Windows 10 is the most secure version of Windows I’ve ever used, with greatly improved antivirus, firewall, and disk encryption features — but it’s just not really enough.
While Microsoft works hard to keep their users safe, hackers are still exploiting unique vulnerabilities only found in Windows computers, making Windows the most frequently hacked operating system in the world.
But most threats are pretty easy to protect against, and it only takes a few minutes to make sure you’re keeping your PC secure.
How to Keep Your Windows 10 Computer Secure
1. Update Your Software Regularly
Keeping Windows and all of your software up-to-date is a simple, yet vital part of protecting your computer from hackers.
The majority of updates are bug fixes and security patches that keep your operating system and software from providing a backdoor for hackers. The larger a piece of software is, the greater the likelihood that it will have vulnerabilities which a hacker can exploit.
Every time a hacker exploits a vulnerability, developers work to patch the vulnerability and update their product. Unfortunately, there are so many users on out-of-date versions of software that hackers are able to exploit the same vulnerabilities for years.
Windows 10 is designed to automatically update — all you need is an internet connection. However, different programs on your computer may not be so intuitive. Antivirus suites like Norton 360 use PC vulnerability scanners to ensure that all of your software is up-to-date.
2. Always Research and Double-Check Your Downloads
Many malware infections can be attributed to user error. You can avoid a lot of security threats just by being cautious and researching the files and content you’re accessing.
A lot of hackers hide malware in seemingly legitimate downloads. Here are some simple steps you can take to ensure you’re not accidentally downloading a virus:
- Do a Google search to check how big the file you’re downloading is supposed to be.
- Look for more info about your downloads from forums and trustworthy websites.
- Look through the contents of a zipped folder before extracting the files.
- Use an antivirus to scan any files before you open them.
Taking extra time to double-check and research your downloads will save you a lot of stress — but a lot of malware downloads are very cleverly hidden — it can be very difficult to know if something is legitimate without running it on your computer. That’s why I also recommend you have a decent antivirus in case something gets past your defenses.
3. Protect Your Network with a Firewall
A firewall monitors the traffic coming in and out of your network, blocking incoming traffic from suspicious locations. This keeps malicious files and hackers from invading your computer through your internet connection. Windows’s built-in firewall is pretty good, which you can access through the control panel.
While Windows Defender’s firewall is pretty good, it’s not nearly as powerful as most third-party options.
McAfee and Norton both include advanced threat detection in their firewalls, which allows them to determine new threats more effectively than Windows Firewall. These internet security tools also provide network health options to help you analyze the security of every device on your network.
4. Monitor Your PC with Windows Task Manager
If your computer is behaving strangely, you either have malware or some kind of performance issue. When it comes to diagnosing computer problems, Windows Task Manager is the best place to start.
Task Manager tells you what programs are running on your computer, how much space they’re taking up, and how much disk space is left on your hard drive.
Task Manager can be accessed by pressing Ctrl + Alt + Delete.
The Processes and Performance tabs are the most important diagnostic tools.
Check your CPU usage, and look at the programs that are taking up the most processing power — if you don’t know what they are, a little bit of research can help you figure out if you’ve got a malware infection or just some bloatware hogging your CPU.
It’s important to have a working knowledge of your computer’s essential processes. I use Task Manager almost every day to keep an eye on how well my computer is running.
5. Avoid Dangerous Pop-Ups with an Ad Blocker
Advertisements are my least favorite part of the internet — they slow down my connection, waste my time, and they’re often directly linked to malware and phishing websites.
Sketchy websites will use fake notifications or tricky pop-up ads to get you to download malware, visit a phishing site, or give your personal information to hackers. Ad blockers keep you out of these situations by blocking ads completely.
A lot of Chrome and Firefox users choose Adblock Plus, which is a great ad blocking browser extension. However, Norton and Avira both offer ad blockers in their antivirus packages, which both block link tracking, so your browsing won’t get traced between websites.
Having an ad blocker is a great way to reduce your risk of malware infection, especially if you’re navigating to less secure websites.
6. Keep Your Browsing Private with a VPN, Especially on Public Wi-Fi
Using a VPN (virtual private network) is the best way to keep your internet use private — VPNs tunnel your data through an encrypted server, which ends up replacing your IP address with another (non-identifiable) IP address. Anybody tracking your browsing will only see the IP address of the anonymous server.
