Short on time? Here’s the best way to keep your Windows 10 computer secure in 2023:
- Download a top-quality antivirus like Norton. Norton can prevent, detect, and remove all types of malware, block malicious and risky websites, and improve system speed and performance. It also comes with a good VPN (for encrypting your traffic), an intuitive password manager (for securing your passwords), and feature-rich parental controls (for keeping your kids safe online).
Windows 10 is one of the most secure versions of Windows I’ve used, with greatly improved antivirus, firewall, and disk encryption features — but it’s just not enough.
While Microsoft works hard to keep its users safe, hackers are still exploiting unique vulnerabilities only found in Windows computers, making Windows the most frequently hacked operating system in the world.
But most threats are pretty easy to protect against, and it only takes a few minutes to make sure you’re keeping your PC secure.
How to Keep Your Windows 10 Computer Secure
1. Update Your Operating System and Software Regularly
Keeping Windows and all of your software up-to-date is simple, yet it’s a vital part of protecting your computer from hackers. The majority of updates are bug fixes and security patches that keep your operating system and software from providing a backdoor for hackers. The larger a piece of software is, the greater the likelihood that it will have vulnerabilities that a hacker can exploit.
Every time a hacker exploits a vulnerability, developers work to patch the vulnerability and update their product. Unfortunately, there are so many users on out-of-date versions of software that hackers are able to exploit the same vulnerabilities for years.
Windows 10 is designed to automatically update — all you need is an internet connection. However, different programs on your computer may not be so intuitive. That said, antivirus suites like Bitdefender include vulnerability scanners to ensure your software is up to date. Bitdefender’s vulnerability scan identifies security weaknesses on your computer and by regularly running a scan, you can protect against unauthorized access, data theft, and malicious attacks.
2. Always Research and Double-Check Your Downloads
Many malware infections can be attributed to user error. You can avoid a lot of security threats just by being cautious and researching the files and content you’re accessing.
A lot of hackers hide malware in seemingly legitimate downloads. Here are some simple steps you can take to ensure you’re not accidentally downloading a virus:
- Do a Google search to check how big the file you’re downloading is supposed to be.
- Look for more info about your downloads from forums and trustworthy websites.
- Look through the contents of a zipped folder before extracting the files.
- Use an antivirus to scan any files before you open them.
Taking extra time to double-check and research your downloads will save you a lot of stress — but a lot of malware downloads are very cleverly hidden. That’s why I also recommend you have a decent antivirus in case something gets past your defenses. A decent antivirus like Norton includes real-time protection that constantly monitors your computer for potential threats. With it enabled, your antivirus will actively scan files, downloads, and email attachments in real-time to identify and block any malicious content. This proactive approach ensures that your system remains protected against viruses, malware, ransomware, and other online threats.
3. Protect Your Network With a Firewall
A firewall monitors the traffic coming in and out of your network, blocking incoming traffic from suspicious locations. This keeps malicious files and hackers from invading your computer through your internet connection. Windows’s built-in firewall is pretty good, which you can access through the control panel, but it’s not nearly as powerful as most third-party options.
McAfee and Norton both include advanced threat detection in their firewalls, which allows them to determine new threats more effectively than Windows Firewall. They both run out of the box and offer good protection, but they also come with benefits not included in Windows Firewall.
For instance, Norton’s firewall provides protection against ARP and DNS spoofing, SSL man-in-the-middle attacks, and port access. It also hides network ports in Stealth mode, preventing unauthorized access, and includes customization options allowing users to set access and traffic rules for both individual programs and Windows built-in programs.
McAfee’s firewall is also highly customizable and excels in detecting various threats such as network intrusions, exploit attacks, and malware communication attempts. You can control which programs can access the web, manage network ports, adjust protection levels, configure trust settings for networks, enable software intrusion detection, and whitelist specific programs.
Overall, a robust firewall is crucial for maintaining strong cybersecurity. It effectively blocks unauthorized access, detects and neutralizes threats, and provides customizable options for enhanced protection, ensuring the safety of your digital assets.
4. Monitor Your PC With Windows Task Manager
If your computer is behaving strangely, you have malware or some kind of performance issue. When it comes to diagnosing computer problems, Windows Task Manager is the best place to start.
Task Manager tells you what programs are running on your computer, how much space they’re taking up, and how much disk space is left on your hard drive.
Task Manager can be accessed by pressing Ctrl + Shift + ESC.
The Processes and Performance tabs are the most important diagnostics tools. Check your CPU usage, and look at the programs that are taking up the most processing power — if you don’t know what they are, a little bit of research can help you figure out if you’ve got a malware infection or just some bloatware hogging your CPU.
