Categories
Interior

How to secure and manage a relative’s computer

Working from home opens you up to all sorts of security risks you don’t face in the office. When the IT staff isn’t right down the hall, these simple tips will help protect your company’s data, as well as your own.

How to secure and manage a relative’s computer

When you step into your office or cubicle and sit down to work at a company-owned computer, you shouldn’t have to worry much about security. That’s what the IT department is for, right? But these days things are not so simple. If you’re one of the vast number of people who’ve suddenly found themselves working from home, you’re responsible for doing so securely.

Don’t worry. There are plenty of things you can do to upgrade your work-from-home security, and many are simple to implement. Follow the tips below to make sure that you’re not the one who accidentally exposes all the HR records or leaks secret company plans to a competitor.

Secure Your Computer

If you’re new to working from home, chances are good you simply promoted your existing personal computer to be a work computer. For work, though, you need to take security seriously. Maybe you thought, “I’ve got nothing a hacker would want,” and hence skipped antivirus protection? That won’t fly with your boss, so get AV protection right away. If you already have an antivirus, check that it’s fully enabled and up to date.

Speaking of keeping things up to date, now is a good time to double-check that you’ve got your computer set to automatically receive all security updates, especially Windows updates. Each time Microsoft comes out with a patch, the patched vulnerability becomes public knowledge. Malware coders jump in, hoping to exploit the security hole before the update disables it.

Some folks are lucky enough to have a dedicated home office, but for most, work happens wherever you can clear a space. When you leave your computer to fix a snack or take a break, always hit the Windows+L key combination to lock it. Sure, you trust your family, but kids (and their friends) can be curious, or mischievous. On a modern Mac, Command+Control+Q does the job. Laptop? Just close the lid!

Speaking of locking the computer, you do lock your account with a password, right? Maybe you thought there’s no need for a strong password when the computer just served to let you check email and watch cat videos, but when it has “work stuff” on it, that changes. Set up a reasonably strong password now. If your device supports Windows Hello, macOS Touch ID or some other type of biometric login, use that. More on passwords below!

Secure Your Network

You may not care if a neighbor mooches off your home Wi-Fi network, but letting strangers into a network that contains your company’s work product is another story. If you’re still using the default login credentials, for shame! Lists of defaults for popular routers abound on the internet. It’s time to change your Wi-Fi password. Hey, it can even be fun, since you can name it anything you want. How about “FBI Mobile Unit #237”?

Many offices require long-term remote workers to connect to the company network using a corporate virtual private network, or VPN. This makes the remote PC part of the corporate network, and gives it access to resources that are only available in-network. It also effectively takes that remote PC out of its own local network, meaning local resources like network printers won’t be available, but that’s the price you pay.

Remember, too, that when you’re using the corporate VPN, all your internet traffic goes through your employer’s servers. You’d be wise to refrain from surfing for porn or any other sketchy online activities when you’re on the company’s VPN.

At present, many workers have been tossed willy-nilly into the work-from-home world by companies that don’t have anything like a corporate VPN. You can still protect your internet traffic, both work and personal, by engaging the services of a third-party VPN. We’ve identified the best VPNs, so you can choose one that fits your budget.

If your work is seriously sensitive, you might consider splitting your home network. Keep your work computers and related devices on the main network, but connect the family’s phones and tablets, Internet of Things devices, and other personal devices to the Guest network. Configuring your router to enable the Guest network should be fairly easy.

Secure Your Communications

Email is intrinsically insecure, but when a company’s workers all connect using the same internal network, the IT department can impose a degree of protection that’s not otherwise possible. You may have seen emails with a warning at the bottom, “This message came from an external source. Be wary.” As noted, if you must log into a corporate VPN to get your email, that protection remains. But for most of us, email from home office to work is more exposed.

Unfortunately, there’s not much you can do to fix that problem. For your personal email, you can choose to add an email encryption service, but at the business level, email encryption must come from the top. If you’re thrown into a situation requiring you to communicate sensitive corporate data via email, consider sending a request for management to implement encryption.

In the office, you might walk over to a colleague’s desk with a quick question. The work-from-home equivalent is probably a text message using your personal phone. However, basic SMS text messages have no real protection against interception or interference. You can patch that security hole by getting together with your colleagues and agreeing on a free secure messaging app to use in place of texting. Better yet, make use of any secure business messaging app that your company provides.

