[FAQ] ReHIPS best practices (part 1)

[fixer]

In this series of blogposts I'll try to outline ReHIPS best practices. ReHIPS is a security product. And like any other security product, no matter how perfect it is, it won't automatically make you completely secure and won't let you fly and deflect bullets. It provides you a way to make your PC safe and secure, very safe and really secure. But it's up to you whether to follow this way or not as sometimes to achieve high security a sacrifice of usability has to be made.

1. Keep your Windows updated. It's the first and one of the most important requirements. It's generally a good idea to keep all your software up-to-date, but it's not that important for ReHIPS isolated software. ReHIPS relies on built-in mechanisms and though it can mitigate many threats on its own, having a vulnerable OS is a high risk, so don't forget to update it or setup the autoupdate. It's also a good idea to update non-isolated programs or privileged software like drivers or services.

2. Customize installed initial ReHIPS rules. ReHIPS installs initial rules looking at the list of installed software. And there is no way to be 100% sure that for example it's indeed Chrome listed under Chrome installed item. So it's always best to manually check installed rules. Besides initial rules are intended for an average PC, so if you want to build a tight security, some rules should probably be blocked like telemetry programs. Most rules can be tightened like specifying a limited set of children and blocking or at least alerting about other child processes. Take your time and tighten them, it'll pay off in the end.