There is no such thing as too much security when it comes to your computer (and any electronic devices!) Most people use their electronics for sensitive activities like banking, paying bills, shopping, and emailing - making you enter and transmit personal and financial information constantly. Observe our 10 commandments of computer security now before your security issues grow to Biblical proportions.
(In a hurry? Download this guide to read later!)
1) INSTALL AND UPDATE ANTIVIRUS/MALWARE AND FIREWALL PROTECTION
Antivirus and anti-malware software is an integral part of computer safety and security. If you use Windows, Microsoft has free protection in the form of Microsoft Security Essentials for Windows Vista and 7. Windows 8 and later come with the built in Windows Defender.
If you're a light computer user then these free programs should be just fine for your needs.
But if you use your computer daily and quite often and have sensitive information to protect then you'll likely want to look into a paid antivirus software. We recommend ESET which has home and business versions for both Windows and Mac users (download here).
Paid antivirus programs tend to have better support behind them along with faster updates and patches to protect against newly created malware and viruses. They also frequently offer multi-dimensional support to help protect emails, web browsing, other devices like phones/tablets, and more.
It's important to note however that having an antivirus doesn't guarantee 100% protection against infections. Even the best program can't help if you accidentally approve the installation of a bogus application, click on an infected ad online, or let a scammer remotely connect to your machine.
In addition to antivirus, every computer should be protected with a firewall. "A firewall is a software program or piece of hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the internet." Firewalls are meant to work in conjunction with an antivirus program, whereas you should never run two or more antivirus applications on your computer at the same time as this can cause errors. A program meant to work alongside your antivirus to help boost protection is okay, such as MalwareBytes Anti-Malware.
2) SECURE YOUR ROUTER
Many people worry only about protecting their computers, when in fact routers are extremely easy to get into. Once connected to an unsecured router, someone can access any device connected to the network - potentially every single internet connected device you own.
Who's On My Wifi has a great whitepaper outlining five steps you can take to make your router and wireless network very difficult to exploit.
This can be a fairly intimidating process if you haven't had much experience configuring router settings, so if you're not confident doing this yourself it's highly recommended to either call your internet service provider or a trusted IT professional for help.
3) SET UP AND USE A STANDARD (NON-ADMINISTRATOR) ACCOUNT
This is one of the quickest, most helpful steps to take to secure your computer. There are a few different types of Windows user accounts.
The first is an administrator account. These are password-protected and required to be made during operating system setup (meaning every computer will have at least one admin account). It gives full control of Windows including changing settings and security features, installing programs, and just about anything else you could want to do on a computer without requiring a password. You can see how dangerous it would be for a hacker or infection to get control of an administrator account.
The second type of account is a standard account and is more restrictive. It allows you to do all the basic functions most people need such as getting online along with running and downloading files and programs. Standard accounts don't quite have all the features admin ones do though: "you can't change advanced settings or install programs unless you type in the administrator password." This means for example if a virus tries to install itself on your computer, you'll be prompted with a popup asking you to confirm it, helping you to quickly notice something's up and decline the installation.
Lastly, on pre-Windows 10 operating systems there is a third account type called guest. These are the most restrictive and are great to set up for use by guests to your home, relatives, kids, etc who will want to use the computer. You certainly don't want to give people the ability to install programs you don't want, download malware, or change settings. Guest accounts are the perfect solution to still let someone use your computer without worrying about anything being messed up.
The dangers of administrator accounts
Many people simply use the administrator account for their every day use which is understandable. It has the most control and doesn't bother you every time you want to install a program or change a setting.
However, with how infrequently most people need to do those administrator level tasks, it makes sense to only use one when needed (or simply type in your admin password when required on a standard account) and stick with a more secure standard account for daily use. Hackers or malware gain the rights of whichever type of account they've gotten access to, and when it's an admin account they have total control of your computer's settings and functionality.
"If you're using an administrator account when a hacker takes control, a relative is on your computer or a virus gets on your system, then they can do anything they want. If you're using a standard account, however, then they can only do things that don't require administrator permission. That means a hacker or relative can't change major settings or install viruses, and viruses themselves can't install unless you enter the administrator password. You'll know right away something is up when you computer starts asking for permission to do things you didn't ask it to do."
Check out this Komando.com article for instructions on setting up each type of account depending on which version of Windows you're using.
4) KEEP YOUR SOFTWARE AND OPERATING SYSTEM UPDATED
All the software we use is basically guaranteed to be riddled with bugs and security holes. This is why manufacturers regularly issue updates to patch these holes and keep software working correctly, without leaving your computer vulnerable.
Attackers use vulnerabilities to infiltrate systems and plant malware, which is why it's so important to update software as soon as possible. To do this for Windows, leave Windows Update set to automatically update unless you're specifically instructed not to (for example by a system admin or IT department).
Other software you use likely has options to install updates automatically or manually, these should be set to automatic for the best protection.
We also recommend a website called Ninite to quickly and easily update common programs. Simply go to the website, put a check mark next to the programs you wish to update, click the "Get Your Ninite" button, and an installer will bundle each application install/update into one window without you having to do anything else. Ninite can be used for both initial installs and updates of programs already on your computer.
5) PRACTICE GOOD PASSWORD USE
Secure passwords are the bane of every computer user's existence.
Create a super secure one and risk never being able to remember it, or create a simple one and risk security breaches.
