Anti-Virus Protection
Antivirus software can be viewed as the security guard of a computer system. It protects the computer from incoming threats and seeks out, destroys and warns of possible threats to the system. New viruses come out all the time and it is the job of the antivirus software to keep up with the latest threats. Antivirus programs are only as effective as they are up to date. Most antivirus programs release updates every 1 to 7 days. These updates include everything from additional security tools to an updated virus definitions list. Allowing updates to be installed automatically increases the level of protection for your system. Unfortunately all anti-virus programs are not created equal. Comprehensive anti-virus programs include not just virus detection and cleaning but malware protection, data protection and network protection. Most free anti-virus software programs often only include protection in one of the above-mentioned areas, leaving users vulnerable to other methods of attack.

Firewall Protection
A firewall is a network security capability, either hardware- or software-based, that uses rules to control incoming and outgoing network traffic. A firewall acts as a barrier between a trusted network (internal company network) and an untrusted network (the internet). It monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. This means that the only traffic allowed onto the network is defined in the firewall policy; all other traffic is denied. The more popular and credible anti-virus software packages include a host-based firewall that allows everyday users to control connections to their computer.   

Limited Administrator Account Use

The moment an organization uses privileged user accounts on any device or service, their device or networks are at risk to potentially get hacked. An attacker who is able to gain access  to the system or service will take advantage of this misconfiguration and will have full control over this machine. Therefore admin accounts should be use for administrative purposes only. Administrative accounts should not be used for internet surfing, email reading, document composing or any such common activities.  Also never configure services to run with administrator privileges.

Data Loss Prevention (DLP) Protection

Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer. DLP software products use business rules to classify and protect confidential and critical information so that unauthorized end users cannot accidentally or maliciously share data whose disclosure could put the organization at risk. For example, if an employee tried to forward a business email outside the corporate domain or upload a corporate file to a consumer cloud storage service like Dropbox, the employee would be denied permission.

Malware Protection

Malware (short for malicious software) is software designed to infiltrate or damage a computer without your consent. Malware includes computer viruses, worms, trojan horses, spyware and more. It can be present on websites and emails, or hidden in downloadable files, photos, videos, freeware or shareware. The best way to avoid getting infected is to run a good anti-virus protection program, do periodic scans for spyware, avoid clicking on suspicous email links or websites. But scammers are sneaky and sometimes cleverly disguise malware as an email from a  friend, or a useful website.

Strong Password Protection

The use of strong passwords can slow or often defeat the various attack methods of compromising a terminal’s security. Some common methods that attackers use for discovering a victim’s password include:
Guessing—The attacker attempts to log on using the user’s account by repeatedly guessing likely words and phrases such as their children’s names, their city of birth, and local sports teams.
Online Dictionary Attack—The attacker uses an automated program that includes a text file of words. The program repeatedly attempts to log on to the target system using a different word from the text file on each try.
Offline Dictionary Attack—Similar to the online dictionary attack, the attacker gets a copy of the file where the hashed or encrypted copy of user accounts and passwords are stored and uses an automated program to determine what the password is for each account. This type of attack can be completed very quickly once the attacker has managed to get a copy of the password file.
Offline Brute Force Attack—This is a variation of the dictionary attacks, but it is designed to determine passwords that may not be included in the text file used in those attacks. Although a brute force attack can be attempted online, due to network bandwidth and latency they are usually undertaken offline using a copy of the target system’s password file. In a brute force attack, the attacker uses an automated program that generates hashes or encrypted values for all possible passwords and compares them to the values in the password file.
Each of these attack methods can be slowed down significantly or even defeated through the use of strong passwords. Therefore, whenever possible, computer users should use strong passwords for all of their computer accounts.

Backups

Data backup refers to the copying of computer’s information so that these copies may be restored through a data recovery process after some fatal event. Backups are useful primarily for two purposes: to restore a computer to an operational state following an accident, and to recover information files after they have been deleted or corrupted. Backups are usually the last line of defense against data loss (but also the most important one); they require much time and consequently are the least convenient to use. The more important the data that is stored in the computer, the greater the need for backing up the data. Why data backup is so important? In today’s world, information is more important than money. And a company that loses access to its critical data for more than 48 hours will likely be put out of business within one year.

Browsers, Plug-Ins & Attachments

Your web browser knows a lot about you, and tells the sites you visit a lot about you as well—if you let it. There are many security settings in web browsers that will make your browsing experience much more secure. Also be aware of the use of various plug-ins and add-ins. Many of them are natively insecure and can make your computer that much more vulnerable while browsing the internet. Attachments and hyperlinks can also be like mind fields. Take care when opening attachments and clicking on links that may have been sent to you.

User IT Security Training and Education

The end users of a system are always the weakest link in any IT environment. Therefore it is important that all users are training periodically on cyber security dos and don’ts. End users are often that target of fishing or social engineering attacks because they have a definite way into the network via their network account. Any good IT security program will ensure that users are made aware on a constant basis of what dangers and threats they need to watch out for.

Change Default System Configurations

Changing the default configuration of your home router, your home desktop or your laptop can mean the difference between your personal data being stolen by a potential hacker. All systems deploy with default configurations, including admin account passwords, ip addresses and more all of which are easily searchable on the internet. Take some time and change some of the more common settings to avoid being an easy target.