As for those video meetings that have almost universally replaced face-to-face meetings, those aren’t necessarily secure. If you’re the organizer, ensuring the meeting is protected against snooping or zoom-bombingis your responsibility. Do your research, and take advantage of all available security options in the video conferencing solution that you choose.

If you’re the designated ‘tech person’ in your family or friend group, here’s how to access a computer from afar, Mac or PC, to see what’s going on.

How to secure and manage a relative’s computer

Being tech-savvy is a gift and a curse. When you know how to fix computers, you become “the computer person” for everyone you know.

If you’re using the same platform as the person you’re helping—both on Windows or both on macOS—helping people with their tech troubles from far away is very simple, and you won’t need to install any extra software. Helping someone on a different platform gets a bit trickier, but we’ll give you the right tools for the job. Let’s find out how.

Windows to Windows

Windows has two remote assistance tools built in to the operating system: Quick Assist, which is new in Windows 10, and Windows Remote Assistance, which is available on Windows 7, 8, and 10.

If both you and your friend are using Windows 10, you’ll want to use Quick Assist—as its name suggests, it’s quicker and easier than its older cousin. Open the Start menu and search for “Quick Assist,” or launch the app from the “Windows Accessories” folder in the Start menu.

Security Code

Quick Assist

If you aren’t on the phone with your friend already, give them a call—walking them through the process is much easier over the phone than email. Once you’ve got them on the line, tell them to launch Quick Assist, choose “Get Assistance,” and give them the six-digit code from your screen.

After entering the code, they’ll be prompted to give you permission to access their screen. Once they do, you’ll be able to use their computer as if you were sitting in front of it. You can even use the “Remote Reboot” option to reboot their computer and automatically re-initiate the Quick Assist connection. (After all, half of computer problems are fixed by turning it off and on again.)

Windows Remote Assistance

If your friend is still using Windows 7 or 8, you’ll need to use the older Remote Assistance tool—it’s similar, but a bit clunkier. They’ll need to head to the Control Panel and search for “Invite Someone to Connect to Your PC.” They’ll be able to send you a file over email that initiates the connection, then tell you the password that appears (preferably over the phone) so you can access their machine.

They may also be able to select “Easy Connect,” which only requires them giving you a password, but it might be grayed out in certain circumstances.

Mac to Mac

Mac users can provide remote help using the Messages app. This feature launched in OS X 10.10 Mavericks, so anyone with a relatively recent, up-to-date Mac should be able to take advantage. You’ll both need to be signed in to Messages with your Apple ID as well.

Open the Messages app on your Mac and select the conversation with the friend you want to help—if it doesn’t exist, you can start a new conversation. Right-click on the conversation and choose “Ask to Share Screen.”

Accept

They’ll receive a popup asking permission to share their screen with you. Make sure they have the “Control My Screen” option selected and click Accept. From there, you can control their computer and walk them through whatever problem they’re having.

Between Windows and Mac

Unfortunately, neither Windows nor macOS’ built-in options let you share screens with someone from the opposite platform. So you’ll need to find something else.

Plenty of video chat apps, including Skype, Google Hangouts, and others let participants share their screen with the click of a button. They don’t, however, let you control the other person’s screen—only view it. In many cases, this may be fine, since you can just tell your friend what to click on as you walk them through the troubleshooting process.

Chrome Remote Desktop

If you absolutely need to control someone else’s screen, your best bet is Chrome Remote Desktop, which doesn’t come with the security issues that remote access tools like TeamViewer have had in the past few years.

To use Chrome Remote Desktop, you’ll both need to launch Google Chrome and install the Chrome app from this page. Then, you can launch Chrome Remote Desktop like any other app by searching for it in your Start menu (on Windows) or Spotlight (on a Mac). Tell your friend to do the same.

Get Started

Access Code

They’ll be given a 12-digit access code to give to you, which you’ll type on your screen before clicking “Connect.” Your friend will then need to grant you permission. After that, you’ll be able to control their computer and help them solve their problem.

If this process seems a bit more convoluted, it’s because it is—but unfortunately, that’s par for the course when you have to install another piece of software (especially one that requires Chrome). But in our experience, it’s the best option, especially once you get through those first few steps. Future remote sessions should be much easier to initiate.

With the world of digital information exploding in popularity in every part of the world, new jobs are created every day in the field to keep up with consumer demand. There are many important careers relating to cyber and network security, with room to move into positions that are more advanced or even management.

In this field, your main job will be to make sure that the network used for the transfer of digital information is secure from external threats. Your studies will include cyber law, computer database administration, computer programming and logic, and basic management principles.

