All unnecessary user accounts should be removed or disabled. This includes any guest accounts that the business have created and any old accounts the business still has on the system. This can be from staff that have left or fired.
All default passwords should be changed immediately by the owner of the account and should follow these guidelines:
- The longer the password the better, a password of 12 characters or more is suggested.
- Avoid using memorable words, these will include names, places and any words that can be found in the dictionary.
- Make the password a mix of lower case, upper case, digits and special characters.
- Do not use the same password for everything, have a different password every time.
All these tips and more can be found on our guide to creating a safe password here.
All unnecessary software that has been installed or came with the computers should be removed. This includes application, system utilities and network services.
All computers should have the ‘auto-run’ functionality disabled to stop any malicious programs running without the consent of the user.