Security threats have been in existence for a very long time. Breaching a PC’s security-line wasn’t so deliberate and lasted only for the pleasure of doing so, organisations until last few years. Then emerged the fashion of locking computers virtually and holding up data, for money.
Even then, institutions and companies were targeted, as they’d value their data more than individuals do. But today, since our machines started becoming our personal/official data warehouse, even home-based PCs are targeted.
Therefore, addressing this issue is a need of the time now. On that note, here we’re going to present how to secure Windows 10 PC and make it less penetrable.
Windows 10 Security Guide – Index
- Tip #1 – Windows Updates
- Tip #2 – Windows Firewall
- Tip #3 – Primary Antivirus
- Tip #4 – Anti-Malware
- Tip #5 – Privacy Settings
- Tip #6 – User Account Control
- Tip #7 – Use Local Account
- Tip #8 – Use Lock Screen
- Tip #9 – Secure Boot and UEFI
- Tip #10 – Disable Flash and Java
- Tip #11 – Drive Encryption
- Tip #12 Advanced Sharing Settings
Tip #1 – Windows 10 Security Updates
The operating system of a computer is the first layer of security against any threat. Malware makers look out for loopholes in existing system code and settings and exploit it.
The (in)famous WannaCry Ransomware made a massive impact globally because of a loophole in Windows Networking component.
No matter what, just don’t be lazy and update Windows 10 whenever notified. At least, never miss out any security patches which are responsible for plugging the loophole.
Login to your PC and get into the Settings window.
Then click Update & security and Windows Update in the left pane.
Click on the Advanced options, once you have got into the Windows update screen.
You can now see a drop-down box; set it to the Automatic (recommended) option that is available in its options. In further, check the “Give me update for other…” option too; to have the other Microsoft products, such as Office to remain updated and secured as well.
Not just Operating system but you must update all the installed software programs too. Adobe Flash and Microsoft Internet Explorer are the most exploited software applications, for example.
Tip #2 – Windows Firewall
Windows Firewall is a security defense software, pre-installed on all the versions of the Windows, including Windows 10.
It can help to prevent the system, from hackers or malicious software programs, gaining access to the PC through the network. So, the Windows Firewall is always turned on by default. Keep in mind; you shouldn’t turn off the Windows Firewall unless you have a third-party firewall.
To avoid vulnerable and unauthorised access, for better Windows 10 security, follow the oncoming procedures.
Get to the Windows Firewall window, in the Control Panel, through System and Security option in it. The Windows Firewall screen will show you a green shield with check marks, which means that the Firewall is ON. Hence, if it’s not so, click the Turn Windows Firewall on or off from the left panel and click Turn on Windows Firewall.
Next, click on the Allow an app or feature through Windows Firewall option in the left pane of the Windows Firewall window. Here, you can pick programs from the public and private columns. To improve the security, you’ll have to uncheck unwanted programs from the public column.
Tip #3 – Primary Antivirus
The Windows Defender feature starts working, right from the first boot.
But is it enough?
Truth to be told, Microsoft Windows Defender lags behind many other security software vendors. We agree that it is built-in software which is lightweight, doesn’t nag you with popups or asks for payment. However, it ranks fairly low in tests carried out by independent test labs.
That doesn’t mean Windows Defender provides bad protection but it must be noted that it could catch 95.6% of threats. The figure isn’t actually but it means that 89 threats passed though in a sample size of 1517.
On other hand, vendors like Avira and Kaspersky caught 99.9% threats.
To conclude, you must not risk your safety and install a good Antivirus program with a light footprint from a reliable and reputed vendor.
Tip #4 – Anti-Malware for Maximum Protection
Antivirus is important but these days, malware like adware, spyware, browser hijackers and even dangerous: Ransomware are more active.
To protect yourself from them, you need anti-malware program like MalwareFox.
MalwareFox not only protects the computer from malware attacks but also cleans infected computers in one click.
It runs alongside primary antivirus without hampering the performance of a computer.
MalwareFox is designed to catch unknown malware and zero-day exploits which are often missed by Antivirus programs. It is must have on any Windows PC.
Tip #5 – Privacy Settings
It is evident that all you type-in on your PC and talk, with your PC around, are made known to Microsoft. This is done to improve your experience with the Windows 10, as claimed by the company; as it connects it back to Microsoft.
There’s no big deal in allowing this privacy concern since they aren’t going to keep you vulnerable to hack.
However, it’s advisable to turn these tracking features off. Moreover, this one sector is quite unsettling and eventually invokes a thought that Microsoft could have done it better. Turning these features off is an easier endeavor while starting the PC for the first time. You can also do it in an old PC getting into the Settings window and then into the Privacy option, in it. Note that, you will have to turn off, all of them.
Tip #6 – User Account Control
UAC (User Account Control) is also a part of the Windows 10 security system. It is capable of preventing malware and apps from making unwanted changes on your PC. Accordingly, if any third-party app or virus tries to change your file/registry, a UAC confirmation dialogue box would emerge. This will be helpful for the users to confirm, whether they want to make those changes.
