Guide

1. FAQ
1.1 What is this document?
This document is an instruction/guide for improving personal cybersecurity and
improving the general cyber hygiene of employees.

1.2 What is required from you?

You are required NOT to simply read this document and / or put a signature in the
“informed” section, but to carefully perform each of the points following the
instructions from this document. The results of your actions in the form of
screenshots must be uploaded to the form so that the admin can double check them.

1.3 Why do you need this?

This is necessary so that you are not hacked, not accused of leaking, losing or tipping
off official documents. Moreover, this will significantly increase the level of your
information security.

1.4 How do you have to work with Instruction?

1. In order to confirm your action, you must upload a screenshot of the result.
2. Register, who does not have mail on gmail.com. If you use it, you have to
synchronize with it.
3. For all questions that arise, write to me in telegram @combonik.

2. PC settings
Further configuration depends on the operating system of your device: if it is Windows,
go to point 2.1; if you have a Mac OS, go to point 2.2.

2.1 PC settings on Windows

Privacy - Terms
2.1.1 Encrypt PC with Bitlocker (for MAC: FileVault)

1. Click Start> File Explorer> This computer.

2. In the window, right-click on the drive which you want to encrypt, and select
Enable BitLocker in the drop-down menu.

3. Enable BitLocker.
4. Enter a strong password for the hard drive. Each time you turn on the computer,
Windows will ask for this password to decrypt the data.
5. Choose how to backup the recovery key. It can be saved to your Microsoft
account, copied to a USB drive, or printed.
6. Choose which part of the disk to encrypt: all disk or only free space. If you
recently installed Windows 10, select the second. If you enable encryption on an
already used drive, it is better to encrypt the entire drive..
7. Click Continue to start encryption.
8. When the encryption is completed, restart the computer and enter the password.

2.1.2 Allow BitLocker without compatible TPM in Windows 10 latest version

1. Press the Win + R keys on the keyboard, type gpedit.msc and press Enter.
2. The local group policy editor opens. Go to: Computer Configuration –
Administrative Templates – Windows Components – BitLocker Drive Encryption
– Operating System Drives.
3. In the right panel of the local group policy editor, find the option “This policy
setting allows you to configure the additional authentication requirement at
startup” and double-click on it. Please note that there are two parameters with
this name in the list, we need the one not specifying Windows Server.

4. In the window that opens, select “Enabled” and make sure that the item “Allow
using BitLocker without compatible TPM” is enabled. Apply your settings.
2.1.3 Allow using BitLocker without compatible TPM in Windows 10
In order to be able to encrypt the system drive using BitLocker without TPM, it is
enough to change one single setting in the Windows Local Group Policy Editor.

1. Press the Win + R keys and enter gpedit.msc to start the local group policy editor.

2. Open the section (folders on the left): Computer Configuration – Administrative

Templates – Windows Components – This policy setting allows you to select
BitLocker Drive Encryption – Operating System Drives.
3. In the right part, double-click on the option “This policy setting allows you to
configure the additional authentication requirement at startup”.
4. In the window that opens, select “Enabled”, and also make sure that “Allow
BitLocker without compatible Trusted Platform Module” is selected (screenshot
below).

5. After this, you can use disk encryption without error messages: just select the
system disk in Windows Explorer, right-click on it and select “Enable BitLocker” in
the context menu, then follow the instructions of the encryption wizard. You can
also do this in “Control Panel” – “BitLocker Drive Encryption”.
6. You can either set a password to get access to the encrypted disk, or create a
USB device (flash drive), which will be used as a key.
2.1.4 Enable Windows Defender

1. Go to settings.
 2. Click on the tab “Update and Security”, and then everything as shown in the
picture.

2.1.5 Enable Windows Defender

You can download the free antivirus Bitdefender Free Edition on its official page
https://www.bitdefender.com/solutions/free.html.
After the antivirus has been installed, it runs in the background and checks all
executable files, and at first also the data that is stored on your disks. You can open
the antivirus window at any time using the shortcut on the desktop (or you can delete
it from there), or using the Bitdefender icon in the notification area.

1. After launching the installation file downloaded from the official website, click the
Install button (you can also uncheck the collection of anonymous statistics on
the left in the installation window).
2. The installation process will take place in three stages: downloading and
extracting the Bitdefender files, pre-scanning the system, and installing itself.

