BASIC WINDOWS SYSTEM SECURITY OR ENDPOINT SECURITY
Today we are discussing System Security or Endpoint Security
It’s every IT Professional to secure your data With Multi-Layer Protection, We will talk about Windows Systems in here. Your Basic Windows Systems have Multilayer Protection to protect your data.
We will discuss how to secure your Windows Systems in Four Different Methods.
- Bios Password
- Login Password
- SysKey Password
- BitLocker Protection
Bios Password helps the user to protect their Devices at the time of Starting. It Protects the Device at the time of Hardware Initialization in the BIOS.
Let’s See how to do
Here I am using Windows 7 Virtual Machine for Practice
When the Operating System starts press the respective key to enter into your Bios Setup. Here its the F2 Key.
Once you get into Bios Setup. You will get this Window
Get into Security Tab then Set up the password for “Set Supervisor Password”
Set the Supervisor Password
Saved the changes you made
Enable the Password on Boot Option
Save all the Configuration and Exit the setup by pressing F10
Whenever you Restart the Machine, You will be asked to Enter the BIOS Password you set up in the previous Steps. This is your Very First Step of Protection.
SYSKEY PROTECTION :
Syskey Protection method of storing the SAM key in a removable Disk. To start your Particular Machine, you need this particular SAM key to log into your Computer.
Am using a Removable USB in here for the Practice.
Open RUN and type syskey and hit Enter.
Click on Yes
In the Securing the Windows Account Database Window Click on Update.
In the Startup, Key window Choose the option Store Startup Key on Floppy Disk. Don’t Click on Ok.
Open Disk Management. then choose your Removable Device and right-click on it and Choose the option Change Drive Letter and Paths.
Change the Drive label to “A”. Because the SYSKEY can be mounted only in Floppy Disk that Carries Label A.
You can assign the Label in the Change Drive Letter or path Window
Click on ok now in the Startup Key Window. Then click on ok in all upcoming popups.
Whenever you log in will prompt you to enter the Drive with that Syskey stored otherwise it will not let you inside your Computer. If you lost it you need to change your OS.
I Plugged in my Pendrive then clicked OK. Then I was able to log in properly
NOTE : SYSKEY is no longer supported in Latest Windows Operating Systems.
LOGIN PASSWORD SECURITY:
This is our usual Password Security that we all know to secure our Computer set up your password by opening your user accounts.
Click on Create a password for your account.
Set up a new password and confirm it again in the next field then create a password.
Click on Create Password
This is our Fourth Way of Security for your Device Drives at Rest.
Bitlocker Utility is only for Windows Operating Systems Professional, Ultimate, and Education Versions. It's not available in Home Versions.
Open Bitlocker by searching it from the Start Button.
Click on Turn on Bitlocker Option
If it shows you this error you need to Enable TPM in your Group Policy Editor.
Open Run and type gpedit.msc and hit enter
In the local group policy.
Get into windows Components and Bitlocker drive encryption
Choose Operating System Drives
Choose Require Additional authentication at startup option in the right panel.
Choose the Radio Button Enabled and ensure it is allowing TPM in the Bottom window.
Click on apply and ok
Now you will be able to turn on Bitlocker.
Click Next to prepare your drive for Bilocker
Create a password for your Bitlocker
Save your Recovery in the Unencrypted drive to use it in case if you forgot your bitlocker password.
Choose the USB Flash drive and click on Save.
Click save to save your Recovery Key.
Choose encrypt option and click next
Your Encryption will get started after this. In my case, it is starting after I restart my machine.
So, these are all the above methods on how to secure your windows End Point in an Efficient Way.
Hope you gained some quality content today.
See you again in another Blog