Windows 10 is the safest Microsoft operating system, at least when compared to previous versions, which great strides have made, but still required the installation of additional software to increase security. Those who have Windows 10 can benefit from a whole series of additional protections that can protect every PC from infections and hacker attacks.
We see in this guide how to make Windows 10 safer on each PC, so that we can safely give up the installation of additional security software, especially if we use a work station or use the PC a few hours a day, when we are at home.
By applying all the tips shown we will have a very safe operating system, protected even from very serious threats such as ransomware or targeted hacker attacks.
READ ALSO -> Windows 10 Security Settings Guide
1) Security systems integrated into Windows 10
Speaking of Windows 10, we can summarize its greater security in three fundamental points:
- In Windows 10 we already have an integrated antivirus called Windows Defender, which has recently been improved by Microsoft both when it comes to detecting threats and when it comes to removing them (which is very important if a virus manages to activate and spread) .
It goes without saying that you don't need to install a new antivirus on your PC, since the integrated one is more than good.
For maximum protection, we recommend activating all the items in the Virus and threat protection menu, which can be found in the Settings menu -> Updates and security -> Windows security .
- You can surf the internet with the new Microsoft Edge browser which, currently, is able to prevent virus infections via web links and emails; this browser replace the old Internet Explorer and works as an app that cannot affect the system.
- Smartscreen filter, activated by default, is a protection that prevents an executable program from installing itself without the authorization of the computer administrator.
2) Additional security systems on Windows 10
The items seen above are activated by default on Windows 10, but to obtain an additional level of security we can also enable and take advantage of other tools integrated in the Microsoft operating system.
Protection from ransomware
Ransomware are viruses that can "take hostage" the PC by blocking the execution of any program and encrypting the important files on the computer disk.
Given their great danger, we can use the ransomware prevention system on Windows 10, which will prevent any non-certified executable from modifying, creating or deleting files from protected folders .
To activate it, go to the Settings -> Update and security -> Windows Security -> Open Windows Security path and click on the item Virus and threat protection .
In this menu we will find the item Ransomware Protection at the bottom, on which we will have to click to open the menu of our interest.
In the new window, activate the button under Controlled folder access, then choose which folders to protect using the Protected folders item.
We recommend adding Documents and Pictures as a protected folder, but on paper we can add all the sensitive folders where files of vital importance for work or for our private life can be kept.
Once inserted in the protected space, only apps authorized or certified by Microsoft will be able to act on the files, effectively preventing ransomware from encrypting our most sensitive files.
If we want to authorize Windows 10 apps, just use the Allow apps via controlled folder access option, entering the apps that we believe are safe.
Exploit protection
Exploits are pieces of code that can exploit hidden vulnerabilities in Windows 10 (not yet discovered and fixed by Microsoft).
Widely used by hackers and viruses to increase the level of damage and espionage on PCs, from today they can be minimized (therefore make them less effective) by using the tools integrated in Windows 10.
To activate this setting, go to the Settings menu -> Update and security -> Windows Security and click on the item App and browser control .
From this menu, scroll down to find the item Exploit protection, then click on Exploit protection settings .
Let's make sure in the first screen that all items are set as default, so as to significantly increase the resistance of Windows 10 to cyber attacks and viruses.
READ ALSO: Activate protection from Exploits in Windows Defender (Windows 10)
Device security
To make Windows 10 even more secure from attacks carried out through code injected through memory or the CPU, we can activate the protection of the cores and memory, so as to reduce the risk of damaging the computer due to malware to zero.
Let's go to the Settings menu -> Update and Security -> Windows Security and click on Device Security .
The core protection should already be active (it is a hardware feature present in the processors), while to protect the RAM we click on Core isolation details and activate the Memory integrity item.
If our hardware is compatible, we will increase security on Windows 10 significantly.
Virtual browser (Sandbox)
To prevent the display of modified web pages from infecting Windows 10, we can run Microsoft Edge inside a virtual protected space called Sandbox.
Everything that takes place in this space is protected and cannot communicate with the original Windows 10 system files, but only with virtualized copies (upon closure they are deleted).
To activate this important security feature, go to the Settings menu -> Update and security -> Windows Security and click on App and browser control .
In the window that opens, scroll down to find the item Isolated exploration, then click on Install Windows Defender Application Guard .
At the end of the installation, Microsoft Edge will be protected by virtualization in Sandbox, so that you can open any Web page without fear that it may contain viruses or exploits that can damage our PC.
More information about Windows Defender Application Guard can be found here -> Windows Defender Application Guard overview .
3) Other settings to improve Windows 10 security and privacy
In addition to this, some options can be changed in Windows 10 to make the PC as secure as possible, especially from the point of view of information privacy .
As already explained regarding the Windows 10 Privacy settings, when you take a new PC (or if it has never been done), it would be better to disable the items that undermine our privact.
We then open the settings from the Windows 10 Start menu, go to the Privacy section and disable the following options:
- In general, disable the sending of writing information to Microsoft which, as mentioned, almost looks like a Microsoft keylogger in Windows 10;
- In position, deactivate position detection;
- Disable the possibility that apps use the Camera, Microphone, Voice Recognition, Account Info, Contacts, Calendar and Email (unless you use the Mail app), Call History, Messages, Radio, Other devices ;
- Disable Feedback requests in Windows 10.
Still in the Windows 10 settings, there are other options curiously left enabled by Microsoft that it would be better to disable to be more secure:
- In Windows Update, press on Advanced Options, then on Choose how to deliver updates and disable Updates from multiple locations .
- Then go to Settings -> Network and internet, to the WiFi section, scroll down and click on Manage Wifi settings, then disable the two options of Wifi Sensor and that of paid WiFi services .
Finally, Microsoft can be denied participation in the data collection program to improve Windows.
We have already said how to disable Microsoft monitoring and Windows 10 telemetry.
In summary, just disable the option found by looking in the Control Panel in the Modify Software Usage Analysis settings section (to be written on the search bar).
With these modified options, your computer remains safe from any intrusion by Microsoft or other apps.
To these are added the classic recommendations to keep your PC safe and protected from viruses that we always recommend reading and learning from memory.
READ ALSO -> Check if your PC is safe and protected from viruses and on the internet
