Desktop Security Fundamentals

Securing a computer is a lifecycle process. From "Passkeys" to automated "MDR" threat hunting.

🛡️ Prevention

🔄 Recovery

👁️ Detection

🏗️ Setup

The foundation. Installing the OS, enabling encryption, and adopting Passkeys (the successor to passwords).

🔧 Maintenance

The routine. Updates, DNS filtering, and audits ensure that new vulnerabilities don't compromise your system.

🤖 EDR / MDR

Endpoint Detection and Response. A super-smart security guard that watches devices. SMEs should use MDR to manage this.

Initial Configuration: The Foundation

💿 OS & Encryption

Start with a clean install (Windows 11/Mac Sequoia).
Enable Full-Disk Encryption (BitLocker/FileVault).
Create a separate Standard User account for daily work.

🔑 Passkeys & Auth

Adopt Passkeys: Use biometrics (FaceID/Fingerprint) instead of passwords where possible.
Password Manager: For older sites, use a manager (Bitwarden/1Password).
MFA: Use an Authenticator App, not SMS.

🛡️ Software Defense

DNS Filtering: Set DNS to Quad9 (9.9.9.9) or NextDNS to block malware links automatically.
Uninstall Bloatware: Remove pre-installed trial software immediately.

☁️ Backup: The "Immutable" Rule

3 Copies of data.

2 Different media types.

1 Copy Immutable/Offline.

*Critical: Ransomware destroys USB/Cloud backups. You need one copy hackers can't delete (Immutable).

Ongoing Maintenance: Staying Secure

🔄 Updates & Patches

Software vulnerabilities are discovered daily. Set OS and Apps to Auto-Update.
Gap: Don't forget to update firmware (BIOS) and drivers.

🕵️ Real-Time Scanning

Practical Tip: Don't rely on "Weekly Full Scans" (they are slow/old school). Ensure Real-Time Protection is ON. Run a "Quick Scan" only if you suspect an issue.

🎓 Human Firewall

Technology fails if the human fails. Beware of AI Phishing: emails that sound professional and mimic your boss perfectly.

📋 Audit & Review

Periodically check logins. Test your backups! A backup you haven't tested restoring is just a hope, not a strategy.

EDR vs MDR (The Practical Choice)

Traditional Antivirus looks for "Files." EDR looks for "Behavior."

⚙️ How EDR Works

1. Detection: Uses AI to spot "Red Flags" (e.g., PowerShell running a script at 3 AM).

2. Response: Automatically isolates the infected laptop (cuts the internet) to save the network.

🚨 The Problem for SMEs

EDR tools (like CrowdStrike) generate thousands of alerts. If you don't have a 24/7 security team, you will ignore them.

The Solution: MDR (Managed Detection & Response).

✅ Why Choose MDR?

You pay a subscription.
A team of experts watches your EDR dashboard for you.
They only call you if there is a real fire to put out.

Context Matters: Individual vs. SME

While the technical basics are the same, the scale and responsibility differ significantly.

Feature	Individual User	SME (Business)
Access Control	Personal Account	Least Privilege (No Admin rights for staff)
Defense Tool	Windows Defender (Free)	MDR (Managed Service)
Network	Home Router	DNS Filtering & Segmentation
Updates	Automatic	Managed (Patch Management Software)
Philosophy	"Be Careful"	Zero-Trust (Verify every request)

Knowledge Check

Test your understanding of desktop security and EDR.