Let’s take a look now at some of the ways you can keep your network security intact and protected against outside threats:

1. Use Encrypted Wireless Network Points

It has often been found that even large businesses forget to keep their networks protected against external attacks that can steal information relating to the network’s traffic and cause other types of damage to the system. Using an encrypted network will help ensure that the information on your network is protected so that not just anyone can hack in and create havoc. Having an encrypted network adds that extra layer of security that can make all the difference to a system’s security.

2. Track Users and Devices

Make sure to install a system of monitor devices and alerts that can warn you if a device is being used without permission. You will also need to find a way to identify which ports are plugged into which types of devices within the network. Many guides are available for keeping track of network hosts. Many of the newest guides are fully automated. They only need to be configured and switched on once to provide warning in case an unknown device is plugged into the system.

3. Keep Strong Passwords

Another seemingly tiny mistake that many seasoned professionals make is using a simple password that can be easily guessed. A strong password can do a lot to keep a system secure. There are certain types of software that hackers often make use of which have the ability to input multiple configurations of a word within seconds, so using a simple password relating to your memory will provide an advantage to the hackers. Avoid using words that can be found in a dictionary. Try to add in numbers and symbols to keep the password sufficiently complex. It is also a good practice to change the password every 60 to 90 days, and of course, avoid mentioning the password in public spaces where you can be overheard.

What is Cyber and Network Security | ECPI University

What is Cyber and Network Security | ECPI University

How to secure and manage a relative’s computer

4. Maintain an Inventory

It is important to keep an inventory of all the devices that are currently being used by the network. The list will come in handy for quickly checking to see if a particular detected device is a legitimate part of the system or placed there by an outsider. Also, go through the list to check which of the devices carry software carrying weak security configurations which need to have their security features strengthened.

5. Perform Security Testing

It is always a good practice to hold a regular testing of your network system to keep an eye on weak spots, which need the attention of security experts. Carrying out this practice regularly will serve to act as a precautionary measure against potential problems instead of reacting after an attack has already occurred and succeed. Create a list of problems that the network system has had in the past and ensure that the problem does not occur again.

6. Avoid Using Unknown Software

The internet is full of free, open software that can be downloaded in minutes. It can be tempting to download such software, but remember that it is very easy to add malware, which can wreak havoc on your computer as well as the entire network. If you feel your system needs some new form of software for your job, consult your company’s IT department. They will most likely be able to make suggestions as to the best software to use that can be downloaded reliably.

In general, it is a good practice to hold regular meetings. Update and inform the employees about the latest types of malware attacks and suspicious software available on the internet that they need to be wary of. There are many types of antivirus software also available that automatically warn you if the site you plan to download software from is untrustworthy and poses a threat.

How to secure and manage a relative’s computer

It could be the Best Decision You Ever Make!

In the age of the internet is all pervasive and data flowing freely between organizations and individuals, Hardware, Software, and Data Security have become a pressing need for all growing organizations. To get things started for your company has listed an approach to Security that can be implemented on various levels at IT Company.

Hardware Security

a. CCTV Cameras

The most obvious time-tested option here would be to employ CCTV cameras in all areas of the office where devices with proprietary data are located. The IT companies will have to install compact ceiling-mounted cameras which are inconspicuous which should cover all active areas of the office. The only limitation to this is the initial investment and the continuing investment in security staff to monitor live video feed.

The cameras can be fitted with motion sensors in regions of low activity to save on power and monitoring needs. (Howell, 2016)

b. High-Precision Motion Sensors Coupled with Night Vision Cameras

c. High Impact Low Investment Visible Deterrents

d. Invisible Tagging

e. Multi-layered Hardware Protection

An office environment can have zones of varying vulnerability to theft and intentional damage to data. In this case, it is best to employ a variation of all the methods specified above to ensure maximum safety. The CCTV can be employed throughout the office campus since its working mechanism is pretty straightforward. In places where security is completely beyond compromise, with the fate of the company hanging on the said physical storage of data, Motion sensors coupled with night vision cameras and steel doors can be employed for security.

While inside the office working environment where it is tough to oversee every single interaction in terms of hardware exchange, you can use visible deterrents such as Immobilize RFID tags to fend off low-level threats to theft.

