Taking control of computer security

Help protect your computer without losing your information—or your mind

By Kim Douglas

In the mood for a scary story? Go to your favorite news website and search for the phrase "computer security." A quick scan of the headlines should raise your blood pressure: Risk. Scam. ID theft. Hacker. Attack. Predator. It doesn't take much imagination to picture a cartoon burglar lurking around every corner of the Internet, wearing the customary striped sweater and eye mask, and ready to scurry off with all of your personal information in a canvas sack.

Well, there are potential dangers to your computer out there. Viruses and other malicious software (or malware) pose a genuine threat, and could make your data unusable or steal it outright. You might even make an honest mistake, installing software or changing a setting that can cost you time, frustration, or money to correct. But don't panic: new and improved features in Windows 7 can help you secure your PC at home, online, and on the go. In this column, I'll point out some of the ways you can better protect your computer from bad guys and, occasionally, from yourself.

Help protect your PC at home

Even if you plan to use your computer only to play games, write a memoir, or store digital photos, a little security effort can go a long way.

Account(ing) for each computer user

When you first set up Windows, you'll need to create an administrator account. An administrator account gives you the most control over the computer, what software to install, and who else can use it. You can use your administrator account to set up standard user accounts for other users.

If you're sharing your home computer with others, like your kids, husband, or wife, a separate standard user account for each user lets each person log in to a personalized experience. For example, you can set your desktop background to a picture from your Hawaii vacation, while your adolescent son might have a scrolling background of customized hot rods. Or vice versa. User accounts also determine the permissions each user has to access different files and programs or change computer settings. Each person who regularly uses your computer should have a standard account, so that they can customize their experience without impacting the other users. For more information, see User accounts: frequently asked questions.

A strong word about passwords

A password is one of the easiest ways to help protect your computer from hackers, your children, or any unauthorized user. Just as your debit card PIN is a barrier between bad guys and your bank account, a computer password is a barrier between unauthorized users and your user account. For more details, see Protect your computer with a password.

When you're choosing a password, you should make it difficult for others to guess or crack. My dad learned this the hard way when he set his password to simply the letter "A." My sister and I deciphered that in a hurry and reconfigured his desktop for maximum hilarity (us) and maximum annoyance (Dad). Strong passwords shouldn't be too obvious—so your name, your pet's name, or your birth date aren't the best password candidates. To learn more, see Tips for creating strong passwords and passphrases.

User Account Control: Mother, may I?

The User Account Control (UAC) feature in Windows is another way to help you control significant changes to your computer. If you want to make a change that requires administrator permission—like installing new software or changing Windows settings—UAC notifies you. If you're using an administrator account, you're prompted to confirm the change. Standard users are prompted to enter an administrator password before the change can be made. For more information, see What is User Account Control?

Picture of the User Account Control (UAC) dialog box showing details
UAC dialog box showing details

UAC helps protect you from inadvertently making harmful changes, and can also keep other users from downloading unfamiliar software from the Internet willy-nilly or otherwise rendering your computer inoperable. You can adjust UAC to control how often you're notified about changes, especially if you're the only person using your computer, or if you'd rather not see frequent notifications. To learn more about the potential security impact of each UAC setting, see What are User Account Control settings?

Help protect your PC from online threats

The tips above can help protect your computer from security mishaps in the home, but when you're using the Internet, you need to consider other precautions. You should establish a good security plan, keep it current, and use a little everyday common sense.

Use security software

Think of Windows Firewall as a barrier between your computer and any marauding hackers (or unsolicited spammers) on the Internet. Windows Firewall checks information coming in to and going out of your computer. If the information appears safe, it's passed through. If the information appears to come from a shady source or contain malicious software (like a worm or virus), a firewall can help block it and also help prevent your computer from spreading malicious software to others if it's already been infected. Windows Firewall is turned on by default, but you can choose to allow specific programs—like instant messaging—through the firewall, or you can block all incoming connections to your computer if you're using a public network in an airport or coffee shop. For more information, see Understanding Windows Firewall settings.

Spyware might irritate you by displaying pop-up ads or adding unwanted toolbars and links in your web browser—or it might secretly collect information about you and your computer use and send that information back to others. To help protect your computer against spyware, you can use an antispyware program like Windows Defender. Windows Defender is also turned on by default, and it can scan your computer for existing spyware to remove it or alert you when new spyware tries to install itself. For more information, see Using Windows Defender.