So, to turn on this feature, type ‘UAC’ in the Start menu search bar and then click Change User Account Control settings. Followed by this, drag the slider shown in the window, all the way up to the Always notify and click Ok. This option will provide a better level of security, and prevent certain changes in your system without your assent.
Tip #7 – Use a Local Account
While installing the Windows 10, the setup program might convince you to sign-in with a Microsoft account. There are some positive reasons, to use a Microsoft account. To be precise, the files and browser history from your system can be synchronised across all your Windows devices. But there are also some pitfalls too, in using Microsoft account on your Windows 10 PC. It’s all about the security and privacy; the hackers could access all your app and services, by just knowing one of your passwords.
Though using a Microsoft Account undoubtedly has its concerns, it’s better to use a local account. You can do so, by Type ‘Account’ in the Start menu search bar and click on the Manage your account in the list of options. After getting into the Account window, click on the Sign in with a local account instead option. Now, in the following steps, you can add-up your local account.
Tip #8 – Use a Lock Screen
The Lock Screen is the one that greets you when you fire up the Windows 10 every time. You’ll have to put in the password to operate the system when you’re at the Lock Screen. This welcoming feature showcases to date, time, status for apps you choose and even shows a background image from the Windows Spotlight. Sometimes, you might leave your PC unattended for a while, which paves the way for taking advantage of your PC, when you’re not around. Moreover, there are chances to compromise your PC, through the apps shown on the Lock screen.
So, to overcome this, you need to have your screen locked automatically, when it is idle, for better security. To enable this function, get to the Settings window and click Personalization > Lock screen (left panel) > Screen timeout settings. Here, you can control the screen timeout settings, as you want. In further, disabling apps on the Lock screen can also help regarding security.
Tip #9 – Secure Boot & UEFI
The Secure boot is a feature that is incorporated with most PCs today. This feature is supported in the UEFI platform that replaces the legacy BIOS. Legacy boot is the usual way of booting your system, which is enabled in the BIOS settings. Both the Secure Boot and UEFI together provide the flexibility for supporting the various OS platform; defend malware like bootkit and rootkit, and prevent the device from the pre-boot environment.
If you switch from the LEGACY+UEFI to the UEFI alone, the PC wouldn’t be booted in a secure way. Just disable the Legacy boot from the UEFI setup feature, which will become available immediately after your PC turns on. If the Legacy boot mode is disabled, then the UEFI mode will automatically be enabled.
Tip #10 – Disable Flash and Java
Adobe Flash dwells at various security concerns and doesn’t support the HTML 5 enabled browsers. This doesn’t mean you won’t be able to use the websites, as you can tweak the settings to run it, whenever needed. Considering the several security risks associated with it, the flash can expose your PC in some cases. You will have the choices to disable the Flash plugin and get rid of the security vulnerabilities.
The users, who primarily surf through Chrome, can just get to the Settings menu in the browser and go to the Advanced. Here, under the Privacy and Security, click on the Content settings. Then, look Flash in the oncoming option, where you can disable them.
For disabling the Java plugins, go to Control panel and then Programs and Features. From there, find Java in the program list, highlight it and choose to uninstall.
Tip #11 – Encrypt Hard Drive
Many PCs come with the feature called “Device Encryption”. This feature encrypts your drive, to make it accessible only using a password. The Disk Encryption means that, without the relevant user password, the data and the files on your hard drive are absolutely inaccessible.
So, go ahead and encrypt your disc, to get rid of the potential security vulnerabilities. The good news is that you can encrypt your hard drive by using the BitLocker drive encryption.
The BitLocker is capable of securing both the internal and external hard drives. Once the BitLocker encryption is implemented effectively, the drive is locked with a password. Hence, you will have to use the password after that to access the drive.
Tip #12 – Advanced Sharing Settings
In a network, sharing files and folders is complicated, in various instances. But in Windows 10, there are some interesting options in the Advanced Sharing settings.
This tool runs quickly and enables easy processes that will help to share files effortlessly. You can automatically allow this feature to turn-on when connected to a private network and turn-off when the machine is connected to a public network.
The ‘Advanced Sharing settings‘ screen is loaded with too many options; adjust them accordingly, in such a way that it behaves right, when on a public or private or another network.
Private – Disable the Network Discovery; File Sharing; and Printer Sharing options. Allow it to manage HomeGroup connections.
Public – Like private, turn-off both the Network Discovery; and File and Printer Sharing.
All Networks – Disable the public folder sharing and media streaming options. Use 128-bit encryption for file sharing and turn-on password protection.
On the whole, everyone in the world values their privacy and security; be it a military agent or any normal individual. Hence, in today’s time, any platform should be robust and inconvincible, regarding security and privacy.
Considering this, Microsoft has made some innovative and productive attempts, to make the Windows 10, a well-secured platform. You can adjust all the aforementioned Windows 10 security settings and reach a good level of privacy.