If your IP address is public, Big Data is probably selling your browsing history to marketers and businesses. A lot of governments and law enforcement officials track this history, and many laws force internet service providers and websites to share personal user information.
VPNs are especially important if you use public Wi-Fi networks. Public Wi-Fi networks can be set up by hackers who will spy on your usage once you connect to the network. A VPN makes it impossible to spy on your computer through a corrupted public Wi-Fi network.
VPNs are crucial tools for private browsing, public Wi-Fi security, and anonymous file-sharing. A lot of antivirus programs include VPNs in their security packages — you can see our list here.
7. Use Device Encryption or Bitlocker to Protect Your Hard Drive
If your computer gets lost or stolen, the thief can easily remove your hard drive and access your files. Device encryption makes it almost impossible for anyone to get access to the information on your disk drive.
Encryption works by encoding your data with a super-complicated cipher, which can only be decoded by the computer that generated the encryption. Without your password, all of your data just appears as a string of random characters.
Windows Device Encryption is included on many Windows 10 Home machines. This feature can encrypt folders and files on command, as well as making disk partitions to store large amounts of encrypted data.
To see if you have this option enabled, click the Windows icon, then click Settings, then Update & Security.
Windows Device Encryption is pretty strong, but users that upgrade to Windows 10 Pro get access to the Bitlocker encryption tool. It encrypts all of the data on your drive and includes a useful dashboard function to change settings.
Windows Device Encryption and Bitlocker both use 256-bit AES encryption, which is the preferred encryption for banks, militaries, and governments around the world.
8. Use a Secure Password Manager with Two-Factor Authentication (2FA)
Once your passwords get hacked, your whole system becomes vulnerable. If you use the same password on different websites or your passwords aren’t sufficiently complex, then your logins can be hacked into easily.
Password managers generate and autofill extremely complex and secure passwords between all of your devices and browsers. The best password managers also offer useful extra features like encrypted storage and encrypted chat options — some even include a VPN!
All of the best password managers support two-factor authentication (2FA), which requires you to enter both a password and a second form of verification to log into your password vault. This verification can be a fingerprint, face scan, USB stick, or temporary one-time password (TOTP) sent to your phone or smartwatch.
Windows Hello is the biometric authentication feature in Windows 10 — it syncs up with password managers like Dashlane and Keeper so you can access your password vault with a simple face scan. This biometric 2FA makes it easy to keep your passwords as secure as possible.
9. Use a Secure Browser and Windows Sandbox
Microsoft Edge is a big improvement over the famously terrible Internet Explorer browser, but it’s just not good enough. You should switch to Mozilla Firefox or Google Chrome — they both offer better protection against phishing sites and malicious web scripts than Edge.
There’s one more way for Windows users to ensure their browsers can’t be a source for malware infection — Windows 10 Pro now includes the Sandbox tool. This tool allows programs to run in a virtual machine — sandboxed programs can’t access any of your system files, and any changes they make disappear when you close the virtual machine.
I run Chrome in Sandbox, which allows me to navigate wherever I want on the web with zero risk — any dangerous web script or attempted system invasion is cut off the moment I close Sandbox.
10. Close Your Back Door by Uninstalling Flash ASAP
Adobe Flash Player used to be the most popular media player on the internet — for users and hackers alike. Hackers had so much success using Flash as a backdoor into people’s systems that it needed security updates almost weekly. Nowadays, a lot of hackers use fake Flash updates to trick users into installing viruses on their computers!
HTML5 made Flash obsolete a few years ago, and Adobe announced in 2019 that it would be completely phasing out Flash in 2020. There is no longer any reason to have Flash on your computer — it’s basically just an avenue for hackers to infiltrate your machine.
Uninstalling Flash on Windows 10 is pretty simple. While you can’t uninstall Flash using the Windows Uninstall function, Adobe offers an uninstaller app for Flash on their website. Just download the app and run Adobe’s uninstaller to remove it from your computer.
I also recommend that you change your browser settings and disable the Flash plugin. In Chrome, do this by selecting the Privacy and Security tab in Settings, then select Site Settings. Click on the Flash option, and tell Chrome to block websites from running Flash.
