Protecting Your Computer
Enabling a device login password or PIN, and an inactivity timeout to force (re)login with that password or PIN after the device is idle for a defined period, is generally considered:
Essential for any computer.
Enabling encryption of all data on a desktop or laptop computer is generally considered:
Essential for any computer. Only data on computers that are guaranteed to contain no sensitive information, or where the physical and technical security of the device is assured, can safely be left unencrypted
Secure communications, like those provided by "encrypted" web connections using https or a virtual private network (VPN), are:
Generally considered essential
Secure disposal of a desktop or laptop computer at the end of its service life is:
Generally considered essential for all computing and storage devices. One should not assume there is no sensitive personal or organizational data on a device or accessible by it
Supplemental security software (such as anti-virus [anti-malware]) is:
Generally considered essential for all desktops and laptops
Software on a desktop or laptop computer should be:
Installed or updated only from trusted sources to be certain that it is a legitimate version.
Devices used purely for storage, like USB flash drives and external hard drives
May expose large amounts of data if compromised, so should also use protections like access passwords or PINs, and whole-device data encryption
Physical security for fixed location (desktop) computers is
Necessary to consider, because physical security is always something that must be evaluated. Very few locations are guaranteed to be secure.
Desktop computers are often provided in the workplace by organizations, and laptops may be as well. However, portable devices (such as tablets and smartphones) may more commonly be allowed on a BYOD basis. For a BYOD (personally-owned) device:
Organizations may have requirements about how BYOD devices may be configured or used, as a condition of accessing the organization's information resources.
When choosing the security measures needed for a desktop or laptop computer:
The more security measures applied, the more secure a computer will be. However, it is impossible to have a uniform set of rules for all circumstances.