For the more persistent thieves, you can combine visible deterrents with invisible tags to see that the thefts can be tracked down and brought to light! (Howell, 2016)

Software Security

a. Thou shalt not fail to Update and Upgrade! , finding and fixing bugs

This is the holiest of all Software Security Commandments! Since the software of an IT organization is the backbone of their electronic resources, the company will need to see to it that it is being on top of any updates or patches of the software tool that it is using, and will install it instantly. The company’s business depends on it. Not only do software upgrades increase the speed of your business, they see to it that any holes in software security aren’t exposed to interested parties, whoever they may be.

Large companies see to it that their IT admin teams take over this aspect of updating and upgrading all software’s even remotely related to the business. They work on the off-shift timings to install updates and clear system bugs and see to it that the core software’s run smoothly.

Smaller companies may not have the resources to hire large admin teams to see the regular updates are done on time. As an alternative, scanner software can be installed which checks for updates and inform the employees so that they can install the software patches themselves.
(MacGraw, 2011)

b. Install paid Antivirus software’s

c. Add Company Specific Firewalls

No matter how small a company’s IT admin team is, it can always ask the team to develop and add custom firewalls (Software restrictions) to see that your core company software is being used the way it is supposed to. If this step is done right, it will prevent unauthorized logins, usage, and streamline the usage of software resources in your IT Company. For example, if someone is hogging internet bandwidth by using domestic applications while a critical business deliverable upload is going on, the IT admin can script specific application-specific firewall to see business data uploads are not hindered. (MacGraw, 2011)

Securing Sensitive Data

a. Decide Which Data is Important

b. Manage Passwords and user account with different access control effectively

c. Train the Employees on Data Security

d. Encryption

Encryption is the act of scrambling and coding data beyond its conventional use to make it meaningless to an outsider without the encryption passkeys. Services such as True Crypt help you encrypt an entire Hard Drive or even a USB drive to make sure a company uses only encrypted data which only it has access to.

SSL encryption or Socket Service Level Encryption for Webpages is a novel way of making sure your online content isn’t being hacked an external entity.

Before you start deciding on encryption first weigh the advantages and the cost side by side so that the organization doesn’t lose more than it gains, as a business. (Data security handbook, 2008)

e. Antivirus Software’s

f. Network traffic monitoring

The guidelines specified here are hugely comprehensive and highly contingent upon the size and resources of the organization. Each method stated here has to be chosen after weighing the pros and cons according to the resources available in the organization against the Security need and the investment that can be made for the same. For example, if the organization in question is an MNC it can encrypt large amounts of data without thinking twice about implementation cost. In small organizations, data encryption and even and software upgrades have to think upon, planned and executed based on the availability of funds.

But since this is a holistic guide to organizational security even slivers of the said guidelines can be taken out of selective context to design effective levels of security for the said organization in Hardware, Software, and Sensitive Data. And organizations irrespective of size and access to funds can refer to the said suggestions to optimize existing security infrastructure and reap a higher bottom line.

Data security handbook. (2008). Chicago, Ill.: ABA Section of Antitrust Law.

Howell, D. (2016). How to protect your business hardware. [online] Techradar. Available at: http://www.in.techradar.com/news/computing/How-to-protect-your-business-hardware/articleshow/44860287.cms [Accessed 6 Sep. 2016].

MacGraw, G. (2011). Software security. Upper Saddle River, NJ: Addison-Wesley.

IN THIS TASK

Summary

This article describes how to use the Computer Management tool in Microsoft Windows XP.

Computer Management is a collection of Windows administrative tools that you can use to manage a local or remote computer. The tools are organized into a single console, which makes it easy to view administrative properties and to gain access to the tools that are necessary to perform your computer-management tasks.

The Computer Management console consists of a window divided into two panes. The left pane contains the console tree; the right pane contains details. When you click an item in the console tree, information about that item is displayed in the details pane. The information that is displayed is specific to the item that you select.

The administrative tools in Computer Management are grouped into the following three categories in the console tree:

Services and Applications

Each category includes several tools or services.

Use the Event Viewer tool to manage and view events that are recorded in the Application, Security, and System logs. You can monitor the logs to track security events and to identify possible software, hardware, and system problems.

Use the Shared Folders tool to view connections and resource in use on the computer. You can create, view, and manage shares, view open files and sessions, and close files and disconnect sessions.

Local Users and Groups

Use the Local Users and Groups tool to create and manage your local user accounts and groups. Local Users and Groups is available only in Windows XP Professional.

Performance Logs and Alerts

Use the Performance Logs and Alerts tool to configure performance logs and alerts to monitor and collect data about your computer’s performance.

