As we recently covered,of the operating system so far. The company has completely overhauled many of the OS’s key security features whilst introducing new levels of protection such as Secure Boot and Dynamic Access Control. After critics have spent most of the last decade criticising Windows for its often lackadaisical approach to online safety, it seems the developers finally decided to listen and address their concerns.
Although Windows 8.1 is now much improved, it doesn’t mean you should trust Microsoft (or any other company) to protect you. There are many things that the typical user can do that will go a long way to improving and strengthening their safety, security, and privacy when using their computer.
Here we take a detailed look at a few suggestions, ideas, and recommendations…
The code behind the Windows operating system often contains security loopholes and errors, meaning the importance of installing all the available Windows Updates cannot be overstated. Sadly, a vast number of users will rarely, if ever, bother to take the time to download and run them.
There are three main reasons for installing all the updates and patches. Firstly, given the frequency with which weaknesses in a program’s code are identified, your system is more exposed to malicious software if you do not update. Secondly, it will improve the performance and stability of Windows by resolving non-critical bugs, and finally, Windows Updates often install new features or improvements (for example, the recently released Windows 8.1 Update 1).
For an insight into their importance, you need to look no further than the recent furore around the discontinuation of Windows XP support. The Windows Updates were the last bastion of defence to prevent hackers overrunning a system that is now more than a decade old and riddled with security flaws. Security firms such as FireEye have already issued dire warnings about a marked increase in XP machines being targeted. An ominous press release stated that “one in four PCs running an operating system without any new security updates is a hacker’s dream”.
The updates themselves are easy to install and require very little user input. If you are the forgetful type or you simply don’t want the hassle of managing them yourself, you can even ask Windows to download and install all updates automatically.
To turn on automatic updates head to your Control Panel and click on Windows Update. Once there select Change settings from the list on the left and then choose Install updates automatically from the drop-down menu. For more information check our ‘Everything You Need to Know About Windows Update‘ guide.
There are lots of security tips to consider when using a Microsoft Account. Since the release of Windows 8, Microsoft has tried to usher fans away from using local accounts to log into their machines, and would instead prefer than you use an online Microsoft Account. This will allow all your apps, settings, and preferences can be synced across all your Windows devices.
In practice, the system is no different to that used on Apple and Google products, but it still requires users to be aware of the change so they are not caught out.
The first and most obvious tip is that you need to set a strong password. This is especially true if you are using an old account that has recently been rebranded as a Microsoft account (for example, Hotmail, Windows Live ID, Xbox Live or Zune).
Similar to several other online services, Microsoft also now offer a two-step authentication process whereby you’ll need to supplement your username and password with a verification code sent via SMS or email. You also have access to a tool to monitor recent account activity so you can see if there have been any suspicious log-in attempts, and the ability to receive security notifications on your phone.
Needless to say, you should also provide Microsoft with an alternative email and phone number in case you forget your password or lose access to your account for any other reason.
Be aware that if you still choose to use a local account over an online Microsoft Account you will not be able to download any apps from the Windows Store.
Trust Your PC
As mentioned, one of the distinguishing features of Windows 8 is the ability to synchronise your user settings across all your devices. Before the ‘sync your settings’ feature will work, however, you will have to confirm that your trust your PC. From a security standpoint, having a trusted computer gives you a secure place from which you can reset your password or confirm alterations to your account, as well as allowing you to sync saved passwords from your browser.
To trust your PC your need to head to your computer’s Control Panel and open the Action Centre. Once there you will be given the opportunity add you PC to your list of trusted devices. After you click the Trust this PC button you will be taken to a Windows website where you will be asked to enter a code that will be sent to you via email or SMS.
Microsoft Security Essentials and Windows Defender
Microsoft Security Essentials (MSE) is Microsoft’s free anti-virus software. It is designed to protect against malware and viruses on Windows XP, Vista, and 7, but in Windows 8 it has been discontinued and merged with Windows Defender.
In truth MSE has never been a robust anti-virus, receiving widespread criticism for covering the basics of malware protection and nothing more; we have always recommended that you should replace MSE with a more effective antivirus.
Sadly, Windows Defender does not fare much better than its forerunner. It looks and feels almost exactly like MSE, and like its predecessor offers little more than a barely acceptable minimum level of protection. You should unquestionably download and run and third party antivirus suite. Avast and AVG are popular, but if you’re not sure there are lots of excellent free antivirus alternatives, along with several sites that offer reliable antivirus reviews. You could even try a cloud-based antivirus program.
A firewall is software or hardware that helps prevent hackers and some types of malware from getting to your PC through a network or over the Internet. For a more expansive summary, check out our definition of a firewall from the ‘Technology Explained’ series.
A firewall isn’t the same thing as an antivirus or anti-malware application. Firewalls help protect against worms and hackers, antivirus applications help protect against viruses, and anti-malware applications help protect against malware. You need all three, though be aware that running more than one firewall on your computer can cause conflicts and problems. Windows 8 has a built-in firewall, though there are lots of excellent third-party firewall alternatives.
Windows 8’s firewall operates in much the same way as previous versions. Inbound connections to programs are blocked unless they are on the allowed list, while outbound connections are not blocked if they do not match a rule. You also have a public and private profiles for the firewall and can control exactly which program can communicate on the private network as opposed to the wider Internet.
Even though outbound connections are not blocked by default, you can configure your own firewall rules in Windows 8 to block them. This can be useful if, for example, you want to block an instant messaging app from being able to communicate with the server, even if someone installs the program on the computer.
The distinction between private and public networks is also useful. It allows you to permit features such as File and Printer Sharing and HomeGroups when you’re on your home network, whilst restricting them when using your machine in public.
The firewall also allows you to temporarily block all incoming connections to your computer. Naturally this is not suitable for day-to-day use, but if does afford you an extra level of protection if you are using a large network such as in an airport or hotel and you want to be extra safe.
To change the settings open the Control Panel and click on Windows Firewall. Once there you have several options in the menu on the left to tweak, disable, and reinforce your firewall. Don’t be worried about playing with the settings, if you make a mistake you can always click on Restore defaults to return all the settings to the way they were when you bought/upgraded the machine.
What tips do you have for keeping yourself secure? Do you think Windows 8.1 is more or less user-friendly when it comes to managing your security? What do you think Microsoft has done well and what can they improve upon? Let us know in the comments below.