It’s important to have a working knowledge of your computer’s essential processes. I use Task Manager almost every day to keep an eye on how well my computer is running.
Here are some other ways you can use Task Manager:
- End unresponsive programs: Task Manager enables you to forcefully close unresponsive or frozen applications that may be affecting system performance.
- Manage startup programs: You can use Task Manager to control which programs launch automatically when the computer starts up, helping to optimize startup time and system performance.
- View and manage running processes: Task Manager provides a detailed list of currently running processes, allowing you to monitor their impact on system resources and end unwanted processes if necessary.
- Check performance metrics: Task Manager offers performance graphs and metrics, enabling you to analyze system performance over time and identify potential bottlenecks.
- Monitor network activity: You can track network usage for individual processes, view active connections, and identify any suspicious or excessive network activity.
- Manage services: Task Manager allows you to view and control system services, enabling them to start, stop, or restart as needed.
- Analyze disk usage: Task Manager provides insights into disk activity, helping you identify processes or applications that may be consuming excessive disk space or causing performance issues.
Overall, Task Manager is a versatile tool that helps you optimize your system’s performance, troubleshoot issues, and monitor resource usage effectively in Windows 10.
5. Avoid Dangerous Pop-Ups With an Ad Blocker
Advertisements are my least favorite part of the internet — they slow down my connection, waste my time, and they’re often directly linked to malware and phishing websites.
Sketchy websites will use fake notifications or tricky pop-up ads to get you to download malware, visit a phishing site, or give your personal information to hackers. Ad blockers keep you out of these situations by blocking ads completely.
A lot of Chrome and Firefox users choose Adblock Plus, which is a great ad-blocking browser extension. However, Avira offers an ad blocker in its antivirus package which also blocks link tracking so your browsing won’t get traced between websites.
Having an ad blocker is a great way to reduce your risk of malware infection, especially if you’re navigating to less secure websites.
6. Keep Your Browsing Private With a VPN, Especially on Public Wi-Fi
Using a VPN (virtual private network) is the best way to keep your internet use private — VPNs tunnel your data through an encrypted server, which ends up replacing your IP address with another (non-identifiable) IP address. Anybody tracking your browsing will only see the IP address of the anonymous server.
If your IP address is public, Big Data is probably selling your browsing history to marketers and businesses. A lot of governments and law enforcement officials track this history, and many laws force internet service providers and websites to share personal user information. You effectively hide this information by encrypting your internet connection through a VPN — preventing Big Data companies, marketers, governments, and law enforcement from tracking and selling your browsing history. It adds a layer of privacy and security, safeguarding your personal information from being shared without your consent.
VPNs are also especially important if you use public Wi-Fi networks. Public Wi-Fi networks can be set up by hackers who will spy on your usage once you connect to the network. A VPN makes it impossible to spy on your computer through a corrupted public Wi-Fi network and can prevent things like man-in-the-middle attacks.
Ultimately, VPNs are crucial tools for private browsing, public Wi-Fi security, and anonymous file-sharing. A lot of antivirus programs include VPNs in their security packages — you can see our list here.
However, I’d recommend choosing a standalone VPN like ExpressVPN. It comes with lightning-fast speeds and access to 3,000+ servers in 94 countries. It also enables access to geo-restricted content and works in restrictive regions.
7. Use Device Encryption or Bitlocker to Protect Your Hard Drive
If your computer gets lost or stolen, the thief can easily remove your hard drive and access your files. Device encryption makes it almost impossible for anyone to get access to the information on your disk drive.
Encryption works by encoding your data with a super-complicated cipher, which can only be decoded by the computer that generated the encryption. Without your password, all of your data just appears as a string of random characters.
Windows Device Encryption is included on many Windows 10 Home machines. This feature can encrypt folders and files on command, as well as making disk partitions to store large amounts of encrypted data. To see if you have this option enabled, click the Windows icon, then click Settings, then Update & Security. If you don’t see it as an option, then it isn’t available on your computer.
Windows Device Encryption is pretty strong, but users that upgrade to Windows 10 Pro get access to the Bitlocker encryption tool. It encrypts all of the data on your drive and includes a useful dashboard function to change settings.
Windows Device Encryption and Bitlocker both use 256-bit AES encryption, which is the preferred encryption for banks, militaries, and governments around the world.
8. Use a Secure Password Manager With Two-Factor Authentication (2FA)
Once your passwords get hacked, your whole system becomes vulnerable. If you use the same password on different websites or your passwords aren’t sufficiently complex, then your logins can be hacked into easily.
