Taking control of computer security
Help protect your computer without losing your information—or your mind
By Kim Douglas
In the mood for a scary story? Go to your favorite news website and search for the phrase "computer security." A quick scan of the headlines should raise your blood pressure: Risk. Scam. ID theft. Hacker. Attack. Predator. It doesn't take much imagination to picture a cartoon burglar lurking around every corner of the Internet, wearing the customary striped sweater and eye mask, and ready to scurry off with all of your personal information in a canvas sack.
Well, there are potential dangers to your computer out there. Viruses and other malicious software (or malware) pose a genuine threat, and could make your data unusable or steal it outright. You might even make an honest mistake, installing software or changing a setting that can cost you time, frustration, or money to correct. But don't panic: new and improved features in Windows 7 can help you secure your PC at home, online, and on the go. In this column, I'll point out some of the ways you can better protect your computer from bad guys and, occasionally, from yourself.
Help protect your PC at home
Even if you plan to use your computer only to play games, write a memoir, or store digital photos, a little security effort can go a long way.
Account(ing) for each computer user
When you first set up Windows, you'll need to create an administrator account. An administrator account gives you the most control over the computer, what software to install, and who else can use it. You can use your administrator account to set up standard user accounts for other users.
If you're sharing your home computer with others, like your kids, husband, or wife, a separate standard user account for each user lets each person log in to a personalized experience. For example, you can set your desktop background to a picture from your Hawaii vacation, while your adolescent son might have a scrolling background of customized hot rods. Or vice versa. User accounts also determine the permissions each user has to access different files and programs or change computer settings. Each person who regularly uses your computer should have a standard account, so that they can customize their experience without impacting the other users. For more information, see User accounts: frequently asked questions.
A strong word about passwords
A password is one of the easiest ways to help protect your computer from hackers, your children, or any unauthorized user. Just as your debit card PIN is a barrier between bad guys and your bank account, a computer password is a barrier between unauthorized users and your user account. For more details, see Protect your computer with a password.
When you're choosing a password, you should make it difficult for others to guess or crack. My dad learned this the hard way when he set his password to simply the letter "A." My sister and I deciphered that in a hurry and reconfigured his desktop for maximum hilarity (us) and maximum annoyance (Dad). Strong passwords shouldn't be too obvious—so your name, your pet's name, or your birth date aren't the best password candidates. To learn more, see Tips for creating strong passwords and passphrases.
User Account Control: Mother, may I?
The User Account Control (UAC) feature in Windows is another way to help you control significant changes to your computer. If you want to make a change that requires administrator permission—like installing new software or changing Windows settings—UAC notifies you. If you're using an administrator account, you're prompted to confirm the change. Standard users are prompted to enter an administrator password before the change can be made. For more information, see What is User Account Control?
UAC helps protect you from inadvertently making harmful changes, and can also keep other users from downloading unfamiliar software from the Internet willy-nilly or otherwise rendering your computer inoperable. You can adjust UAC to control how often you're notified about changes, especially if you're the only person using your computer, or if you'd rather not see frequent notifications. To learn more about the potential security impact of each UAC setting, see What are User Account Control settings?
Help protect your PC from online threats
The tips above can help protect your computer from security mishaps in the home, but when you're using the Internet, you need to consider other precautions. You should establish a good security plan, keep it current, and use a little everyday common sense.
Use security software
Think of Windows Firewall as a barrier between your computer and any marauding hackers (or unsolicited spammers) on the Internet. Windows Firewall checks information coming in to and going out of your computer. If the information appears safe, it's passed through. If the information appears to come from a shady source or contain malicious software (like a worm or virus), a firewall can help block it and also help prevent your computer from spreading malicious software to others if it's already been infected. Windows Firewall is turned on by default, but you can choose to allow specific programs—like instant messaging—through the firewall, or you can block all incoming connections to your computer if you're using a public network in an airport or coffee shop. For more information, see Understanding Windows Firewall settings.
Spyware might irritate you by displaying pop-up ads or adding unwanted toolbars and links in your web browser—or it might secretly collect information about you and your computer use and send that information back to others. To help protect your computer against spyware, you can use an antispyware program like Windows Defender. Windows Defender is also turned on by default, and it can scan your computer for existing spyware to remove it or alert you when new spyware tries to install itself. For more information, see Using Windows Defender.