11. Download an Antivirus
Even if you follow every precaution, malware can still find its way onto your PC. Antivirus software can be seen as the last line of defense against malware.
The best antivirus products have a better malware detection rating than Windows Defender, plus a huge range of helpful features. Every program has something that sets it apart from the rest — here are some of my favorite antivirus programs:
- Norton — Has a 100% malware detection rating, good VPN, identity theft protections, and comprehensive parental controls.
- Avira — Powerful antivirus protection as well as system speedup tools to boost performance on slower PCs.
- McAfee — Comprehensive internet security package as well as the best mobile anti-theft protections on the market.
- Bitdefender — Cloud-based scanner protects your system without using up disk space (one of the best lightweight antivirus options out there).
Now You Know How to Keep Your PC Safe
Cybersecurity is more than just a set of practices and software tools, it’s a state of mind. Just like I wouldn’t leave my front door unlocked and invite untrustworthy people into my home, I don’t go on the internet without these essential protections.
There are a lot of hackers out there, but they mostly prey on the unprepared. By following these tips and staying educated about the latest cybersecurity threats, you can ensure your computer’s health and well-being for years to come.
Frequently Asked Questions About How to Keep Your Windows 10 Computer Safe
How does malware infect Windows computers?
There are several different forms of malware, including viruses, ransomware, spyware, and rootkits, but they all have one thing in common:
- The majority of malware can’t run on your computer without your permission.
They try to trick you with deceptive downloads, pop-up windows, and malicious web scripts, but if you don’t download and run malware, it’s very hard to hack your computer.
If you see a pop-up notification, look closely — does Windows really need you to download an update, or is this a deceptive pop-up trying to put malware on your device? Fake updates and software notifications are commonly used by hackers to invade unsuspecting Windows users.
In general, you need to be very careful about what content you’re accessing online.
Does Windows 10 include every security feature I need?
Windows 10 has better security features than any of its predecessors — but it’s far from perfect.
While Microsoft’s Bitlocker feature is a really good device encryption tool, Windows Defender doesn’t rank as high in malware detection as most premium Windows 10 antivirus programs.
Plus, antivirus suites include other essential security protections that Windows doesn’t provide — encrypted VPNs, 2FA-enabled password managers, disk drive optimization tools, and high-performance parental controls. Windows Defender only scans for malware.
Will security add-ons slow my computer down?
There is always a tradeoff between security and performance, but if you’re smart about what kind of security tools you use, you won’t need to sacrifice performance to get high-quality security.
- Virtual Private Networks (VPNs). The best VPNs will only slow down your internet connection between 10-30%. You’ll still be able to stream HD video, download and upload files, and make video calls.
- Antivirus software. Cloud-based scanners like Avira won’t slow down your system during scans, and most antivirus programs are designed to have a minimal CPU impact. “Quiet modes” keep your antivirus from interrupting gaming, movies, and other full-screen apps.
- Device encryption. Device encryption may create a small amount of slowdown, but you won’t notice it. Most computers have AES encryption built into the hardware, which saves a lot of CPU strain.
- Password manager. Password managers are lightweight programs and don’t use a lot of processing power. Most password managers use encrypted cloud storage to store your passwords and data, which keeps them from taking up disk space.
- Firewall. Firewalls are 100% essential for anybody using the internet, and they have a negligible effect on connection speed.
- Ad blockers. Ad blockers actually increase your browsing speed because they save your computer the hassle of loading and playing advertisements.
How much does this cybersecurity stuff cost?
It depends. If you’re on a budget, you can get decent protection for free, but if you’re serious about keeping your computer safe, there are a lot of low-cost, high performance cybersecurity tools out there:
- Antivirus software. Norton 360 is my favorite antivirus for Windows, and you can get a year subscription for cheap with this discount link. It comes with a secure password manager and a fast VPN (and many other things).
- Password manager. Dashlane is the most secure and most efficient password manager on the market, and it also comes with a good VPN. The premium version will run you less than a couple cups of coffee every month (and if you enter SAFETYD25 at checkout, you’ll get an extra 25% off).
- VPN. If you get an antivirus package like Norton, you won’t need an extra VPN. There are also plenty of other antiviruses which have an included VPN in their internet security packages.
Some people think cybersecurity add-ons aren’t worth the money — until they get hacked. Protect your PC before that happens! It’s not a lot of money!