Bailey, M. (2016). Don't Forget to Lock the Back Door! A
Security (NDSS).
Roth, G. B., Popick, D. S., & Weiss, J. (2016). U.S. Patent No. 9,325,739. Washington, DC: U.S.