As always, I advocate brains over brawn when it comes to computer safety. Your behavior is your first line of defense. You are your computer’s biggest security feature. But it’s still vitally important to harden your computer against attacks. Hardening is geekspeak for locking down your system to make it more difficult to hack.
This guide will undoubtedly be updated over time so make sure you’re signed up for my newsletter to receive the updates.
Lower your account privileges
If there’s one thing you should do on this list, this is it. Ninety two percent of all attacks on Windows are thwarted by simply changing the type of account you use. If you sign up for my newsletter you’ll be sure not to miss my guide for this when it goes live.
Probably the second most important thing you can do is get rid of Java. Java is the most attacked program on the internet. You probably don’t need it, so just uninstall it. If you need it later, you can always download the latest version at www.java.com. If you do need to reinstall it, I recommend using my guide to unplug Java from your browsers while you’re not using it. And as always, keep it updated.
Flashplayer is still required for lots of stuff on the internet so you’ll probably need it. Just make sure to keep it updated. The lastest version of Flashplayer will even update itself for you. Download the latest version here. Chrome and Internet Explorer already have Flashplayer installed by default and should keep it updated for you. Other browsers require that you install it yourself.
Make sure Windows is updating
Operating systems like Windows are extremely complex and tricky pieces of software. As time goes, security holes and vulnerabilities are discovered that need to be patched. Microsoft pushes out updates once a month or more often if there’s a severe issue. Use my Windows automatic update guide to make sure it’s turned on.
Duh, right? But remember to treat antivirus as the last layer of defense. If you’re doing security right, then your antivirus should never get used. I prefer Bitdefender, but another I’d recommend is Kaspersky.
Backup your data
Most people don’t think about backing up their files as a security strategy. But what happens when your computer gets infected and some of your files get corrupted? What happens if your laptop or phone is lost or stolen and you don’t have a backup of anything on them, like documents, pictures, work files, etc? Believe me, it will happen to you eventually. Read more about some backup strategies in my guide on cold backup versioning.
Use a more secure PDF reader
Adobe Reader is the most prolific, bloated, and attacked PDF reader in the world. I don’t recommend using it. Instead, try Nitro Reader (requires your email address), or Foxit Reader. Both good options with plenty of features. If you want a barebones reader without any fluff, then try Sumatra PDF. Just be sure to uninstall Adobe Reader when you have your new one installed. And remember to keep your new one updated as well.
Use a more secure web browser
Internet Explorer is the least secure browser out there. Instead, I suggest using Firefox or Chrome. Opera may be a good choice, too. Or Safari, but only on Mac (it’s no longer supported on Windows). For a little more detail, check out my guide to the most secure and private browsers. Whichever you use, I only suggest staying away Internet Explorer unless you have to. If you do need it, make sure it’s the latest version (at least version 10).
Uninstall the programs you don’t need
Get rid of anything you’re not using. That will make you a smaller target. You want to give the bad guys as few opportunities as possible to get a foothold in your computer. In geekspeek, that’s called minimizing the attack surface. More programs means more bugs and security risks. Get rid of the cruft.
Turn off Autorun and Autoplay
These features automatically run programs located on thumb drives and other removable media (like CDs). You don’t want things running automatically from external devices. That’s just a bad idea. Use my guide to disable Autorun and Autoplay.
Use a password on every account
This does more than keep unwanted people off your computer. It also helps prevent outside intruders from hacking into your system as well. Check out my guide to add a password to your Windows account and my tutorial for creating strong passwords.
Unplug your webcam
Physically unplug your webcam from your computer while it’s not being used. If you use your webcam a lot, or if it’s built into your laptop, then just cover it with tape or a sticky note until you need it. Here’s why. That’s only one example. We’ve seen several times how bugs in webcam software can be exploited, letting bad hackers turn them on and watch the feed from the internet. Most webcams have not been found to have these issues, but you definitely don’t want to risk it.
Reset your firewall
Programs that need internet access will automatically request permission to get through your firewall. Over time, lots of holes can accrue in your firewall that you don’t need or want anymore. Viruses can also open holes for their own devious purposes, which may remain even after you remove the virus. First, use my guide to turn on the windows firewall just to be sure it’s on. Then keep an eye out for my upcoming guide on how to reset it back to square one.
Good to Do
Use additional anti-malware
Install Malwarebytes and/or Hitman Pro, in addition to your antivirus. Malwarebytes is free unless you want real-time protection with the full version. I highly recommend buying it as it’s an affordable one-time purchase (except for business use).
This is a more advanced tool that helps to plug gaps in the security of your programs. Use my EMET guide to get it installed and configured. Even if you don’t do any custom configuration, just getting it installed with the default settings will help.
Use Secunia PSI
Secunia Personal Software Inspector is a tool that tries to keep your programs updated for you. This is important because security holes are found in programs all the time. Keeping them updated will significantly decrease the amount of vulnerabilities you have. My Secunia PSI guide can help you get started.
Turn off unnecessary services
There are some services running on Windows that are not necessary for most people to have. Stay tuned to be notified when I have my guide up for this.