Use Device Manager to view the hardware devices installed in your computer, update device drivers, modify hardware settings, and troubleshoot device conflicts.

Use the Removable Storage tool to track your removable storage media and manage the libraries, or data-storage systems, that contain them.

Use the Disk Defragmenter tool to analyze and defragment volumes on your hard disks.

Use the Disk Management tool to perform disk-related tasks such as converting disks or creating and formatting volumes. Disk Management helps you manage your hard disks, and the partitions or volumes that they contain.

Use Services to manage services on local and remote computers. You can start, stop, pause, resume, or disable a service.

Use WMI Control to configure and manage the Windows Management Instrumentation (WMI) service.

Use Indexing Service to manage the Indexing service, and to create and configure additional catalogs to store index information.

NOTE: The actual set of tools and services that is listed in Computer Management depends on the services that are installed on the host computer.

NOTE: You must be logged on as Administrator or as a member of the Administrators group view and modify most properties and perform most computer-management tasks.

To start and use Computer Management on the local computer:

Click Start, and then click Control Panel. Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.

The Computer Management window for the local computer is displayed. “Computer Management (Local)” is displayed at the root of the console tree.

In the console tree, expand System Tools, Storage, or Services and Applications to view the tools and services in each of these containers.

Click the item that you want (for example, Event Viewer) to use the tool, and then view the information that is associated with it.

NOTE: You must be logged on as Administrator or as a member of the Administrators group to view and modify most properties and perform most computer-management tasks.

To connect to and use Computer Management on another computer:

Click Start, and then click Control Panel. Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.

Right-click Computer Management (Local), and then click Connect to another computer.

Click Another Computer, and then type the name of the computer that you want to manage remotely, or click Browse to locate the computer. Click OK and then click OK to return to the Computer Management window. The Computer Management window of the remote computer is displayed. The name of the remote computer is displayed at the root of the console tree.

In the console tree, expand System Tools, Storage, or Services and Applications to view the tools and services in each of these containers.

Click the item that you want (for example, Event Viewer) to use the tool, and then view the information that is associated with it.

To use Computer Management Help or to use the Help files for any of the individual administrative tools that are contained in Computer Management:

Start Computer Management.

Use either of the following steps:

In the console tree, right-click the item that you want (for example, Computer Management or Device Manager), and then click Help.

Click the item in the console tree (for example, Device Manager or Computer Management), and then click Help on the Action menu.

References

For more information about how to use Computer Management, see Computer Management Help. (In the Computer Management window, click Computer Management, and then click Help on the Action menu.)

For more information about how to use any of the administrative tools in Computer Management, see the Help file for the individual item. (In the Computer Management window, click the item in the console tree, and then click Help on the Action menu.

For additional information about how to use Event Viewer, click the article number below to view the article in the Microsoft Knowledge Base:

308427 How To View and Manage Event Logs in Event Viewer

Share this page

  • Facebook
  • Twitter
  • Linked-In

Check out the FTC’s free online security tips and resources, and share with your friends, family, coworkers, and community.

Online Security Tips

Computer Security

Watch this video for tips to help you secure your computer and protect yourself from hackers, scammers, and identity thieves.

How to secure and manage a relative’s computer

Public Wi-Fi Networks

Wi-Fi hotspots — like the ones in coffee shops, airports, and hotels — are convenient, but they often aren’t secure. Use these tips to help protect your personal information.

How to secure and manage a relative’s computer

Common Online Scams

Learn how to recognize common online scams, and check out these tips to help you stay a step ahead of scammers.

For Educators & Parents

Net Cetera Toolkit

Regardless of your experience as a speaker — or your expertise in online safety — this toolkit has the resources and information you need to convey key points about kids’ online safety.

Just for You: Educators

Whether you need a game for a classroom activity, videos to share on social media with parents in your community, or an article to use in your workplace newsletter, you can find it here.

Just for You: Parents

The best way to protect your kids online? Talk to them. Kids rely on their parents for important information – like how to be safe and responsible online. Here are some resources to help you get started.

Videos & Games

These short videos and classic games offer an interactive way to get a step ahead of hackers and scammers. Learn how to protect your devices and personal information, and check out additional videos and games in our media center.

Videos

  • Protect Your Computer from Malware
  • Hijacked Computer: What to Do
  • Hacked Email

Games

These classic games may not work on your mobile device.

