Windows 10 Security Tips & Is Windows Defender good enough?
Want to know:
How to improve the security of Windows 10?
What the best free antivirus is for windows 10?
Is Windows Defender good enough and does it offer enough protection?
If you're looking for answers to these questions, then you've landed on the right page, because here I will provide information and tips about improving the security of your Windows 10 PC.
What Microsoft says about Windows 10 Security
Windows 10 is the most secure Windows we've ever built. From first boot up through the supported lifetime of your device, you’re covered by enhanced security features that help protect against viruses, malware, and even phishing attacks.
Windows 10 Security Tips
The best protection is yourself
Even the best antivirus programs can fail to detect new malware (computer virusses, spyware, trojans, rootkits, etc...).
Malware threats have grown significantly in the past decade.
Therefore, the best protection is yourself and you need to pay attention with everything you do on the internet!
So, if you decide to download and install pirated software, click on links in unsolicited emails, ignore Windows updates, or use an unsecured web browser, then there's a good chance that your computer will get infected.
There's no better antivirus or anti-malware protection than yourself.
Best Free Antivirus for Windows 10
There are so many free antivirus programs out there that it's difficult to choose one.
The problem with most other free antivirus programs is that they nag you to upgrade to their paid versions or buy other products from the company who built them.
There are so many free and paid antivirus programs out there that it's difficult to choose one.
Another option would be Windows Defender.
Is Windows Defender good enough?
Windows Defender is a real-time antivirus program that's built-in Windows 10.
It gives you a basic antivirus protection and automatically runs in the background.
It scans files when they're accessed and before you open them.
And it automatically turns on when you don't have or uninstall a antivirus program.
Updates for Windows Defender will automatically be delivered through Windows Update and will be installed like any other Windows update.
Is Windows Defender good enough?
Well, because Windows Defender never gets good results in Antivirus tests (AV-tests) like:
So I recommend using one of the free antivirus programs I mentioned before in this article.
Bitdefender and Kaspersky always get good results in antivirus tests (AV-tests) and these programs also won many awards.
You can also use other FREE tools together with your antivirus program to improve the security of your Windows 10 PC.
Use Windows Defender Periodic Scanning
I know that I said that Windows Defender isn't good enough as real-time protection, but you can still use it as a second opinion scanner.
Windows 10 included a new security setting called "Limited Periodic Scanning".
When you turn this turn this feature on, Windows 10 will use the Windows Defender scanning engine to periodically scan your PC for malware and remove the malware it finds.
You can now use Windows Defender alongside your existing antivirus software.
I will show you step by step how to turn "Windows Defender Limited Periodic Scanning" on in Windows 10.
1 Open "Settings".
2 Open "Update & Security".
3 Click on "Windows Defender" (left sidebar).
4 Go to "Limited Periodic Scanning" and turn it on.
Windows Defender Periodic Scanning will now be enabled.
Scan with Windows Defender
Windows Defender will automatically scan your PC in the background, but you can also scan whenever you want.
5 Go to the Windows notification area in the taskbar.
6 Right-click on the Windows Defender icon and choose "Open".
7 Go to "Scan options" and select a scan.
8 Click on "Scan now".
I'm using the free version of Malwarebytes for a few years now and it works good.
The free version doesn't offer real-time protection, but can be used to scan your system and help you to remove malware (computer virus, spyware, trojan, rootkit, etc...).
Malwarebytes is in my opinion one of the best free malware (computer virus, spyware, trojan, rootkit, etc...) removal tools out there.
I scan my PC once a week and sometimes when I think there's an infection.
You can download Malwarebytes here.
VirusTotal is a free online service that analyzes suspicious files and URLs and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware.
It uses multiple antivirus engines, website scanners, file and URL analysis tools and user contributions.
So if you don't trust a file or website/webpage, then you can check it with VirusTotal.com.
Disable & Remove Web Browser Protection and other Extensions
Most antivirus programs install browser protection extensions, but you don't need extra browser protection, because most web browsers have phishing and malware protection built-in and browser extensions can actually make you less safe, because browser extensions can create security holes. If you want better protection, then don't use browser extensions.
Don't Use A Windows 10 Administrator Account
This one change can make your PC instantly safer.
If a hacker gets access to your system, then this person has the same rights of whatever account you're using.