You should also install antivirus software to scan e‑mails and other files for destructive programs and block them. Viruses, worms, and Trojan horses don't necessarily expose your personal information to others, but they can delete important files and slow down or even completely disable your computer. Most viruses can also replicate and distribute themselves via e‑mail to all of your contacts, a quick way to make enemies out of the friends in your address book. To help prevent this from happening, see How can I help protect my computer from viruses?
You can download Microsoft Security Essentials, a free antivirus program from Microsoft, by going to the Microsoft Security Essentials
website. You can also visit the Windows 7 consumers security software providers
webpage to find a third-party antivirus program.
Monitor and update your security plan
Bad guys are diligent, so your security software is only as good as it is current. But keeping track of security updates, and making them automatically, are easier in Windows 7 with the new Action Center.
Action Center is in a single location that tracks your security settings (including the software mentioned above) and recommends scans or updates as needed. These messages are usually displayed in the notification area, at the far right of the taskbar. But you can choose which settings Action Center tracks and how and when the notifications appear. For more information, see How does Action Center check for problems?
Action Center can track security messages specifically from Windows Update. Windows Update makes it easy to keep your computer's security measures current by automatically locating important Microsoft updates online. You can set Windows Update to install security updates and improvements for Microsoft software automatically, or you can set Windows Update to simply notify you when new updates and fixes become available. For more information, see Understanding Windows automatic updating.
Think before you click
With the right security settings and software, you can deflect many outside threats to your computer and your information. That said, it's wise to pay attention to the e‑mails, files, and websites that trigger your own internal alarm. If you receive e‑mail from an unfamiliar sender or with a nonsensical subject line, be suspicious. If an e‑mail or website offer sounds too good to be true, it probably is. To learn more about being a safe and savvy Internet user, see When to trust an e-mail message or Online privacy and security: frequently asked questions.
Help protect your PC while on the go
Laptop users have a few additional security considerations while computing on the go.
Lock up your data with BitLocker
If you have sensitive information stored on your laptop, you can help keep that information safe by encrypting it, so that it can be read only by someone with the right key or password to unscramble it. You can use BitLocker Drive Encryption to encrypt an entire drive. BitLocker automatically encrypts any new files you add to the encrypted drive, so you don't have to worry about whether individual files on an encrypted drive are protected. In Windows 7, you can also encrypt removable data drives (such as a thumb drive) with BitLocker To Go. To learn more, see Help protect your files using BitLocker Drive Encryption.
Go wireless without being careless
One advantage to having a laptop is that you can work anywhere and use public wireless networks to access the Internet. However, it's important to apply the same security principles and common sense that you use at home. Wireless networks might require a password or other security key, or they might be unsecured and open to anyone with a wireless adapter in range. When you point to the wireless network icon
in the notification area, Windows
displays a list of the available wireless networks and indicates whether they're using some form of security.
You can still use an unsecured public network—just bear in mind that you shouldn't expose sensitive information (like your bank account or credit card numbers) over such a connection. A hacker with the right tools can use the same public network to see everything you do, including the websites you visit and any passwords or information you type. It's a little like inviting busybodies to peer over your shoulder. If you don't want to share certain files with strangers, don't work on them until you can make a secure connection. For more information, see Wireless networking: frequently asked questions and How do I know if a wireless network is secure?
One more note about wireless networks: if you've set one up at home, you should secure it too. You don't want anyone within range of the signal accessing your personal files. No offense to your neighbors! For more information about setting your router password and network security key, see Setting up a wireless network.
Safer and saner
No one can promise you complete computer security. But with a little planning, vigilance, and caution, you can sleep at night knowing that your computer is as safe as you can make it, and that when the next threat arises, you're prepared to meet the challenge.
About the author
Kim Douglas is a writer on the Windows team at Microsoft. She's written or edited everything from essays and short fiction to training manuals and travel guides. When she's not wielding her own pen, she can usually be found with a cup of coffee in one hand and someone else's book in the other.
Have a comment for this columnist? Enter your feedback using the tool below. (You'll see the comment box after you click one of the buttons.) Note that although the columnist will read your feedback, personal replies are not possible due to the volume of feedback received.