Security Awareness - Hardening Your Computer

Last Updated: 11/09/2012

Overview

Hardening your computer is an essential step for securing your personal information and data. However, many people do not know what simple steps can be taken to safeguard their systems.

Hardening a computer involves several steps to form "layers" of protection. Using antivirus and antispyware protection, regularly downloading the latest manufacturers patches, and disabling unneeded software and applications leads to safer, more secure computers which are harder to break into.

Hardening Guidelines

Roberta Bragg's 10 Windows Hardening Tips in 10 Minutes

5-Minute Security Advisor - Protecting Your Computer Against Compromise

Hardening Mac OS X

Hardened Computer Systems are Secure Systems

Hardening your computer is an important step in the fight to protect your personal data and information. This process works to eliminate means of attack by patching vulnerabilities and turning off inessential services. Hardening a computer involves several steps to form layers of protection. This approach to safer computing is often called “defense in depth”.

Applying vendor security patches regularly is the first step to help harden your computing system. Also, many security experts recommend installing a firewall on your computer. Additional hardening actions include closing server ports, disabling Windows and other programs file-sharing, and additionally hardening email programs. Tips for hardening computers are listed below, along with several other helpful links on hardening.

Another layer of protection for your computer is to install and regularly use virus and spyware protection software. Scheduling daily automatic definition updates and scans to be performed on your computer are vital steps. Antivirus software is available to all CU-Boulder faculty, staff, and students free or charge. Free anti-spyware software is available from Microsoft and Safer-networking.

Good computer security is about finding the right balance between hardening your system against potential threats and maintaining usability. If you do not require a particular software application or service it should be disabled and removed. Extra software just requires more work on your part to make it harder to a computer attack to be successful. Adding unnecessary software can lead to your PC spreading a virus or providing a launching pad for attacks against other campus systems.

Here are some helpful tips for hardening computers:

  • Patch Microsoft Windows automatically.
  • Use strong passwords or pass phrases for all Windows user accounts on your PC.
  • Use and properly maintain good anti-virus software, and optionally anti-spyware software.
  • Use a firewall, such as Windows XP's built-in software firewall.
  • Do not open suspicious email attachments or respond to suspicious requests.
  • If you're not using it, disable the Windows File and Printer Sharing service.
  • Disable any unneeded user accounts.
  • Lock your PC's screen when you step away, and shut down your computer when you'll be gone for more than 6 hours.
  • Where possible, consider using a web browser other than Internet Explorer, and treat "free" software with suspicion.