3. Then click on the “Log in to Bitdefender” button (Log in to Bitdefender). If this is

not done, then when you try to use the antivirus, you will still be asked to log in.
4. You need a Bitdefender Central account to use the antivirus. It is assumed that
you do not have one, so in the window that appears, enter your Name, Surname,
email address and the desired password. To avoid mistakes, it is recommended
to enter them in the Latin alphabet, and the password is rather complex. Click
“Create Account”. Alternatively, if Bitdefender ever asks for login, use e-mail as
login and your password.
5. If everything was going well, the Bitdefender antivirus window will open, which we
will look at later in the section on using the program.
6. The email will be sent to the email address specified in step 2 to confirm your
account. In the email you received, click “Verify Now”.
7. After that, you will not see any new windows (the application will run in the
background), but to complete the installation, you will need to restart your
computer (it is a restart, not shutdown in Windows 10, this is important). When
you reboot, you will have to wait a while until the system parameters are updated.
After a restart, Bitdefender is installed and ready to use.
The Bitdefender Free window does not offer many functions: it only contains
information about the current status of antivirus protection, access to settings, and
the ability to check any file by dragging it onto the antivirus window (you can also
check files via the context menu by right-clicking on the file and selecting “Scan with
Bitdefender”). Settings Bitdefender:
 Protection tab — to enable and disable anti-virus protection.
Events — list of antivirus events (detections and actions taken).
Quarantine — files in quarantine.
Exclusions — to add antivirus exclusions.

After installation, Bitdefender Free Edition disables Windows 10 Defender, however, if

you go to Settings (Win + I keys) – Update & Security – Windows Defender – “Virus &
threat protection” then scroll down and click “Windows Defender Antivirus” options
you can enable “Limited periodic scan” there.
If enabled, Windows 10 servicing will automatically scan your system for viruses from
time to time using Defender, or you will see a prompt to perform such a scan in
system notifications.

2.1.6 Enable firewall

1. Enable firewall

2.1.7 Reduce rights to the level of a normal use

The main way to create a new user in Windows 10 is to use the “Accounts” item
available in “Start” – “Settings”.
In the “Other Users” section, click Add User for This Computer. In the next window, you
will be asked to provide an email address or phone number.
If you are going to create a local account (or even a Microsoft account, but have not
yet registered an email address for it), click “I have no data for this person to log in” at
the bottom of the window.
The next window will prompt you to create a Microsoft account. You can fill in all the
fields for creating a user with such an account or click “Add a user without a Microsoft
account” below.
Next, follow the instructions. We get to the assignment of user rights. By default, the
new user has “normal user” rights
Further in the work, we use a normal user account, having configured it in advance.

2.1.8 Protect your account with the password

For high protection, you should use strong passwords (especially from the Admin
account). Use capital letters as well as symbols to increase the complexity of the
password.

2.1.9 Enable lock screen

1. Enable lock screen

2.1.10 Configure VPN

1. Configure VPN

2.1.11 Search in documents login / pass

1. Search in documents login / pass

2.1.12 Close the webcam

Closing the camera or not is up to you. However, it’s no secret to anyone that there are
Trojans and viruses that can completely control your camera, and you won’t even
notice it. As a result, your personal life will not be so personal

2.2 PC settings on MAC

2.2.1 For MAC: FileVault

 1. Go to the Apple menu ()> “System Settings” and open the “Protection and
Security” tab.

2. Select the FileVault tab.

3. Click , then enter the administrator name and password.
4. Click «Enable FileVault».
5. Advanced settings.

2.2.2 Configuring antivirus for MAC

1. Sign in to your Bitdefender Central account. If you don’t have an account already,
please sign up for one. Prior to the installation of Bitdefender Antivirus for Mac,
 please make sure that you have a Bitdefender Antivirus for Mac subscription in
your Central account so the product you install can retrieve its validity from your
account. If you have an older license key for the previous Antivirus for Mac
product, you can find how to transform it into a Bitdefender subscription, in this
article.
2. Select the My Devices panel.
3. In the My Devices window, click INSTALL PROTECTION.
4. In the newly opened window, click Protect this device, then select device owner.
If you want to Protect other devices, select this option (this will send an email
with the installation kit to an email address of your choice).
5. The installer will be downloaded on your system inside the Downloads folder.
Double click on the Bitdefender file with the .pkg extension and follow the on-
screen instructions. Click on Continue.

6. Next, you will be guided through the steps necessary to install the security on
your Mac. Click on Continue.
7. In order to continue the installation, you will have to agree to the terms of the
software Subscription Agreement.

8. Select the disk where you want to install the Bitdefender software, then click on
Continue. After that, select Install.
 9. When prompted, type your username and password, then click Install Software.
10. A small window will appear and Bitdefender Antivirus for Mac will automatically
download and install on your Mac.