Ways to Share

  • Link to, copy, or adapt any of our content. There are no copyright restrictions, so share as much as you’d like!
  • Embed our videos on your blog, site, or social media. You’ll find embed code in our media center.
  • Order free publications to hand out at events or conferences — or just to give out in your community.

Applies to

Can BitLocker deployment be automated in an enterprise environment?

Yes, you can automate the deployment and configuration of BitLocker and the TPM using either WMI or Windows PowerShell scripts. How you choose to implement the scripts depends on your environment. You can also use Manage-bde.exe to locally or remotely configure BitLocker. For more info about writing scripts that use the BitLocker WMI providers, see BitLocker Drive Encryption Provider. For more info about using Windows PowerShell cmdlets with BitLocker Drive Encryption, see BitLocker Cmdlets in Windows PowerShell.

Can BitLocker encrypt more than just the operating system drive?

Is there a noticeable performance impact when BitLocker is enabled on a computer?

Typically, there’s a small performance overhead, often in single-digit percentages, which is relative to the throughput of the storage operations on which it needs to operate.

How long will initial encryption take when BitLocker is turned on?

Although BitLocker encryption occurs in the background while you continue to work, and the system remains usable, encryption times vary depending on the type of drive that is being encrypted, the size of the drive, and the speed of the drive. If you are encrypting large drives, you may want to set encryption to occur during times when you will not be using the drive.

You can also choose whether or not BitLocker should encrypt the entire drive or just the used space on the drive when you turn on BitLocker. On a new hard drive, encrypting just the used spaced can be considerably faster than encrypting the entire drive. When this encryption option is selected, BitLocker automatically encrypts data as it is saved, ensuring that no data is stored unencrypted.

What happens if the computer is turned off during encryption or decryption?

If the computer is turned off or goes into hibernation, the BitLocker encryption and decryption process will resume where it stopped the next time Windows starts. This is true even if the power is suddenly unavailable.

Does BitLocker encrypt and decrypt the entire drive all at once when reading and writing data?

No, BitLocker does not encrypt and decrypt the entire drive when reading and writing data. The encrypted sectors in the BitLocker-protected drive are decrypted only as they are requested from system read operations. Blocks that are written to the drive are encrypted before the system writes them to the physical disk. No unencrypted data is ever stored on a BitLocker-protected drive.

How can I prevent users on a network from storing data on an unencrypted drive?

You can configure Group Policy settings to require that data drives be BitLocker-protected before a BitLocker-protected computer can write data to them. For more info, see BitLocker Group Policy settings. When these policy settings are enabled, the BitLocker-protected operating system will mount any data drives that are not protected by BitLocker as read-only.

What is Used Disk Space Only encryption?

BitLocker in WindowsВ 10 lets users choose to encrypt just their data. Although it’s not the most secure way to encrypt a drive, this option can reduce encryption time by more than 99 percent, depending on how much data that needs to be encrypted. For more information, see Used Disk Space Only encryption.

What system changes would cause the integrity check on my operating system drive to fail?

The following types of system changes can cause an integrity check failure and prevent the TPM from releasing the BitLocker key to decrypt the protected operating system drive:

  • Moving the BitLocker-protected drive into a new computer.
  • Installing a new motherboard with a new TPM.
  • Turning off, disabling, or clearing the TPM.
  • Changing any boot configuration settings.
  • Changing the BIOS, UEFI firmware, master boot record, boot sector, boot manager, option ROM, or other early boot components or boot configuration data.

What causes BitLocker to start into recovery mode when attempting to start the operating system drive?

Because BitLocker is designed to protect your computer from numerous attacks, there are numerous reasons why BitLocker could start in recovery mode. For example:

  • Changing the BIOS boot order to boot another drive in advance of the hard drive.
  • Adding or removing hardware, such as inserting a new card in the computer, including some PCMIA wireless cards.
  • Removing, inserting, or completely depleting the charge on a smart battery on a portable computer.

In BitLocker, recovery consists of decrypting a copy of the volume master key using either a recovery key stored on a USB flash drive or a cryptographic key derived from a recovery password. The TPM is not involved in any recovery scenarios, so recovery is still possible if the TPM fails boot component validation, malfunctions, or is removed.

What can prevent BitLocker from binding to PCR 7?

BitLocker can be prevented from binding to PCR 7 if a non-Windows OS booted prior to Windows, or if Secure Boot is not available to the device, either because it has been disabled or the hardware does not support it.

Can I swap hard disks on the same computer if BitLocker is enabled on the operating system drive?

