PC Security Best Practices


By Jonathan Giglio

Protecting company data residing on insecure personal computers is one of the most challenging tasks facing IT security groups today. Software and firewalls, along with highly trained network administrators make the datacenter one of the safest places to keep corporate data. When that information is downloaded to a local PC or laptop and taken offsite, the potential for a security breach increases exponentially. In order to mitigate these risks without interfering in the usability of the computer, several steps can be taken to decrease the likelihood of a data loss or breach.

The first step to a secure personal computer is to increase the complexity of a user’s password. Not only should passwords be forced to contain letters and numbers, but using mixed case, symbols (#, !, $…) and disallowing repeating patterns make passwords much more difficult to crack. The passwords should be at least 8 characters long and set to expire every 30 to 45 days. In a Windows Active Directory environment, using Group Policy is an easy and effective means of providing security. Additional measures can be taken to force computers to automatically lock themselves with a screen saver after 10 minutes and should be strictly enforced without allowicng users to override these settings.

While password security can prevent the most casual hacker, securing data when a device is lost or stolen becomes more complicated. If users have mobile devices such as cell phones or iPads with access to corporate email systems, it is crucial the organization has a method to perform a “remote wipe” of such devices. For laptops, IT organizations should focus on the encrypting the entire disk in case a device is lost or stolen. Hard drive security is so critical Microsoft has incorporated BitLocker encryption technology in certain versions of Windows 7 in order to provide another layer of protection for company data.

The most advanced organizations are taking the data off of the laptop and securing it in the data center with remote access technologies. Virtual Desktop Infrastructure or VDI allows users to have access to their computers from any device without putting corporate data at risk of theft or loss. Keeping corporate data on servers with remote access capabilities offers two distinct advantages: the data is locked away in a highly secured environment and users have the ability to access work information from virtually anywhere. Many companies have taken this technology a step further and allow personnel to purchase their own computers while providing reimbursement and simple corporate guidelines on which equipment to buy. The time to deploy new desktops is reduced significantly and the potential for unauthorized access is considerably reduced.

In the end, PC security is fundamental to the enterprise. As data grows and becomes more valuable, it becomes increasingly important to mitigate the risk of theft or loss. Simple steps in changing password policies combined with sophisticated encryption and remote access technologies give IT organizations the tools they need to protect PCs just as securely as they would protect their data center. PC security should always be factored into IT projects and form the foundation of IT solutions delivery.

For further information on PC security, please contact Jonathan Giglio.

Interested in receiving more timely articles like this one with topics that are relevant to your businessClick here to sign up for our weekly newsletters. 



Schneider Downs provides accountingtax, wealth management, technology and business advisory services through innovative thought leaders who deliver the expertise to meet the individual needs of each client. Our offices are located in Pittsburgh, PA and Columbus, OH. 

This advice is not intended or written to be used for, and it cannot be used for, the purpose of avoiding any federal tax penalties that may be imposed, or for promoting, marketing or recommending to another person, any tax-related matter.


You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2019 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.