Bhaelros19 karma2021-06-30 15:30:12 UTC
How can an end-user or consumer can protect him/herself? There are too many security products, like Bitdefender, Kaspersky, Sophos, etc, and one can check received emails or the sites which he/she can visit, but even sometimes that is not enough. Years ago, on a Windows 2012 server I saw a hacker running his apps as a built-in service user from remote desktop services. No AV found that malicious at that time.
So, what can we do? Which software / hardware shall we use? How can we protect ourselves?
I am aware nothing is %100 bulletproof but we have to start from somewhere.
View HistoryShare Link
Bhaelros2 karma2021-06-30 15:47:02 UTC
For the moment I have Bitwarden and 1Password as password managers, using MFA and Yubikey wherever I can. I have Kaspersky Endpoint Security Plus at home (yes, I bought business edition for home use), bought my own domain, and migrated it to M365, with Kaspersky scanning my emails, Teams, Onedrive and Sharepoint. I encrypted all of my drives with Bitlocker, and applied MS security baselines to all of my devices.
Even though I thought I had enough protection, just a simple test script from GitHub proved most of my security software is useless.
For my company network I have Symantec Endpoint Security, Symantec WSS, Qualys Cloud Security, Intune with Azure IP, and even with those there are few ways to extract data. For example, I found out they didn't block Adobe Cloud services and I managed to take several files for testing, and a week later they blocked the service, but still if I had malicious intentions, I could have extracted confidential information.
Copyright © 2014 BestofAMA.com, All rights reserved.
reddit has not approved or endorsed BestofAMA, reddit design elements are trademarks of reddit inc.