Windows 10 Security Tips & Is Windows Defender good enough?

Windows 10 Security Tips

This article provides important information and tips about improving the security of your Windows 10 PC.

And:

What's the best free and paid antivirus software for Windows 10? or is Windows Defender good enough and does it offer enough protection?

But first:

What Microsoft says about Windows 10 Security

Windows 10 is the most secure Windows we've ever built. From first boot up through the supported lifetime of your device, you’re covered by enhanced security features that help protect against viruses, malware, and even phishing attacks.[1]

And now:

Windows 10 Security Tips

The best protection is yourself

Look:

Even the best antivirus programs can fail to detect new malware (computer virusses, ransomware, spyware, trojans, rootkits, etc...).[2]

And:

Malware threats have grown significantly in the past decade.

Malware (computer virusses, ransomware, spyware, trojans, rootkits, etc...) threats grow so fast, that antivirus programs take too long to catch up with malware (even the best antivirus programs).[3]

Therefore, the best protection is yourself and you need to pay attention with everything you do on the internet!

So, if you decide to download and install pirated software, click on links in unsolicited emails, ignore Windows updates, or use an unsecured web browser, then there's a good chance that your computer will get infected.

There's no better virus (malware) protection than yourself.

Best Free Antivirus for Windows 10

There are so many free antivirus programs out there that it's difficult to choose one.

And:

The problem with most free antivirus programs is that they keep asking you to buy their paid products.

If you are looking for a good free antivirus program, then the free versions of Bitdefender and Kaspersky are good options.

Another option would be Windows Defender.

But:

Is Windows Defender good enough?

Windows Defender is a real-time antivirus program that's built-in Windows 10.

It gives you a basic antivirus protection and automatically runs in the background.

It scans files when they're accessed and before you open them.

And it automatically turns on when you don't have or uninstall a antivirus program.

Updates for Windows Defender will automatically be delivered through Windows Update and will be installed like any other Windows update.

Is Windows Defender good enough?

No

Why?

Well, because Windows Defender never gets good results in Antivirus tests (AV-tests) like:

So I recommend using one of the free antivirus programs I mentioned before in this article.

If you are looking for better virus protection with more features, then the paid versions of Bitdefender and Kaspersky are good options.

Bitdefender and Kaspersky always get good results in antivirus tests (AV-tests) and these programs also won many awards.

You can also use other FREE tools together with your antivirus program to improve the security of your Windows 10 PC.

Use Second Opinion Malware Scanners

Like I said before, even the best antivirus software can fail to detect malware (computer virus, spyware, etc.), so that's why it's always a good idea to use second opinion malware scanners.

You can use these scanners to scan your PC periodically (e.g once a week, once a month, etc.).

Most malware scanners do not conflict, so it's not a problem if you use multiple scanners on your PC.

Examples of free second opinion malware scanners are:

Note: Always check the scanning results for false positives, so that you don't remove anything important.

Use Virus Total to Analyze Suspicious Files and URLs

VirusTotal is a free online service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.

It uses multiple antivirus engines, website scanners, file and URL analysis tools and user contributions.

So if you don't trust a file or website/webpage, then you can check it with VirusTotal.com.

Disable & Remove Web Browser Protection and other Extensions

Most antivirus programs install browser protection extensions, but you don't need extra browser protection, because most web browsers have phishing and malware protection built-in and browser extensions can actually make you less safe, because browser extensions can create security holes. If you want better protection, then don't use browser extensions.[4]

Don't Use A Windows 10 Administrator Account

This one change can make your PC instantly safer.[5]

If a hacker gets access to your system, then this person has the same rights of whatever account you're using.

If you're using an administrator account and a hacker takes control of your system, then the hacker can do anything he or she wants and have full control of your system.

But:

If you're using a standard account and a hacker takes control of your system, then the hacker can only do things that don't require administrator permission, so he or she can't change important system settings or install malware, and malware can't install itself unless you enter the administrator password.

So use a standard account to improve the security of your Windows 10 PC.

You need at least one administrator account on your PC, so you will need to create and use a new standard account, or create a new admin account and change your existing account to a standard account.

If you're already using your PC and set things the way you liked it, then it's better to create a new account and make the new account an administrator account, because when you create a new account you will need to set things up from the start (like personal settings, start menu, desktop shortcuts, program settings, etc...).

1. Open "Settings".

2. Open "Accounts".

3. Click on "Family & other users" (left sidebar).

4. Click on "Add someone else to this PC".

5. Click on "I don't have this person's sign-in information" located at the bottom.

6. Click on "Add a user without a Microsoft account" located at the bottom.

7. Type a username, password (twice) and password hint.

Tip! If you want to use this account as administrator account, then use a strong password.

8. Click on "Next".

9. Click on the account you want to use as administrator account and choose "Change account type".

10. Select "Administrator" and click on "OK".

11. Now click on the account you want to use daily and choose "Change account type".

12. Select "Standard User" and click on "OK".

That's it. Don't use the administrator account for daily use!, but just use a standard (local) account. Whenever you need to install software or change system settings Windows will ask you for the administrator password. It's much safer this way.

Disable SMB1 on Windows 10

Even Microsoft recommends that you disable SMB1 for security reasons – especially for WannaCrypt, Petya (also known as Petwrap) and other ransomware, because they also use this to attack the Windows operating system.[6] [7]

Follow these steps to disable SMB1 on Windows 10:

1. Open Windows Control Panel.

Two ways to open Control Panel in Windows 10 Creators Update:

2. Open Programs.

3. Click on "Turn Windows features on or off" located underneath "Programs and Features".

4. Uncheck the checkbox associated with "SMB 1.0/CIFS File Sharing Support".

5. Click on "OK" and restart your PC.

Stay Up-To-Date

Always keep Windows and your programs up-to-date.

Updates may include important security fixes that prevent threats from infecting your Windows operating system or programs that are installed on your computer.

Always let Windows download and install updates automatically, so that you don't miss any critical security update.

Windows System Image Backup

It's best to always create a Windows System Image Backup after you've just installed Windows and all of your 100% trustworthy software.

A system image is a backup that contains a copy of your Windows with all of your installed programs, system settings, and files.

You can use a system image to restore Windows and software when your PC or hard disk stops working, or when your computer has a virus that is difficult to remove or when Windows is not working properly anymore.

When your PC gets infected by a virus or malware, then it's sometimes better to restore the Windows System Image Backup or to re-install Windows.

You never know if your security software detects everything. Like I said before, even the best program can fail to detect new malware.

Malware can also burrow itself deeper into your system and hiding itself from being discovered by your security software.

And:

Malware can also open doors for other malware.

The only way to be 100% sure, is to restore a Windows system image or re-install Windows 10. This is what I always do when I find out that my PC is infected.

More Important Security Tips

That's all. If you want to learn more about computer and internet security (cyber security), then please visit one of the following pages (after the ad).

Maybe you're also interested in:

Reference(s):