Yes, you can swap multiple hard disks on the same computer if BitLocker is enabled, but only if the hard disks were BitLocker-protected on the same computer. The BitLocker keys are unique to the TPM and operating system drive. So if you want to prepare a backup operating system or data drive in case a disk fails, make sure that they were matched with the correct TPM. You can also configure different hard drives for different operating systems and then enable BitLocker on each one with different authentication methods (such as one with TPM-only and one with TPM+PIN) without any conflicts.

Can I access my BitLocker-protected drive if I insert the hard disk into a different computer?

Yes, if the drive is a data drive, you can unlock it from the BitLocker Drive Encryption Control Panel item just as you would any other data drive by using a password or smart card. If the data drive was configured for automatic unlock only, you will have to unlock it by using the recovery key. The encrypted hard disk can be unlocked by a data recovery agent (if one was configured) or it can be unlocked by using the recovery key.

Why is “Turn BitLocker on” not available when I right-click a drive?

Some drives cannot be encrypted with BitLocker. Reasons a drive cannot be encrypted include insufficient disk size, an incompatible file system, if the drive is a dynamic disk, or a drive is designated as the system partition. By default, the system drive (or system partition) is hidden from display. However, if it is not created as a hidden drive when the operating system was installed due to a custom installation process, that drive might be displayed but cannot be encrypted.

What type of disk configurations are supported by BitLocker?

Any number of internal, fixed data drives can be protected with BitLocker. On some versions ATA and SATA-based, direct-attached storage devices are also supported.

Be ready. Goldilocks might want to check her email.

By David Nield July 20, 2019

Whether you’re in an open office where colleagues regularly wander past, or live somewhere—like a college dorm—where you may feel comfortable leaving your laptop unattended in the presence of relative strangers, it can be all too easy for someone else to sneak a look at your computer.

If you want to keep your device secure in communal environments, your best bet is to understand how to stop unauthorized access in the first place. Still, there’s some detective work you can do if you suspect someone else has been using your device.

Lock your computer

Since prevention is better than a cure, you ideally want to prevent others from accessing your laptop in the first place. A simple way to do that is to lock your laptop behind a password whenever you step away from it.

On macOS, you can get back to the lock screen at any point by opening the Apple menu and choosing Lock Screen, or hitting the keyboard shortcut Shift+Apple+Q. It’s straightforward on Windows, too. From the Start menu, click the “user” button (the avatar icon), then choose Lock. Alternatively, the Win+L keyboard shortcut works as well.

If you keep leaving your desk in a hurry or you just always forget to lock your computer when you step away from it, set your laptop to lock itself after a certain amount of idle time. On macOS, open the Apple menu and pick System Preferences, then go to Security & Privacy, and General, where you’ll check the Require password box. Here, you’ll also be able to set the idle time duration.

To automatically lock Windows, click the Settings cog on the Start menu, then go to Accounts and Sign-in options to make sure the Require sign-in option is set to When PC wakes up from sleep. To set idle time duration, go to Settings and pick System then Power & sleep.

How long you set this for is up to you—a shorter idle time is better for security and battery life, but also means your computer might lock itself while you’re still in front of it if you haven’t touched the keyboard or mouse for a few minutes. Start with something around five minutes, and adjust it if you feel that time is too short.

Check for recent activity

Let’s say you suspect someone might have been able to access your laptop while it was unlocked, or maybe even knows your password. Your next step should be to check for tell-tale signs of unusual activity inside the most commonly used apps.

Start with your web browser and call up the browsing history to see if someone else has left a trace. From the Chrome menu, go to History, then History again; from the Firefox menu, choose Library, then History; from the Microsoft Edge menu, choose History, then Manage history; and from the Safari menu on macOS, choose History, then Show All History.

Most programs on your computer have some kind of history or recent files list. In Microsoft Word, for example, click File, Open, then Recent. In Adobe Photoshop, you can choose File and Open Recent. Whatever the applications on your system, you should be able to find similar options.

If you’re not sure what program a would-be laptop infiltrator might have used, check the file system—your intruder might have left something behind on the desktop or in your computer’s download folder, but you can dig deeper, too. On macOS, open Finder from the dock, then switch to the Recents tab to see all the files that have been edited lately. There’s a similar screen on Windows too, accessible by opening File Explorer and clicking Quick Access.

How to secure and manage a relative’s computerFinder can show you all the files that have been worked on recently in macOS. David Nield

You’ve got another screen on Windows you can check, too: the timeline. Click the “Task View” icon on the taskbar, just to the right of the Cortana button. Scroll down your timeline to find any files that have been opened, websites that have been viewed, and Cortana commands that have been run.