11. The installation is now complete on macOS Yosemite, El Capitan and Sierra. Click
the corresponding link below only if you have High Sierra, Mojave or Catalina.
The rest of the macOS versions do not require these extra steps.
3. Setting up LastPass Password Manager
Register in LastPass and configure the extension for the Google Chrome browser
https://www.lastpass.com/ru .

1. Go to the Google Chrome Web Store.

2. Find LastPass for Google Chrome.

3. Click install.

4. Confirm installation.
5. After installation, go to LastPass to create an account and a master key (the
master key is a strong password with upper and lower case characters, numbers
and special characters).
 6. Log in to your account.

7. Now, upon entering any site, Lastpass will offer to save login details. Success!

4. Setting up Google authenticator on smartphone

4.1. Android
How to download:

open https://play.google.com/store (Play Market);

find google authenticator.

Setting:

on your Android phone or tablet, open the “Settings” > Google > Google
Account;
 at the top of the screen, press Security;
in the “Sign into your Google Account” section, select 2-step verification. If
necessary, log in again;
in the “Configure the second step” section, find the “Authenticator application”
parameter and click “Create”;
then follow the on-screen instructions;
to make sure that everything is OK, request the application code and enter it in
the settings.;
if the code is correct, you will see a confirmation.;

4.2. iOS
How to download:

open App Store;

find google authenticator.

Setting:

open the Gmail application on your iPhone or iPad. Press the “Menu”
icon > Settings > select your account > Google Account managing.
If you don’t use Gmail, go to myaccount.google.com;
at the top of the screen, click Security;
in the “Sign into your Google Account” section, select 2-step verification;
in the “Configure the second step” section, find the “Authenticator application”
option and click Create;
follow the instructions on the screen;
to make sure that everything is OK, request the application code and enter it in
the settings;
if the code is correct, you will see a confirmation.

You can also read the instructions from Google.

5. Setting up two-step verification in your Google account

1. Go to the “Security” tab in your Google account.
2. On the left of the navigation panel, select security.

3. Two-step verification clicks on the arrow (you can choose to log in using your
phone. In any case, your mobile device must have a strong password or a graphic
key).
4. Complete all steps.

5. Confirm phone number.

6. Pay attention to paragraphs 2 and 3, namely Google Notification, and
Authenticator.
7. Follow the instructions! Be sure to lock the Screen!
8. Point 3 google Authenticator.
 The result of the actions taken is shown in the figure below.

From google: How to enable 2-step verification

9. Unlink a phone number from a Google account

6. Setting up Google Chrome browser

1. Go to browser settings.
2. Go to the “passwords” tab.

3. Turn off “Offer passwords saving”.

4. Turn off “Auto Sign-in”.

5. Go to the tab “payment methods”, disable.

 6. Go to the tab “Addresses and more”, disable autosave.
7. Go to advanced settings.

8. Saved payment methods – disable verification.

9. Go to site settings.

10. Prohibition of tracking.

1. Open the Chrome browser on the computer.
2. In the upper right corner of the window, click on the icon with three dots
> Settings.
3. In the “Privacy and Security” section, turn on Send ban on tracking for
outgoing traffic.

7. Setting up social network accounts

Just click on the social network that you need to proceed with setting up two-factor
authentication.

Instructions for Google (Gmail)

Instructions for Apple
Instructions for Microsoft
Instructions for Facebook
Instructions for Twitter
Instructions for Instagram
Instructions for Dropbox
Instructions for Telegram
 Instructions for Linkedin

Instructions for WhatsApp

8. Smartphone Settings

8.1. Smartphone Settings

8.1.1. Android

1. Open your phone’s settings.

2. Select Security.
a) If this item is not available, click Protection and location > Security.
3. Select Screen Lock.
a) If it is already configured, enter PIN, password or pattern to change.
4. Select a screen lock method. Then follow the on-screen instructions.

Press on the settings icon next to “Screen Lock”. You can set the time for automatic
locking, configure the device so that the lock is turned on when you press the power
button, and also add a message that will appear on the locked screen.

8.1.2. iOS

1. Go to “Settings”> Touch ID and password code.

2. Turn on the password code.

8.2. Hide messenger and system notifications (on lock screen)

8.2.1. Android

1. Open your phone settings.

2. Select “Lock Screen”.
3. Go to “Notifications” and tap turn off.

For smartphones with Android 9 and below, look for these options in the “Apps &
notifications” or “Notifications” section.

