Skip to Content

Online Banking

the right bank TM

Thank You for Your Submission!

Computer Safeguards

The list below features a variety of controls that can be put in place to lower the risk of your company's computer system having a breach.

Limit Administrator Access

Malicious software needs administrative level access to install software and propagate. Reduced installation access greatly limits the ability of mal-ware to compromise a computer.

How To

Create a standard user account for normal day-to-day use. Administrator level accounts should only be used when necessary to install or update programs.

Patch Management

Operating systems and software have errors in the programming that can be exploited. Patches are released to fix the errors, reducing the vulnerability of the PC.

How To

Use patch management software or make sure that the Windows automated software patches the PC on a regular basis.  Never assume - spot check the PC by manually checking for patches.

Secure Wi-Fi Access

Open Wi-Fi allows an attacker within range to see any devices using the Wi-Fi network. The devices can then be scanned for vulnerabilities and exploited.

How To

Wi-Fi devices have security protocols that can reduce the exposure.  Use the WPA2 protocol or better.

Limit Social Media

Social media is a frequently targeted for distribution of mal-ware. Links to sites that download and install malicious software are common.

How To

Company policy is a soft control. Some modern firewalls or software can limit website categories and sites.


Firewalls limiting connections to the types allowed. Modern firewalls can also provide other security features like anti-virus scanning.

How To

Windows includes a limited firewall. Separate firewalls generally give better control and protection at the cost of added complexity.

Anti-Virus Software

Anti-virus software scans traffic and downloads for known malicious software. Although modern morphing mal-ware techniques have reduced the effectiveness of signature based anti-virus, it's still a valid protection level.

How To

Install anti-virus software from a reputable company. Verify subscriptions are valid and updating as they should.

Inactivity Screen Locks

An unattended, unlocked screen is an invite for someone to steal data or install mal-ware.

How To

Windows settings can lock the screen after a period of inactivity. The shorter the period the better.

Password Restrictions

Strong passwords reduce the likelihood of someone guessing the password and accessing the computer. Changing a password reduces the effectiveness of an extended brute force password attack.

How To

Require complex Windows passwords by local policy or domain policy. Require passwords to be changed on a regular basis. Deactivate unused accounts.

Restrict Computers to Business Use

Computers restricted to business activity are less likely to visit and be re-directed to malicious sites.

How To

Modern firewalls often include a expanded security subscription as an option. Software solutions can also limit sites by category or specific sites.

Anti Mal-ware Software

Mal-ware includes many forms of software that can be detrimental to privacy and security of PCs. Some mal-ware may not even try to steal data but may want to use your computer power to perform other illegal activities.

How To

Anti-mal-ware protection is often bundled with anti-virus software but not always! Confirm if you software includes both or if a separate scanner is needed to detect things like ad-ware.

Intrusion Detection/Prevention

Intrusion detection and/or prevention scans for unusual activity, even if a program is not installed.  Unusual activity often indicates mal-ware is involved.

How To

Host based intrusion software resides on the computer. Gateway based intrusion detection is often offered as a firewall security option.

External Remote Access

If an attacker can gain access through remote access mechanisms, they can attack a network from the inside.

How To

When allowed, remote access should be by software that allows for multi-factor authentication.

Training on Email Links

Links in emails are one of the main phishing and mal-ware attack mechanisms. Hyperlinks in email can be easily disguised to link to sites other than what is in the email.

How To

Train employees on dangers of links in email, especially unsolicited or unusual email.