Professional Documents
Culture Documents
Ben Williams
09/11/16
IT140-1603B-02
Individual Project Unit IV
1
Security for Windows
In the world of computers, security is probably the most important aspect of setting up a
network or computer system. For my company, I have decided to use Windows 7 with Windows
2012 server. I initially decided to switch from Windows XP to Linux with Ubuntu, but I have
decided to stick with Windows because of the fact that I am somewhat familiar with Microsoft
systems and know nothing about Ubuntu, and running a new network server will be
The main areas to secure are with files, users, and software. The files on any machine
must be protected at all costs. The absolute most important thing to do is to configure a firewall
for the operating systems on the network (“Secure Windows”, 2011). Windows 7 conveniently
comes with its own built-in firewall called Windows Firewall and you can easily manage firewall
settings on the main server hub by using Active Directory, which allows the user to centrally
configure the settings and apply them all to the client computers using Group Policy. While
logged in as an admin on the Domain group, you can set the option for “program exceptions”
from remote assistance only (“Configure windows firewall”, 2006). By doing this, any computer
or program that tries to connect to the network will need specific exception from the
administrator to do so. This will keep the network and files within secure.
Yet another piece to secure is the users on the network. The firewall will provide some
protection, but not all. This is completed by installing antivirus and antispyware programs.
Ultimately it is up to the administrator to decide which ones to use, but I have had much success
in blocking viruses and spy programs by using a combination of Microsoft Security Essentials
(MSE), Spybot: Search and Destroy (S&D), and WinPatrol. MSE will auto update every day and
look for new definitions of spyware and malware and can be programmed to scan the machine
however the user chooses. For best results, I tend to let it scan each and every night while I am
2
Security for Windows
sleeping. For the business, this will be perfect, as after business hours there aren’t as many
processes being run on the computer. Anything that MSE catches or flags as questionable can be
removed immediately by the program. S&D also auto updates every day and also offers the
programmed scan, but has better definitions when it comes to spyware and malware, so a
combination of both programs works best. As long as the programs are kept up to date and the
scans are run uninterrupted, they will catch intrusion programs and viruses. For one final security
blanket, I always have WinPatrol running on my machine as well. It does not scan the computer,
but instead monitors each and every program and service that is open on the computer. When a
program begins to run, it will bring up a prompt that must be answered “yes” in order to run.
This way, if a Trojan virus does get past the firewall and virus/malware scans, it cannot continue
to run unless the user allows it. It also works as a task manager by listing all programs and
services running at the moment, as well as a list of all startup programs. Windows does come
with a built in task manager that can work for day-to-day tasks, but if a machine is under attack,
it can be compromised. By scanning regularly for viruses and malware and keeping a close eye
caution. Problems have arisen with Windows before about there being issues with a certain
update and it causing problems on the computer. Ignoring updates is out of the question – this
will in fact put your computer and network at risk of attack. The best thing to do is to wait about
a week, at most two, and update the system if no recalls have been made (Shnider, 2015).
Another technique that businesses have used is to have a “guinea pig” machine – one that they
will have on its own network and test updates for Windows on. This is a good solution for the
fact that you can see the issues that come up on this machine and it will not affect the business.
3
Security for Windows
In short, keeping the network secure is a vital and important part of business practice.
Make sure that each machine has its own firewalls, virus and malware protection, and task
managers. Making sure that users keep their passwords confidential and complex (this should be
a no-brainer) and that they do not install programs willy-nilly is also key. By doing these tasks,
you will be an excellent system administrator and your business will run smoothly.
4
Security for Windows
References:
“How to configure Windows firewall in a small business environment using group policy.”
Shnider, Deb. (January 14, 2015). “Patch or not? Weighing the risks of immediate updating.”