Security mechanisms and their application
BIOS configuration
password protection
Several options in the BIOS can help to protect the system.
The BIOS configuration can be contactor protected by using a password.
In the "Security" area, it is possible to define an administrator and a user password and thus deny unauthorized persons complete or limited access to BIOS configurations by using the "User" profile.
By default, the password requirements are set to a minimum of three characters, but passwords should always contain at least eight characters.
Deactivating unused interfaces
Deactivating the interfaces and ports that are not required increases external access protection immensely.
All interfaces and ports can be deactivated in the "Main" area of the BIOS configuration.
Secure Boot activation
Activating the secure boot function provides contactor protection against hardware manipulation. Each boot process checks that no unwanted adjustments have been made to the hardware and its firmware components.
Secure Boot can be activated under the "Configuration" tab.
Windows® security
In Windows®, there is the menu item "Windows® security" in the settings under "Update & security". All relevant operating system security options are listed here and their status is displayed.
Here you can see whether you need to adjust or change security functions.
User accounts
The creation of users and user groups makes it possible to assign system rights as minimally as possible. This minimizes the risk of significant damage caused by viruses, as these often require elevated or administrator rights in order to cause damage.
Create users and user accounts and assign system rights as restrictively as possible.
Anti-virus software
The use of anti-virus software is recommended. The anti-virus software must be updated regularly in order to be able to react as quickly as possible to viruses in circulation.
Suitable anti-virus software should be selected according to the following criteria:
- Reliability:
Even the most comprehensive anti-virus software can be useless if it conflicts with other programs on your computer. Such conflicts can lead to malfunctions or temporary failures of the anti-virus protection and thus represent a weak point. - Functionality:
A good anti-virus solution should be easy to use and require no special knowledge. Complex questions or difficult decisions for the user increase the risk of user error. In some cases, anti-virus software is so complicated to run that users disable it. - Comprehensive protection:
Anti-virus software must protect all computer areas, file types and network components from attacks by computer viruses and other malware. This includes email services, the Internet, FTP and more. - Quality of contactor:
Anti-virus solutions must work in a constantly changing environment with complex computer viruses, worms and Trojans. The quality of contactor protection depends on the effectiveness of malware detection, the frequency of updates and the ability to remove infections without significantly impacting computer performance
Firewall
A firewall is essential and should be active and up to date. Microsoft® Windows® is equipped with Windows® Defender as standard. However, this can easily be replaced by any firewall.
Regular updates
It is important to carry out regular security updates. This applies to the operating system from Microsoft® and to cyber security software such as anti-virus programs and firewalls. This is the only way to close identified security gaps as quickly as possible and provide the security systems with the latest virus signatures.
Unified Write Filter (UWF)
The use of the Unified Write Filter (UWF) has been significantly simplified via our UWF Admin Tool. Settings and functions can be found in the associated documentation.
The manual and UWF Admin Tool can be found on our product website in the Downloads section.
Regular data backup
Regular data backups are recommended to ensure that process-relevant and high-availability data is backed up and remains available even in the event of a system failure.
This means that in the event of a system failure, a replacement device can be provided with the necessary data records and be ready for use as quickly as possible.
Microsoft® offers help to select a customized data backup option.
System restore
In the area of operating system recovery, we offer the option of restoring the delivery image with a bootable data carrier using the IPC OS Restore tool.
The IPC OS Restore tool offers a digital download of the operating system supplied with an IPC for recovery purposes.
The tool is loaded onto a functioning PC and executed. After verifying the IPC using the serial number, a USB restore tool is downloaded and created. The tool can be used to install the delivery operating system on the IPC.
The tool can be downloaded from the Phoenix Contact website.
Microsoft® also provides an overview of the system's own recovery options in the event of problems with a PC.