Password managers generate and autofill extremely complex and secure passwords between all of your devices and browsers. The best password managers also offer useful extra features like encrypted storage and encrypted chat options — some even include a VPN!
All of the best password managers support two-factor authentication (2FA), which requires you to enter both a password and a second form of verification to log into your password vault. This verification can be a fingerprint, face scan, USB stick, or temporary one-time password (TOTP) sent to your phone or smartwatch.
Windows Hello is the biometric authentication feature in Windows 10 — it syncs up with password managers like Dashlane and Keeper so you can access your password vault with a simple face scan. This biometric 2FA makes it easy to keep your passwords as secure as possible.
9. Use a Secure Browser and Windows Sandbox
Microsoft Edge is a big improvement over the famously terrible Internet Explorer browser, but it’s just not good enough. You should switch to Mozilla Firefox or Google Chrome — they both offer better protection against phishing sites and malicious web scripts than Edge.
There’s one more way for Windows users to ensure their browsers can’t be a source for malware infection — Windows 10 Pro now includes the Sandbox tool. This tool allows programs to run in a virtual machine — sandboxed programs can’t access any of your system files, and any changes they make disappear when you close the virtual machine.
I run Chrome in Sandbox, which allows me to navigate wherever I want on the web with zero risk — any dangerous web script or attempted system invasion is cut off the moment I close Sandbox.
If you don’t have Windows 10 Pro, you can also consider an antivirus program like Comodo which includes a sandbox. Comodo’s secure sandbox simulates your operating system — preventing malware from spreading or modifying the system when opening files within it.
You can also consider a secure web browser such as Bitdefender Safepay. Safepay protects your personal information from hackers and ensures a safe online experience by offering features such as remote access prevention, a screenshot blocker, password manager integration, a virtual keyboard for secure input, and built-in VPN protection. While it may have some limitations like slower page loading and inability to stream HD videos, it remains an excellent privacy enhancement tool for anyone seeking maximum protection online.
10. Close Your Back Door by Uninstalling Flash ASAP
Adobe Flash Player used to be the most popular media player on the internet — for users and hackers alike. Hackers had so much success using Flash as a backdoor into people’s systems that it needed security updates almost weekly. Nowadays, a lot of hackers use fake Flash updates to trick users into installing viruses on their computers!
HTML5 made Flash obsolete a few years ago, and Adobe completely phased it out at the end of 2020. There is no longer any reason to have Flash on your computer — it’s basically just an avenue for hackers to infiltrate your machine.
Uninstalling Flash on Windows 10 is pretty simple. While you can’t uninstall Flash using the Windows Uninstall function, Adobe offers an uninstaller app for Flash on their website. Just download the app and run Adobe’s uninstaller to remove it from your computer.
11. Disable Remote Access
Windows 10 remote access allows you to control your computer or access its files from a remote location. However, can pose certain risks if not properly secured. For example, hackers can exploit vulnerabilities in it to gain unauthorized access to your computer, potentially compromising sensitive data and system functionality.
Remote access can also be used as an entry point for malware or phishing attacks, where unsuspecting users may inadvertently download malicious software or fall victim to social engineering techniques.
If you don’t consider yourself tech-savvy and don’t think you’ll need remote access, then it’s honestly best to just disable it by following these steps:
- In the start menu click Settings then Update and Security.
- Click For developers, scroll down to Remote Desktop, and click Show settings.
- Click the checkbox next to “Don’t allow remote connections to this computer”.
- Click Apply then OK.
12. Utilize User Accounts
User accounts are individual profiles that allow users to log in with unique credentials. Each account has its own settings, permissions, and personalized environment — providing a secure and personalized experience for multiple users on a single computer. While this gives each user privacy, it also helps to prevent malware through various features:
- User isolation: Each user account operates independently, with its own set of permissions and access rights. If one user account gets infected with malware, it is less likely to spread to other accounts or affect the system as a whole.
- Limited privileges: By assigning appropriate user privileges, such as standard user accounts instead of administrator accounts, the impact of malware can be significantly reduced. Malware typically requires administrative privileges to make system-wide changes, so limiting user accounts’ privileges helps prevent unauthorized modifications.
- User access control: Windows 10 provides User Account Control (UAC), which prompts users for permission whenever an application attempts to make changes to the system. This prevents malicious software from making unauthorized modifications without the user’s consent.
- Guest accounts: Windows 10 offers a guest account feature, allowing users to log in with limited access and functionality. This is particularly useful for providing temporary access to users without exposing the system to potential malware threats.
