Skip to Content
  1. 1PasswordPassword
  2. 2Account privilegeAccount privilege
  3. 3Guest accountGuest account
  4. 4Screen saverScreen saver
  5. 5Anti-malware toolAnti-malware tool
  6. 6Personal firewallPersonal firewall
  7. 7Software updateSoftware update
  8. 8Web browserWeb browser
  9. 9Data backupData backup
  10. 10Secure deletionSecure deletion
1

Use strong password for user accounts

RISK

Weak password, which is easy to guess, increases the chance of unauthorised access of computer.

CHECK ITEMS

Tool(s) available

Function: Assist users to learn and practice on how to create strong passwords.

System settings

Purpose: Create / change log in password of your computer and check whether strong password policy is enforced.

Steps on how to protect your computer with a password.

Steps on how to change or reset your Windows password.

MORE TIPS

  • Change password regularly and use a password that is difficult to guess but easy to remember.
  • Don't reuse passwords or write down your password, particularly anywhere near the computer. Please visit InfoSec website for more good practices on Handling User Account and Passwords.
Next
2

Set up standard user accounts for daily use

RISK

Malware can infect a computer and operate malicious activities under the user rights of the logged-in user.

CHECK ITEMS

System settings

Purpose: Create standard user account for your computer and change user account's administrator right.

MORE TIPS

  • Use administrator account only where necessary, such as managing other user accounts, installing or removing software or changing security settings.
  • Use different passwords for different user accounts, in particular those for handling private and sensitive data.
Next
3

Disable Guest account

RISK

Guest account of computer can provide information to attacker and increase security risks.

CHECK ITEMS

System settings

Purpose: Disable guest account in computer.

MORE TIPS

  • Assess security risks before using guest account, which allows users to log on to a network, browse the Internet, and shut down the computer.
  • Establish a password for guest account before use because the guest account password is blank by default.
Next
4

Enable password protected screen saver

RISK

Unattended computer is susceptible to unauthorised access to the system.

CHECK ITEMS

System settings

Purpose: Enable password protected screen saver.

MORE TIPS

  • Enable password protected screen saver in all time and do not leave your computer unattended, in particular in public area.
  • Default user inactivity time set for screen saver to launch is usually 15 minutes; however a shorter time period can be set for better security.
Next
5

Use up-to-date anti-malware security software

RISK

Your computer is susceptible to virus, Trojan horse and other malware attacks, which may lead to data and financial loss.

CHECK ITEMS

Tool(s) available

Function: Detect malware attack and remove malware from infected computer.

System settings

Purpose: Check whether your PC is protected with up-to-date anti-malware security software.

Note: Please be aware that the exact process for applying the security features will vary between different products. It is recommended that users follow the instructions contained in the official user manual where possible.

MORE TIPS

  • Enable auto-update features of the anti-malware security software to keep the software and its definition up-to-date.
  • Enable real-time protection feature and perform full scan of computer in periodic basis (e.g. weekly).
  • Stay alert to symptoms that might indicate a malware infection, such as battery drain, performance clogging, unusual large data usage, etc.
  • Be aware that fake anti-malware software and rogue pop-up security alerts are popular ways for tricking users to download malware onto their computers.
Next
6

Use personal firewall

RISK

Networked computer is more susceptible to cyber attacks because attackers can discover and scan the computer remotely, connect to it and send user data to external server.

CHECK ITEMS

Tool(s) available

Function: Enable firewall protection for your computer.

System settings

Purpose: Check whether Windows Firewall is enabled and verify the firewall rules.

MORE TIPS

  • Enable your personal firewall in all time, in particular when connecting to the Internet.
  • Enable built-in firewall of home router to further protect your computer and home network from cyber attacks.
Next
7

Update operating system, application and browser

RISK

Computer with known security weaknesses is more susceptible to malware infection and other cyber attacks, in particular when connecting to the Internet.

CHECK ITEMS

Tool(s) available

Function: Detect outdated software, browsers and their plug-ins.

System settings

Purpose: Obtain latest security patch update and check whether Windows operating system and other Microsoft products of your computer are up-to-date.

MORE TIPS

  • Enable auto-update feature of software product and remember to restart your computer to finish installing the updates.
  • Uninstall end-of-support software products or upgrade to another software product that has security updates and avoid performing sensitive operations, such as online banking, from computer without security updates.
Next
8

Configure basic security settings for web browser

RISK

Default settings in common web browsers may allow execution of malicious code, cache of sensitive information and password without the owner's knowledge.

CHECK ITEMS

System settings

Purpose: Check whether the basic security settings of web browser are adopted.

MORE TIPS

  • Do not visit suspicious websites or follow the links provided in those websites, as they may cause malware infection and force a browser to download files without user's knowledge.
  • Logout application after use and clear browser cache, in particular after performing sensitive operation, such as online banking.
Next
9

Backup data regularly

RISK

Data cannot be recovered in case of malware infection, hardware failure and device loss.

CHECK ITEMS

System settings

Purpose: Backup and restore files and full system.

MORE TIPS

  • Backup regularly and protect your backup data securely.
  • Test the restore procedures to ensure the backup data can be restored.
  • Assess security risks before synchronising data to cloud services and avoid automatic backup of sensitive data to them.
  • Protect your online user account with a strong password and enhanced authentication mechanism such as 2-factor authentication if available, in particular those for cloud backup. Please visit InfoSec website for more good practices on Handling User Account and Passwords.
Next
10

Completely remove data before giving away or selling your computers

RISK

Data can be accessed or recovered by data recovery applications.

CHECK ITEMS

Tool(s) available

Function: Securely delete data in computers’ hard disk including Solid-State Drive (SSD).

The following tools can securely delete data in magnetic hard disk:

The following tools can securely delete data in SSD:

Note:

  • Some secure deletion software in the market can securely delete the entire hard disk or wipe free space. Read the software license agreement and the instructions carefully.
  • A number of vendors of SSD provide detailed steps / specific tool for secure data erasure in their SSDs drives. As the implementation of secure deletion between different manufacturers, you are suggested to contact the product vendors for the technical details of sanitisation procedure.

MORE TIPS

  • Data cannot be recovered after secure delete. If data need to be kept, perform backup before erasing the data.
  • Please visit InfoSec website for more options for disposal of computer equipment containing sensitive information.
  • In order to protect data, enable full disk encryption (e.g. BitLocker) with strong password after purchase.
  • If the edition of Microsoft Windows does not provide full disk encryption feature, users should employ other relevant software to encrypt sensitive data with strong password.

Disclaimer: The health check settings here are proactive in nature and intended for improving computer security, as they may change the user experience and interfere with the functionality and utility of some applications. The exact process for applying the security features during the health check will vary between different products. It is recommended to follow the instructions contained in the user manual provided at the official website of the manufacturer where possible.

Users are also recommended to observe the Important Notices of CSIP and read the user agreements and privacy policies of the security software and tools before download and use them.

Back to Top