There are a few ways to make sure you're staying protected without too much risk. One growing in popularity is to use a password manager. While you will still have to create and remember one ultra secure password, it will remember and fill in passwords for all your online accounts. Check out PC Mag's reviews of the best managers for 2016.
Another way to create strong, easy to remember passwords is to use acronyms for memorable phrases, or strings of words in nonsensical order. Both these methods are covered in our blog post here all about strong passwords.
Wondering how secure your passwords are? Go to experte.com/password-check and type yours in to check.
6) BEWARE OF SCAMS
Scams have been around for longer than the internet, but have found a popular home online. Phishing scams have become very well-known: "a phishing attack is equal to someone calling your phone, claiming to be your bank, and asking for your credit card number. Your bank would never call you and ask for this information, just as they would never email you and ask you to send the information in an email."
Phishing emails can appear to come from someone you know, your bank, an online retailer, your credit card company, and just about anyone else that handles your financial information. These companies have strict rules against asking for your information and will never do so in an email. We cover these sorts of scams in further detail in our blog post. Howtogeek.com also has a great breakdown to show you how to easily spot a phishing scam.
Another scam that has been very prevalent lately is what we call the fake tech support scam. A "customer support rep" will call you, claiming to be from a well know company like Microsoft or Norton, and tell you that they've found all sorts of issues, infections, errors, etc on your computer. They'll happily help you clean up your system if you pay and allow them remote access into your computer. This can also come in the form of a scary looking pop-up on your machine telling you the same, and to call the displayed number immediately for help.
This is always a fake; unless you have specifically paid for a monitoring service, no company has the personnel or resources to track every single user of its software. Never let these scammers onto your computer or pay them.
Most importantly, stay aware! Keep up to date on new scams and viruses going around and learn how they spread. Snopes.com has a great webpage here on virus hoaxes and realities.
7) CREATE AND MAINTAIN BACKUPS
Most people have valuable pictures, music, documents, and files on their computer that either can't be or would be very difficult to replace.
Backups used to be a pain to create, but they are easier and more flexible than ever. If your computer is ever too infected for a standard virus removal or your current hard drive fails, a backup will be the only way to save all your data.
Whether you choose to use an external hard drive or a cloud service for your backups, making one before you need it is the best practice. Our two-part guide goes over how to choose which storage medium is right for you, and how to create your initial backups.
8) PROTECT YOUR PHONE AND TABLETS, TOO
Phones and tablets are computers too, and can fall victim to infections and attacks. Many people use apps to bank through their electronics, pay bills, check email, and log into online accounts.
Threats to mobile security are growing, so it's important to ensure you're protecting your other devices just like you would your computer. Follow these steps to make sure your other electronics aren't giving away your personal information:
- Download and keep protection software updated. Check these lists to find your perfect match - Android, Apple, Blackberry
- Use security apps based on your needs to protect everything you do on your phone or tablet. Check these lists to find the best ones for you - Android, Apple
- Ensure that your devices are password protected, otherwise anyone who picks up your phone or tablet can gain access to its contents
9) PREVENT SPYING THROUGH YOUR MICROPHONE AND CAMERA
Built-in webcams are great tools for video chatting, but can be hacked into without your knowledge.
Normally an indicator light comes on when your webcam is activated, but this can be bypassed by someone with the know-how and used to spy on you and your surroundings. Many people choose to simply tape over the webcam when they don't need it. A more elegant solution is to buy a webcam privacy slider like this one for a few dollars.
As well as taking advantage of your webcam, built-in microphones can also be hacked into to listen in on conversations. Laptops generally come with the microphone enabled by default.
To turn yours off, launch the Sound app from the control panel or by typing "sound" into your Start Menu search bar. Click the Recording tab, select your laptop's built-in microphone, click Properties, and change the Device Usage drop down to disabled.
10) CLEAN UP AFTER YOURSELF
When your computer or phone's time has finally come, ensure that you're not sending it off with all your information. Even deleting everything off your computer or reloading the operating system doesn't mean someone knowledgeable can't recover it.
If you aren't planning on donating the computer and the hard drive won't ever need to be used again, you can take the drive out and physically destroy it.
If the computer will be donated or gifted to someone else who will more than likely want a usable hard drive, you'll want to turn to software methods involving a secure-erase. There are a number of programs available for this, and different ones depending on the type of drive you're trying to wipe (hard drive, solid state drive, flash drive). PC World has a great article on different programs depending on your needs.
BONUS TIP: DISCONNECT FROM THE INTERNET (WHEN IT MAKES SENSE)
While a majority of computer usage is online these days, unless you have something like a server that needs to be connected to the internet 24/7, it is both safe and practical to disconnect from the internet when it's not being used. "Hackers tend to prefer to exploit 'always on' connections, and if your internet connection is more sporadic, you'll be less attractive to them."
Hackers and scammers likewise can't remain connected to any computer that's completely disconnected from the internet. This is helpful for things like the fake tech support scam that we mentioned above. If you've let someone into your computer and realize it's a fake while it's happening, you can disconnect from the internet to force them out of your machine.
No one who isn't physically in front of your computer can connect to it without an active internet connection, making this a powerful way to ensure nothing nefarious is happening behind the scenes of your operating system.
So whether you're worried about a possible security issue or just want to make yourself less of a target, turn those devices off when you don't need them! For computers that are directly wired to your router via an Ethernet cable, you can also unplug one end when you don't need online access to allow use of the computer while not having to worry about unknown people having remote access.