[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Securing home network and PC

Posted on 2011-03-24
Medium Priority
Last Modified: 2012-05-11
I have a client who wants maxium protection on their PC. I believe they are being harrassed and, while wanting to be able use the internet, want to ensure they have everything to protect them and their private data from persons that might actively be trying to obtain data of any kind from them.
I have been asked to review their setup and make suggestions. While I have a generall overal good idea, I want to be as comprehensive as possible.

I will also look to do things such as encrypt hard drives and other external drives and also use things like BIOS passwords.

I believe the user would also liek to explore email encryption.
But any general pointers and soures of advice would be most welcome
Question by:afflik1923
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4

Expert Comment

ID: 35208984
with someone that wants that level of protection the basics are:

1. a router with firewall that supports stateful packet inspection.
2. strong passwords for login.
3. a whole disk encryption software such as PGP or open source programs.
3. external drives should be setup so that they can be recovered offline (usually an option for whole disk encrption software) where the private key is either stored on a USB key or the company's website.

clean computing will be the largest area of concern however. locking down your PC does nothing if you are still posting everything about yourself on public websites (twitter/facebook/myspace etc) make sure that the computer user is educated about how to limit what they post so that it cannot be used against them.

Author Comment

ID: 35209132
ANother area I need to explore actually, is what meaures can one take to prevent people opening up social media sites in somoene elses name.

So lets say I'm doing exactly what you suggest, don't post things on twitter etc. but someone else opens up a twitter account under my name.
I asume there is nothing one can do to prevent this other then report it if it occurs, but i there anything one can do to protect against this?

Expert Comment

ID: 35209199
Public Information security:
Use piple, wink, jookster, and ziggs in combination with some good old fashion googling to identify any online presense that may need to be removed.
Use social mentions API to track any web 2.0 any social networking sites that mention your client.
Use tineye to reverse search any photos your client has uploaded to the net, if anyone else has these same images hosted on the net, tineye will tell you where.

PC Security:
Disk encryption, there are many products, they range in complexity, bitlocker would probably be the easiest to implement.
Local firewall, windows firewall properly confirgued should be adaquet, you'll be using a stronger network firewall.
And of course patching, patching, patching.

Mobile devices:
Disable BT
Utilize a device that supports remote wipes and multiple incorrect login wipes.
Wipe exif data off .jpg files if your device adds GPS location to it.

Wifi: Discuss the risks and benifits with your client. If they do need wifi, set it up securely, there are many guides for this available online.
Either use a router with a decent firewall, or use a hardware firewall. Again, these range in price and complexity, use your best judgement.

Need more information. Are you setting them up from scratch? If they already have a email system in place, what does it currently look like?
Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?


Expert Comment

ID: 35209235
afflik1923: I addressed this under the "Public Information" section of my post. The Social mention API can let you know if this happens, then your client can take immediate legal action to get twitter, facebook, etc to remove the information.

Author Comment

ID: 35214220
OK good post Lordy, very useful summary of information. Looking into the public secion tools you mention now.

Author Comment

ID: 35214283
Actually do you have any links to the websites such as

http://www.jookster.com/ (seems to be down and read that it's now dead)
or for wink (bit hard to google that one)

http://pipl.com/ - assume this is the one you mean

Also regaring the public section of your posting bascialy you are saying for the client himself (or maybe me on his behalf) to generally monitor social media etc, for any occurance coming up where his name is mentioned and then if it does occur report it.


Author Comment

ID: 35214392
Also do you know if any of these tools offer the facility to alert you if someone has searched for you?

Another point is some of them seems to be US geared, if you know of any speific UK informtation that is always welcome. But so far this has been very useful.

Accepted Solution

Lordy123 earned 2000 total points
ID: 35215299
Sorry, Awhile back I was tasked with something similiar, a small client wanted me to help them control their online image, everything in that post was kind of off the top of my head. It appears that jookster is dead. I would say for people searches the following three sites, along with google, should give you the information you need.


I have never used 192.com, but it appears to be reputable and is geared only towards the UK, check it out.

The reverse image search is http://www.tineye.com/ 

The social mention link is: http://socialmention.com/
In regards to monitoring question, you can set keywords and names, and get weekly email alerts when someone used your clients name on a blog, twitter, etc.

If you use all these tools, in combination with google, you can have a much better control of your clients online presense.

Author Comment

ID: 35215751
Great suff. Very much appreciated.

Expert Comment

ID: 35324139
afflik1923: Would you mind accepting my solution and assigning a grade?


Author Closing Comment

ID: 35324826
Sorry for delay. Was still continuing research in this overall area and open question helped keep it in my radar of tasks (but I really should use a todo list instead!)

Many thanks

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
It’s time for spooky stories and consuming way too much sugar, including the many treats we’ve whipped for you in the world of tech. Check it out!
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question