If you want to dig into absolutely everything that’s happened on your laptop recently, you can, though the utilities involved are quite difficult to decipher and you might have to run a few web searches to make sense of the information that’s presented.

On macOS, you can do this in Console—find it by opening Spotlight (Cmd+Space) then typing “console” into the box. This will give you a comprehensive list of everything happening on your computer, but you can narrow down the entries via the Search box. Type “wake up” into the box to see all the times your Mac has woken up from sleep, for example.

Over on Windows, you have Event Viewer—look for it in the taskbar search box. Again, it’ll provide you with a mass of information, presented in mostly technical language. Right-click on System under Windows logs, then choose Power-Troubleshooter from the Event Sources drop-down and click OK. This should present you with a list of all the times your laptop was woken up.

Get some extra help from apps

If you’re serious about catching laptop snoopers in the act, some third-party software might be in order. One of the best we’ve come across is Spytech Realtime-Spy, which works for Windows or macOS through a simple web interface. You can test out a demo version online here.

The program shows you the apps that have been used, the websites that have been visited, and the connections that have been made on your computer. It will even take screenshots for you and record individual key presses. It’s a comprehensive package but it will set you back $80 per year.

Another option is Refog Keylogger, which concentrates mainly on logging keystrokes on your laptop’s keyboard, but which also monitors web usage and takes screenshots. The software costs $19 for Windows or macOS, but there’s a free trial if you want to test it first.

While these programs can alert you to potential snoopers, they can also be used to spy on other people. Of course, we’d strongly advise against doing this. Otherwise, you’re the creep.

In this world of ubiquitous computers and persistent threats from hackers, protecting your computer is a must. The key pathway through which malware attacks the system is the Internet and its popular service, the Web.

There are numerous ways to protect and remove malware from our computers. No one method is enough to ensure your computer is secure. The more layers of defense, the harder for hackers to use your computer.

How to Protect Your Computer?

Check out the 5 steps to protect your computer

  • Install Firewall
  • Install Antivirus Software
  • Install Anti-Spyware Software
  • Use Complex and Secure Passwords
  • Check on the Security Settings of the Browser

Install Firewall

A firewall enacts the role of a security guard. There are of two types of firewalls: a software firewall and hardware firewall. Each serves similar, but different purposes. A firewall is the first step to provide security to the computer. It creates a barrier between the computer and any unauthorized program trying to come in through the Internet. If you are using a system at home, turn on the firewall permanently. It makes you aware if there are any unauthorized efforts to use your system.

Install Antivirus Software:

Antivirus is one other means to protect the computer. It is software that helps to protect the computer from any unauthorized code or software that creates a threat to the system. Unauthorized software includes viruses, keyloggers, trojans etc. This might slow down the processing speed of your computer, delete important files and access personal information. Even if your system is virus free, you must install an antivirus software to prevent the system from further attack of virus.

Antivirus software plays a major role in real time protection, its added advantage of detecting threats helps computer and the information in it to be safe. Some advanced antivirus programs provide automatic updates, this further helps to protect the PC from newly created viruses.

Antivirus for Windows 8 software may include advanced features such as email protection, blocking of pop-ups and identity theft.

Install Anti-Spyware Software:

Spyware is a software program that collects personal information or information about an organization without their approval. This information is redirected to a third party website. Spyware are designed in such a way that they are not easy to be removed. Anti-Spyware software is solely dedicated to combat spyware. Similar to antivirus software, anti-spyware software offers real time protection. It scans all the incoming information and helps in blocking the threat once detected.Comodo Antivirus comes with spyware protection built in.

Use Complex and Secure Passwords:

How to secure and manage a relative’s computerThe first line of defence in maintaining system security is to have strong and complex passwords. Complex passwords are difficult for the hackers to find. Use a password that is at least 8 characters in length and include a combination of numbers, letters that are both upper and lower case and a special character. Hackers use certain tools to break easy passwords in few minutes. One recent study showed that a 6 character password with all lower case letters can be broken in under 6 minutes!

Check on the Security Settings of the Browser:

Browsers have various security and privacy settings that you should review and set to the level you desire. Recent browsers give you ability to tell web sites to not track your movements, increasing your privacy and security.

Keep your PC protected from hackers with Comodo Antivirus. Download for Free

No need to Worry about Website Malware