Basic Windows Security

SecuritySome of the things I’m asked about constantly, being a general geek, and in the I.T. industry, are “What is the best anti-virus”, and “how do I get rid of spyware”, “how do I avoid it in the first place?”

In this article, I’ll outline the basics of security, both in terms of software to install, updates, home networks, and every day techniques to avoid any infections. This article isn’t intended to be a granular set of instructions, but is intended to guide you in the right direction – there are lots of in-depth articles covering all of the individual topics out there, Google is your friend 🙂

Software

Windows is the most targeted platform out there – Windows runs on most PCs, therefore it’s simply a larger target for the virus / spyware authors to attack – at the end of the day, it’s a numbers game. Windows also has a large number of vulnerabilities, which if left unpatched allow systems to be taken down easily.

Software – make it legit – any pirated software carries a high risk it has been compromised – this goes for the operating system, and every program you run.

P2P (Peer to Peer) – this is a tempting source of free stuff, however it’s also a massive vector for infection, as is the same for any streaming software – the moral of the story is that unless you’re 100% sure you can cope with the threats out there, stay legal and legit.

Defence software – As in Harry Potter, we all acknowledge there are Dark Arts, and we need a Defence against the Dark Arts class, i.e. Antivirus / Anti spyware. The good news here is that you don’t need to spend any money. For Windows 7, download and install MS Security Essentials. For Windows 8 and above, it’s built in – just go into your settings and turn it all on.

Before installing MS Security Essentials, or activating Windows Defender, be sure to deactivate and/or uninstall any other products which may be left on your systems, I’m talking about the Symantec / McAfee type anti-virus programs. Having more than one of these products, doing the same thing, at the same time, on the same system will result in the system slowing down and eventually breaking.

One of the worst things I find in performing maintenance on private PCs is the left over anti-virus products fighting it out for supremacy – when you buy a PC, often it is bundled with all kinds of ‘helpful’ software, and people will just give the authors money for renewals after the trial period, because changing products is seen as effort / work. Trust me, the free products out there do a damn fine job, don’t get ripped off with massive costs for anti-virus software when you don’t need to be. ALL Antivirus software will let threats through, none of them are infallible – it’s common sense precautions which are your true line of defence.

Shields up!

spybot

In addition to Antivirus, there is also Anti-spyware and Anti-malware which needs to be accounted for. Windows Defender and MS Security Essentials have the basics covered in this area, however you may wish to expand your level of protection a little. Again, you do NOT need to spend money on this! One of the best products out there, and one kick-arse line of defence is Spybot Search and Destroy, a free product which can perform an in-depth scan of your system, remove infections, and most importantly immunize against infections!

You can also splash some cash on Spybot, and others, such as MalwareBytes, however the free versions are usually enough to get the job done. The rule is don’t get infected to start with!

Network

Assuming that you’re not completely stupid, you’ve gone into your router, disabled the UPnP function, and changed some of the defaults over – such as setting a custom SSID, and changing the default passwords to something better! UPnP can hand over the keys to the inside of your network to any miscreant program which makes it past your shields. UPnP = BAD. Talk to your ISP if you’re unsure of how to turn off UPnP, or change the security defaults; or get a geeky mate round to have a fiddle. No, don’t ask me. 😉

Not changing the default details for connecting to your network / wifi / router is plainly stupid – anyone can get hold of these details, and get into your network, opening up inbound paths for further penetration. Remember, your PC holds the keys to your life, your bank, your e-mail, everything – keep it behind a nice big wall with spikes on – when configured correctly, your network is just that.

The Internet

We wouldn’t need half of the security out there if it weren’t for the Internet, without a network connection, unless you connect an infected device, your computer is an island, and quite secure by default, the minute you connect to the internet, you’d better be sure it’s protected to the max. Software, and network protection measures are only a small part of your solution. Believe it or not, common sense and avoiding the common vectors for infection play a bigger role than anything else. There are a few simple points to keep in mind:

  • Don’t use Internet Explorer, ever.
  • Use Chrome or Firefox.
  • Install an ad-blocker, such as adblock-plus – this will turn off one of the biggest potential vectors for infection.
  • Keep your software legit – pirated software is a massive and avoidable risk – these days there are many free alternatives to almost all paid software.
  • Only use trusted sites, rule is that if it sounds too good to be true, it is.
  • If you’re going to go hunting for porn, which a lot of people do, spend some money, use a legit site, and gain some small measure of protection.
  • Keep your software up to date, up to date software is patched to armour it against infection vectors.

Whilst this article won’t come close to covering off everything, it does cover the basics, and if you take care of the basics, you’re 99% sorted, the rest is a learning curve, and experience. The best defence against any security threat is you – don’t be an idiot, think before you click, read warning boxes and pages before you click / agree to stuff. Don’t be a sheep 🙂