Desktop Software Best Security Practices

Summary

This article highlights common security risks associated with desktop software, such as outdated software, malware, misconfiguration, and data breaches, and provides best practices to reduce those risks. Guidance includes using trusted sources, keeping software updated, enforcing strong authentication, encrypting and backing up data, using Drexel‑approved security tools, and reporting suspicious activity.

Body

What is Desktop Software? 

Desktop software refers to programs that are downloaded and stored on your computer's hard drive before you can use them. These programs run on the computing power of your device rather than relying on a remote server. Example: Microsoft Office.

Risks of using Desktop Software

  • Security Vulnerabilities. Outdated software is a major risk. Hackers can exploit known weaknesses (bugs) in unpatched software to gain access to your system, steal data, or install malware. 
  • Malware Installation. Downloading software from untrusted sources can lead to unknowingly installing malicious software like viruses, spyware, or ransomware. These programs can harm your system, steal sensitive information, or even lock you out of your own files.
  • Data Breaches. Desktop software itself might have vulnerabilities that could expose your data in case of a security breach. This is a risk if the software stores sensitive information or interacts with online services.
  • Security Misconfiguration. Incorrectly configured settings, weak OS hardening, and mismanaged permissions can create security gaps.

Best Practices 

  • Vet the software. Before you adopt a desktop software, contact your college IT support or the Drexel IT Help Desk and follow their guidelines to securely configure and deploy the software.
  • Download from trusted sources. Only download software from official developer websites or reputable app stores. Avoid downloading from unknown or untrusted sources. 
  • Be cautious of freeware. While free software can be great, be extra vigilant about its source and what kind of data it might collect.
  • Use antivirus and malware protection. Identify and block malicious software. Ensure your machine is running Drexel's provided/approved AV solution.
  • Keep software updated. Always install the latest updates for your operating system and all your desktop software. This ensures you have the latest security patches and bug fixes.  
  • Enable strong authentication. Change default passwords and audit user accounts with administrative privileges on a periodic basis. Ensure all privileged accounts are using a strong, unique password.
  • Encrypt and backup your data. Only use Drexel-approved devices/locations to store institutional data. All sensitive institutional data should be encrypted in transit and at rest.
  • Ensure a secure connection. Use Drexel's VPN (drexel.edu/it/connect/vpn), which provides a secure, encrypted connection from Drexel's on-campus network services. 
  • Desktop software support. Contact your college IT support or the Drexel IT Help Desk for troubleshooting. Any external tech support must be approved by Drexel IT. 
  • Ensure Physical security. All systems running critical desktop software should be located in a secure facility and access to the systems should be provided on a least privilege/“need to know” basis.
  • Educate users about security. Users are the first line of defense against security threats. It's important to educate them about security best practices, such as strong passwords and phishing attacks. 
  • Report any suspicious activity to the security team. If you see anything that doesn't seem right, such as unauthorized access or suspicious activity, report it to the security team immediately at informationsecurity@drexel.edu.

Details

Details

Article ID: 20225
Created
Fri 3/27/26 11:29 AM
Modified
Fri 3/27/26 2:20 PM

Related Articles

Related Articles (1)

SaaS Best Security Practices
This article summarizes key security risks associated with SaaS applications and provides best practices to mitigate them. Topics include provider vetting, MFA, least‑privilege access, encryption, monitoring, and user education to help protect Drexel data.

Related Services / Offerings

Related Services / Offerings (1)

Third Party Risk Management
This service is provided by the Information Security Office. In order to protect the Institution and the Institution's systems, departments and/or individuals should complete this form to initiate a security assessment where a third-party software/service will store/process/transmit institutional information as defined in the Information Security for Institutional Information Policy (IT-8). This is intended for use by Institution personnel and should be completed by an organizational unit [Requester] within the Institution. Kindly engage your college or central IT professional while completing this form. Early IT involvement during third-party risk/security assessments often improves risk/security assessment quality and reduces unnecessary delays in the process. This process will assist the Institution in preventing breaches of institutional information and comply with Institutional policies, state, and federal laws.