Windows security – alerts, updates and best practice

Most of us working on Windows PCs are familiar with those ever-recurring Windows Updates. Sometimes they seem to be pinching our time when we want to shut down our computers, hassle us to reboot just when we’re on a roll; at times, we might even suspect them of nicking our data.

So, are Windows Updates REALLY necessary? What would happen if we disable them or snub those alerts? What’s the best, safest, yet not overzealous route for businesses and individuals to stay up to date and protected?

First up: a Windows security essentials checklist

You can never go wrong by picking a rock-solid, complex password of up to 14 characters – staying away from obvious choices such as your birthday, pet’s name, 12345, login, qwerty or password1. Rather opt for a random combination of letters, numbers and symbols.

Every employee should have a logon password, so that individuals’ computers cannot be accessed while they’re away from their desks. Rename the Administrator account, as cybercriminals’ pet approach is trying out the login combination of “Administrator” plus predictable password.

Use Windows’ Account Lockout Policy to stop malicious users in their tracks who attempt to log on to your system using different let’s-see-if-this-one-works passwords. This will disable the user account following a few failed logins.

Another roadblock you can set up to protect you and your business is Two-Factor Authentication (2FA), a type of Multi-Factor Authentication. Adding an extra layer of security, 2FA requires your staff to use 60-second passwords which can only be used once to access their online accounts. The one-time password (OTP) is generated on another device, such as a smartphone, and then used to access your Google, Microsoft Office 365 or other accounts.

There are popular free OTP services offered by Google as part of their Google Authenticator application. If you do not trust the free online services then opt for a Password as a Service from a reputable provider or run your own service from a provider such as AuthAnvil.
Next is ensuring your (mostly built-in) Windows Firewall is properly configured and turned on, as this keeps out destructive elements by blocking unauthorised access.

To fight off malware such as viruses and spyware, Windows has included (free, always-on) Windows Defender in its latest versions, while users of older versions can opt for Microsoft Security Essentials.

What’s a Windows Update and why’s it wise to run it?

Windows isn’t always bulletproof, that we know. The code making up the operating system reportedly has security loopholes, errors, vulnerabilities, incompatibilities and outdated software elements, which Windows tries to fix by regularly releasing security patches.

Picking up information on your computer’s make and model, and the version of Windows you’re using, the Windows Update automatically checks for the latest updates for your particular computer, downloads and installs them, while also adding new features.

Should you run Windows Updates? For sure! It’s a no-brainer, and will benefit both you and other users on the company network, connecting to your computer. The recommended, no-muss-no-fuss way is to configure your computer to automatically download and install at least all critical updates.

How to protect your sensitive data

Windows’ built-in BitLocker Drive Encryption is a terrific way of guarding confidential data on your computer by encrypting your fixed drives, as well as removable drives – a particularly handy function should your computer get stolen.

You could also set permissions for files and folders to buff up security – giving a user or group either full control or limiting permissions to only read, write and/or modify.

To ensure you have all your Windows security essentials in place (including robust password management), are on top of best practices, and receive the best advice and maximum value for your Microsoft investment, contact us.