• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Share your favorite guides for hardened Windows 11 deployment

T

the_servicer

2[H]4U
2FA
Joined
Aug 16, 2013
Messages
2,190
How do you like to configure a fresh installation of Windows 11 for security? If you know of a resource you believe responds well to the current threat landscape, or maybe just a guide you like to share with family and friends, please post it. It could be a list of settings, best practices, preferred software, etc. I'm starting from scratch in my home office. I'd like to protect client information, not to mention my own.
 
The "current threat landscape" is one in which the users themselves, not the OS, are the biggest vulnerability. So it's really more of a question of how much protection the users need from themselves. If the user is smart enough to not click on strange emails or advertisements, download and open random executable files, and insert random commands into administrator command prompts, then there really isn't much to worry about. But it's still disturbing how many people are all too happy to simply "follow instructions" even when they are literally infecting their own computer at the request of a malicious actor. If you really need to turn a computer into the equivalent of a toddler's playpen, you can do that, but I would focus on education if possible, because being completely technically illiterate in the modern world means that you WILL get burned sooner or later.
 
Last edited:
How "hardened" do you want it?
You could get some ideas from the "Microsoft Windows 11 Security Technical Implementation Guide" , which in the Department of Defense world is also referred to as the Windows 11 STIG ...
This might be too hardened though; as you'll have a very compliant workstation, but may not be too useful for "family & friends".
 
GotNoRice said:
The "current threat landscape" is one in which the users themselves, not the OS, are the biggest vulnerability. So it's really more of a question of how much protection the users need from themselves. If the user is smart enough to not click on strange emails or advertisements, download and open random executable files, and insert random commands into administrator command prompts, then there really isn't much to worry about. But it's still disturbing how many people are all too happy to simply "follow instructions" even when they are literally infecting their own computer at the request of a malicious actor. If you really need to turn a computer into the equivalent of a toddler's playpen, you can do that, but I would focus on education if possible, because being completely technically illiterate in the modern world means that you WILL get burned sooner or later.
Click to expand...

Well you can push most things to spam folders for people, you can scan their email for them properly via a well setup Linux mail server. Still if people want to do stupid things it is hard to protect them true.
 
You must log in or register to reply here.
Back
Top