You should also install antivirus software to scan e‑mails and other files for destructive programs and block them. Viruses, worms, and Trojan horses don't necessarily expose your personal information to others, but they can delete important files and slow down or even completely disable your computer. Most viruses can also replicate and distribute themselves via e‑mail to all of your contacts, a quick way to make enemies out of the friends in your address book. To help prevent this from happening, see How can I help protect my computer from viruses?

You can download Microsoft Security Essentials, a free antivirus program from Microsoft, by going to the Microsoft Security Essentials website. You can also visit the Windows 7 consumers security software providers webpage to find a third-party antivirus program.

Monitor and update your security plan

Bad guys are diligent, so your security software is only as good as it is current. But keeping track of security updates, and making them automatically, are easier in Windows 7 with the new Action Center.

Picture of Action Center in Control Panel
Action Center notifies you when items need your attention.

Action Center is in a single location that tracks your security settings (including the software mentioned above) and recommends scans or updates as needed. These messages are usually displayed in the notification area, at the far right of the taskbar. But you can choose which settings Action Center tracks and how and when the notifications appear. For more information, see How does Action Center check for problems?

Picture of an Action Center tooltip in the notification area
Point to the Action Center icon to review notifications at any time.

Action Center can track security messages specifically from Windows Update. Windows Update makes it easy to keep your computer's security measures current by automatically locating important Microsoft updates online. You can set Windows Update to install security updates and improvements for Microsoft software automatically, or you can set Windows Update to simply notify you when new updates and fixes become available. For more information, see Understanding Windows automatic updating.

Think before you click

With the right security settings and software, you can deflect many outside threats to your computer and your information. That said, it's wise to pay attention to the e‑mails, files, and websites that trigger your own internal alarm. If you receive e‑mail from an unfamiliar sender or with a nonsensical subject line, be suspicious. If an e‑mail or website offer sounds too good to be true, it probably is. To learn more about being a safe and savvy Internet user, see When to trust an e-mail message or Online privacy and security: frequently asked questions.

Help protect your PC while on the go

Laptop users have a few additional security considerations while computing on the go.

Lock up your data with BitLocker

If you have sensitive information stored on your laptop, you can help keep that information safe by encrypting it, so that it can be read only by someone with the right key or password to unscramble it. You can use BitLocker Drive Encryption to encrypt an entire drive. BitLocker automatically encrypts any new files you add to the encrypted drive, so you don't have to worry about whether individual files on an encrypted drive are protected. In Windows 7, you can also encrypt removable data drives (such as a thumb drive) with BitLocker To Go. To learn more, see Help protect your files using BitLocker Drive Encryption.

Go wireless without being careless

One advantage to having a laptop is that you can work anywhere and use public wireless networks to access the Internet. However, it's important to apply the same security principles and common sense that you use at home. Wireless networks might require a password or other security key, or they might be unsecured and open to anyone with a wireless adapter in range. When you point to the wireless network icon Picture of the wireless network icon in the notification area, Windows displays a list of the available wireless networks and indicates whether they're using some form of security.
Picture of Connect to a Network, showing secured and unsecured networks
The yellow shield icon warns you when a network is unsecured.

You can still use an unsecured public network—just bear in mind that you shouldn't expose sensitive information (like your bank account or credit card numbers) over such a connection. A hacker with the right tools can use the same public network to see everything you do, including the websites you visit and any passwords or information you type. It's a little like inviting busybodies to peer over your shoulder. If you don't want to share certain files with strangers, don't work on them until you can make a secure connection. For more information, see Wireless networking: frequently asked questions and How do I know if a wireless network is secure?

One more note about wireless networks: if you've set one up at home, you should secure it too. You don't want anyone within range of the signal accessing your personal files. No offense to your neighbors! For more information about setting your router password and network security key, see Setting up a wireless network.

Safer and saner

No one can promise you complete computer security. But with a little planning, vigilance, and caution, you can sleep at night knowing that your computer is as safe as you can make it, and that when the next threat arises, you're prepared to meet the challenge.

About the author

Picture of columnist Kim Douglas

Kim Douglas is a writer on the Windows team at Microsoft. She's written or edited everything from essays and short fiction to training manuals and travel guides. When she's not wielding her own pen, she can usually be found with a cup of coffee in one hand and someone else's book in the other.

Have a comment for this columnist? Enter your feedback using the tool below. (You'll see the comment box after you click one of the buttons.) Note that although the columnist will read your feedback, personal replies are not possible due to the volume of feedback received.