If you're using an administrator account and a hacker takes control of your system, then the hacker can do anything he or she wants and have full control of your system.
If you're using a standard account and a hacker takes control of your system, then the hacker can only do things that don't require administrator permission, so he or she can't change important system settings or install malware, and malware can't install itself unless you enter the administrator password.
So use a standard account to improve the security of your Windows 10 PC.
You need at least one administrator account on your PC, so you will need to create and use a new standard account, or create a new admin account and change your existing account to a standard account.
If you're already using your PC and set things the way you liked it, then it's better to create a new account and make the new account an administrator account, because when you create a new account you will need to set things up from the start (like personal settings, start menu, desktop shortcuts, program settings, etc...).
Create a new account
1 Open "Settings".
2 Open "Accounts".
3 Click on "Family & other users" (left sidebar).
4 Click on "Add someone else to this PC".
5 Click on "I don't have this person's sign-in information" located at the bottom.
6 Click on "Add a user without a Microsoft account" located at the bottom.
7 Enter a username, password (twice) and password hint.
Tip! If you want to use this account as administrator account, then use a strong password.
8 Click on "Next".
9 Click on the account that you want to use as administrator account and choose "Change account type".
10 Select "Administrator" and click on "OK".
11 Now click on the account you always want to use and choose "Change account type".
12 Select "Standard User" and click on "OK".
That's it. Don't use the administrator account! Just use a standard (local) account. Whenever you need to install software or change system settings Windows will ask you for the administrator password. It's much safer this way.
Always keep Windows and your programs up-to-date.
Updates may include important security fixes that prevent threats from infecting your Windows operating system or programs that are installed on your computer.
Always let Windows download and install updates automatically, so that you don't miss any critical security update.
Windows System Image Backup
It's best to always create a Windows System Image Backup after you've just installed Windows and all of your 100% trustworthy software.
A system image is a backup that contains a copy of your Windows with all of your installed programs, system settings, and files.
You can use a system image to restore Windows and software when your PC or hard disk stops working, or when your computer has a virus that is difficult to remove or when Windows is not working properly anymore.
When your PC gets infected by a virus or malware, then it's sometimes better to restore the Windows System Image Backup or to re-install Windows.
You never know if your security software detects everything. Like I said before, even the best program can fail to detect new malware.
Malware can also burrow itself deeper into your system and hiding itself from being discovered by your security software.
Malware can also open doors for other malware.
The only way to be 100% sure, is to restore a Windows system image or re-install Windows 10. This is what I always do when I find out that my PC is infected.
More Important Security Tips
- Use a firewall (Windows firewall is enough).
- Always take security warnings from Windows or your antivirus program seriously. Never ever ignore security warnings!
- Don't download and use pirated software.
- Never click on "OK", "Yes" or "Run" when a pop-up window appears and asks you to download and install unknown software.
- Never click to fast on "Next", "Install", "OK", etc... when installing software, because you might install extra unwanted third-party software (like toolbars). If you see extra offers, then uncheck all their checkboxes.
- Always download software from the official link or from a trusted website.
- Don't click on links in emails from unknown senders.
- Don't download and open email attachments – unless you can verify the source.
- Check free software before downloading and installing it onto your computer. Just Google the software first and look for reviews or forums.
- Don't visit XXX websites to watch XXX videos (most of you know what I mean, right?).
- Use a secure and safe web browser like Google Chrome or Mozilla Firefox and keep it updated.
- Disable or uninstall Java if you don't need it.
- Disable or uninstall Flash Player if you don't need it. You should also disable Flash Player in your web browser.
- Don't click on links you don't trust, but first check the link. When you go with your mouse-cursor on the link, then you can see at the bottom left corner of your browser window the REAL location the link is pointing to. You can also check the link using VirusTotal.com.
- Never download "codecs" or "players" to watch videos online. If you can't play the video online in your secure web browser then there's something wrong with the video or website.
- When you insert a USB flash drive or external hard drive from someone else into your PC, then scan it first with your antivirus program before opening anything.
- If you want to take risks (like watching XXX videos online), then at least install VirtualBox on your PC, then install a operating system like Linux (Linux Mint or Ubuntu) as a virtual machine in VirtualBox and do your risky things in there.
References and Sources: