Here is a guide for anything IT security. I bet you don’t want a ransomware or a trojan access your data. If that’s the case here is a list of general precautions that needs to be taken :
- Never ever use closed source software. If you can’t try to decompile it to check it. For example Windows is just like saying “hack me”. If you need to use several antivirus software. I advise for Avast, MalwareBytes, and RansomFree and Glasswire for firewall.
- Keep all software up to date, always and the faster the better.
- Your data is precious : do regular backups on several places. Also use encryption for it, especially for sensitive data. I advise for some VeraCrypt hidden partitions and MasterPassword for your passwords.
If you own a server or manage IT in a professional environent :
- Check new vulnerabilities as often as possible.
- Check your firewalls. Use a DMZ and an IDS (snort). Also use fail2ban or something equivalent. Don’t hesitate to have several firewalls.
- Check ARP tables on your local network. Make sure they are static as well as the DHCP. Put a network monitor that reports any new MAC or IP.
- Put USB detection on your servers. No one should plug an USB device in there.
- If you manage a website use sslabs to check encryption. Also check your input for any possible XSS or SQL injections.
- If you manage a mail server, triple check your configuration to protect you users and fight spam and malicious mails. Also use the following :TLS v1.3, SPF, DKIM and DMARK.