Tech Sense: Windows Security Tour
I frequently use a topic I call "low-hanging fruit" when I speak at events and meetings. These presentations tend to be about effectively using the security tools you may already have in place. Of course, many people do not know about tools that are readily available to them. I thought I would take this month's column and provide a tour of the security and privacy tools that can be easily accessed by the typical Windows 10 computer users and describe some of the things to look out for as well. This column will focus on Windows 10 Home Creators Edition because that is what most newer home computers are using today.
When you start a Windows 10 computer, it opens a screen to collect login information for an individual user. Each user on a Windows computer is identified by their login credentials and has a separate area on the computer to store files associated with that login. Windows Home provides two methods of logging in. One method uses a Microsoft account, and the other is a "local" login. By default when you add a user to Windows, Microsoft attempts to force you to use a Microsoft account. Microsoft prefers this because it informs it every time you log in to a network connection. I personally prefer to log in privately. To create a local account, go to Settings | Accounts | Family and Other People | Add Someone Else to This PC. The dialog will prompt for an email address or phone number. This is to set up a Microsoft login account. Instead, look for the small text at the bottom left that says "I don't have this person sign-in information" and click the link. Now, it will prompt you to provide information to create a new Microsoft account. This is still not what we want, so look for the "Add a user without a Microsoft account" near the bottom and click on that link. The next dialog says "Create an account on this PC." This creates a user account that is tied to the computer and not to Microsoft.
At this point, you can enter a username and password. If you choose not to enter a password, then a password will not be required to log in when you start the computer.
When Windows lists an account, it also shows the "Account Type." Windows Home has two account types by default: standard and administrator. A standard account can't install software and is better protected from malware. Most people should use a standard account as their default login. However, before you change the account type, make sure you have at least one administrator account. I normally create an administrator account to install software and make configuration changes on my PC. I only use that account for these things.
Anti-virus and Malware Protection
Microsoft has provided Windows Defender built-in virus protection for several years now. This product has languished at the bottom of the reviews for similar products but recently has started to be recognized as a credible tool. If Windows detects that no other anti-virus product is installed, it will normally automatically enable Defender. Defender is updated regularly to help it detect new threats as they are discovered. Defender scans the PC for malware in the background while you are working and more aggressively when it detects the computer is idle.
You can also request Defender to scan your computer if you suspect there may be an issue. You can right-click on a file or folder and ask Defender to scan the individual files or folders. This is very useful if you download files from the Internet.
Microsoft provides some special scanning tools, Defender Offline, and the Microsoft Safety Scanner as an external or standalone scanning tools that can be used from a utility boot disk to scan a PC that is disabled by malware.
The Windows update process is also involved in protecting your computer. Monthly, Windows update installs a custom tool, the Malicious Software Removal Tool (MSRT), and scans the computer looking for prevalent threats and then tries to remove them. This process happens even if you are using a third-party anti-virus program like Norton or McAfee.
There are two computer scams that are very prevalent right now that I want to call out. The first is a telephone scam. A call comes in, and the caller typically claims to be from Microsoft tech support or some other technical support organization. The caller states that they have detected a problem with your computer, such as an infection or virus, and they want to help you remove it. These are ALWAYS scams mostly originating from India. Simply hang up and do not listen to them, do not give them remote access to your computer, and do not give them a credit card either on the phone or online.
The second is a variation on the first. You are browsing the Internet, and all of the sudden a large, typically flashing red block appears stating you have been infected and you should call the number listed for help in removal. The ad may also blast an annoying alarm sound. Do not call the number. Simply shutting down the will fix this 9 times out of 10. The tenth time can normally be fixed by removing browser add-ins and resetting the home or start page.
I will continue the tour of Windows security features and look at Windows firewall and backup and recovery features.