- Secure sign-in options: Windows 10 supports various secure sign-in options like PIN, biometric authentication (such as fingerprint or facial recognition), and password policies. These features enhance security and make it more challenging for malware to gain unauthorized access to user accounts.
13. Download an Antivirus
Even if you follow every precaution, malware can still find its way onto your PC. Antivirus software can be seen as the last line of defense against malware.
The best antivirus products have a better malware detection rating than Windows Defender, plus a huge range of helpful features. Every program has something that sets it apart from the rest — here are some of my favorite antivirus programs:
- Norton — Has a 100% malware detection rating, good VPN, identity theft protections, and comprehensive parental controls.
- Avira — Powerful antivirus protection as well as system speedup tools to boost performance on slower PCs.
- McAfee — Comprehensive internet security package as well as some of the best web protections on the market.
- Bitdefender — Cloud-based scanner protects your system without using up disk space (one of the best lightweight antivirus options out there).
Now You Know How to Keep Your PC Safe
Cybersecurity is also essentially a mindset. In the same way that you won’t leave your front door open or let people you don’t know enter your home, I wouldn’t go online without first securing my device.
There are a lot of hackers out there, but they mostly prey on the unprepared. By following these tips and staying educated about the latest cybersecurity threats, you can ensure your computer’s health and well-being for years to come.
Frequently Asked Questions
How does malware infect Windows computers?
There are several different forms of malware, including viruses, ransomware, spyware, and rootkits, but they all have one thing in common: the majority of malware can’t run on your computer without your permission.
Malware tries to trick you with deceptive downloads, pop-up windows, and malicious web scripts, but if you don’t download and run malware, it’s very hard to hack your computer.
If you see a pop-up notification, look closely — does Windows really need you to download an update, or is this a deceptive pop-up trying to put malware on your device? Fake updates and software notifications are commonly used by hackers to invade unsuspecting Windows users.
In general, you need to be very careful about what content you’re accessing online.
Does Windows 10 include every security feature I need?
Windows 10 has better security features than any of its predecessors — but it’s far from perfect.
While Microsoft’s Bitlocker feature is a really good device encryption tool, Windows Defender doesn’t rank as high in malware detection as most premium Windows 10 antivirus programs.
Plus, antivirus suites include other essential security protections that Windows doesn’t provide — encrypted VPNs, 2FA-enabled password managers, disk drive optimization tools, and high-performance parental controls. Windows Defender only scans for malware.
I use Norton 360 on my PC — it includes all of the above-mentioned features and a substantially better anti-malware engine than Windows Defender.
Will security add-ons slow my computer down?
There is always a tradeoff between security and performance, but if you’re smart about what kind of security tools you use, you won’t need to sacrifice performance to get high-quality security.
- Virtual Private Networks (VPNs). The best VPNs will only slow down your internet connection between 10-30%. You’ll still be able to stream HD video, download and upload files, and make video calls.
- Antivirus software. Cloud-based scanners like Avira won’t slow down your system during scans, and most antivirus programs are designed to have a minimal CPU impact. “Quiet modes” keep your antivirus from interrupting gaming, movies, and other full-screen apps.
- Device encryption. Device encryption may create a small amount of slowdown, but you won’t notice it. Most computers have AES encryption built into the hardware, which saves a lot of CPU strain.
- Password manager. Password managers are lightweight programs and don’t use a lot of processing power. Most password managers use encrypted cloud storage to store your passwords and data, which keeps them from taking up disk space.
- Firewall. Firewalls are 100% essential for anybody using the internet, and they have a negligible effect on connection speed.
- Ad blockers. Ad blockers actually increase your browsing speed because they save your computer the hassle of loading and playing advertisements.
How much does this cybersecurity stuff cost?
It depends. If you’re on a budget, you can get decent protection for free, but if you’re serious about keeping your computer safe, there are a lot of low-cost, high performance cybersecurity tools out there:
- Antivirus software. Norton 360 is my favorite antivirus for Windows. It comes with perfect malware detection rates, a secure password manager, a fast VPN, and many other things.
- Password manager. 1Password is the most secure and efficient password manager on the market, and it also comes with some pretty unique features like a cool travel mode.
- VPN. Antivirus packages like Norton include a VPN, but there are plenty of standalone VPNs that offer unique features that antivirus-bundled VPNs simply don’t provide.
Some people think cybersecurity add-ons aren’t worth the money — until they get hacked. Protect your PC before that happens! It’s not a lot of money!