MS Windows has come a long way in terms of security. When it comes to Personal computers’ Operating System (OS), Windows (Windows XP, Vistas and Windows 7 put together) accounts for nearly 90 % according to the statistics published in W3Schools. The statistics for March,2011 show that Windows 7 has 34.1 %, Vista has 7.9 % while Windows XP has 42.9% of share. For the curious, Linux has just about 5.1% share whereas Mac has 8% at the same period.
Microsoft has worked hard on its latest avatar of Windows to make it not only more user friendly but also a lot more secure than other versions of windows. It offers an effective anti virus software – MS Security Essentials and a Malicious Sofware Removal tool too.
Windows 7 also offers a better firewall with complex inbound/outbound configurable ruleset. In other words, MS offers – better security straight out of the box than before. With that said, it still pays to be prudent and follow the suggested steps to enhance the security of your Windows computer.
Steps to Secure Windows Computers:
1. Enable internal Firewall.
2. Set up ‘hard’ passwords for all accounts. In older Windows set up password for all accounts. Disable guest account while you are there.
3. Keep your patches and hot fixes current. This is not just for the OS alone – but also to your browsers and Email clients.
4. Disable Remote Desktop until you need it. When you are done, disable it promptly.
5. Create backup in an external device.
6. Disable hidden file name extensions. This step will also help you avoid duplicate extensions. When you are browsing in File explorer, you should see what extension a file has.
7.Never run or execute a program from email.
8. You may want to use OpenDNS – a ‘public’ DNS server which will allow you to configure the kind of sites allowed for name resolution in your network. It offers webcontent filtering,Phishtank anti-phishing and whitelist/black list creation of lists.
There are some tools to diagnose and monitor your computer. We list below some of them:
1. WinPatrol – from BillP studios – (www.winpatrol.com/) This tool lets you take a brief snapshot of your critical system resources and alerts you to any changes. For the kind of monitoring it does, it has a surprisingly low memory foot print.
2. Collection of security utilities from Sysinternals (technet.microsoft.com/en-us/sysinternals):
We show below only a couple of the most used system tools here. You will find more command line utility tools listed there.
a. Process Explorer: It is a powerful tool which lets you see the various process running in your computer – PID,CPU usage,memory used, description of the process and the company name of the process involved. You can replace the normal task manager with this more advanced version if you so wish.
b. TCPView: Lets you see the network connection – Process, PID, Protocol,Local Address, Local port,Remote Address,Remote port, state and sent/received bytes.
3. If you have any sensitive data you would not want any prying eyes to see, enable file encryption. In Windows 7 ultimate edition, you can use Bitlocker to encrypt a file or a directory. If you have an older Windows, go with the OpenSource TrueCrypt (www.truecrypt.org) – an encryption software that does on-the-fly encryption of the files in memory.