8.2.2. iOS

1. Go to “Settings”> Notifications.
 2. Go to “Icon display” and select “Without blocking”.

8.3. Configure Antivirus

8.3.1. Android

1. On your mobile device, go to Bitdefender Central.

2. Sign in to your Central account.
3. Tap the icon in the upper-left corner of the screen, then select My Devices.
4. In the My Devices window, tap on INSTALL PROTECTION.
5. Tap on Protect this device.
6. You should now be redirected to the Google Play Store app. If the Play Store app
does not start automatically, select it from the list of suggested apps.
7. Tap on INSTALL.
8. After the installation is finished, open the app, check the box next to “I agree with
the Subscription agreement” and click on CONTINUE.
9. Next, if you’re not automatically logged in to your Central account, type your
username and password, then tap on SIGN IN.
10. Click on GET STARTED.

11. You can now activate the Web Protection feature. Click on ACTIVATE and allow
the Accessibility permission for Bitdefender Mobile Security. If you want to grant
the Accessibility permission later, click NOT NOW.
12. Next, you have the possibility to perform a full scan of your device by clicking on
SCAN NOW. Otherwise, you can click on SKIP and perform the scan at another
time.
In order to scan the entire storage, Bitdefender Mobile Security will require two
separate permissions: to make and manage phone calls and to access photos, media
and files on your device.

8.3.2. iOS

1. Search for Bitdefender Mobile Security on the App Store, locate the app, then
download it to your device.
2. Open the app, check the box “I agree with the Subscription Agreement” and
select Continue.
3. Now, you’ll have to log in to your Central account. Type your username and
password, then tap SIGN IN.

4. Tap Get started.

5. To properly finish the installation, you will need to configure the Web Protection
and VPN features. In the VPN module, tap Connect.

6. You will be notified that Mobile Security wants to Add VPN Configurations. Tap
OK.
 7. You will need to confirm by using Touch ID or the password to your phone. In the
picture below, we used Touch ID.

8. To activate Web Protection tap the Web Protection icon from the bottom of the
screen.
9. Tap TRY WEB PROTECTION.
10. Choose one of the free trial periods, and then confirm the payment details.
11. Tap Turn On to enable Web Protection.
12. Tap I Agree, then Allow to continue installing the web scan filter.
 13. If an authentication method (fingerprint or PIN code) has been set to protect your
smartphone, you are required to use it. After a short wait, Web Protection will be
enabled.

8.4. Disable installation of third-party applications

8.4.1. Android

1. Select Settings in the settings bar of the Home screen.

2. In the line of Personal Information, select Security and Restrictions.
3. Select Unknown Sources.
4. Select On / Off to enable/disable the installation of applications from unknown
sources.

8.4.2. iOS

1. Select Settings in the settings bar of the Home screen.

2. In the line of Personal Information, select Security and Restrictions.
3. Select Unknown Sources.
4. Select On / Off to enable/disable the installation of applications from unknown
sources.

8.5. Encrypt device

8.5.1. Android

1. Device encryption may take an hour or more.

The battery must be at least 80% charged.
The device must be plugged in the electrical supply network during
encryption.
If the device is running under root user, temporarily disable superuser rights.
If you interrupt the encryption process or somehow interfere with it, you are
likely to lose data. So once encryption has started, leave your device and
don’t use it
1. Go to Settings.
2. Click on Security. If your phone is encrypted, you will see the Encrypted
option. If not, start encryption by clicking on the Encrypt phone option.
3. On the next screen you will see a warning about what to expect after the
encryption is over. If you are ready, click the Encrypt phone button.
4. Again, you will see a warning that you should not interrupt the process.
Press the Encrypt phone button again.
5. Your phone will reboot and begin encryption. You will see a progress bar and
an encrypted end time.
6. Once the encryption is complete, the phone will reboot again. To verify that
encryption is enabled, go to Settings> Security. You will see a confirmation
Encrypted under the option Encrypt phone.
 For encrypting a memory card – you have to go to Settings, select Security>
Encrypt external SSD card and click Enable

8.5.2. iOS
You just need to set a passcode to encrypt data on smartphones with iOS.

Our Clients

Interkassa — international payment processing Real estate development company

system. Biggest payment processor of Ukraine. services: Company security audit
Ordered services: Penetration testing, Company integration services
security audit

Contact Us
Name

Phone

Email

Problem

Contact
 Penetration Testing

Phishing Simulation

Company Security Audit

Smart Contract Audit

Digital Forensics

Training Courses

Brand Protection

Configuration guide

Secure SDLC

Personal Cybersecurity

Email: info@hackcontrol.org
Phone: +48124004049
Headquarters: ul. Halicka 9, Krakov, Poland

HackControl © Copyright 2023

All Rights Reserved

Our services
Penetration Testing
Phishing Simulation
Security Audit
Digital Forensics
Smart Contract Audit
Training Course