SECURITY EVANGELIST

We know that installing or reinstalling your Windows operating system takes time and proves to be a laborious job, which none of us likes to follow. But, as we all know, once in a while we have to find the old Windows installation CD/DVD and reinstall the entire operating system.

Since it is a job we don’t do every day, we have to make sure that when we install/reinstall the Windows operating system, we also take additional measures to improve our online security.

We may choose to install Windows on a new machine or we may have to reinstall our operating system due to technical issues or security reasons caused by malware. Whatever the case may be, we always have to ensure that we follow additional steps in order to increase our online security.

Recommendation:
First of all, we hope you didn’t install/reinstall Windows XP. As you may know, Windows XP operating system is no longer supported by Microsoft. Therefore, make sure you have installed on your system Windows Vista, Windows 7, 8, 8.1 or Windows 10.

As soon as you finish the Windows installation, we encourage you to follow the security measures below to increase your security:

1. Keep your Windows operating system up to date



The first important step is to check if you have the latest security updates and patches available for your Windows operating system.

To get the security updates automatically, go to Control Panel and check if your automatic updating is turned on or follow the steps below:

  1. Access the search box in your Windows operating system, type update and then Windows Update.
  2. Select Change settings.
  3. Click Install updates automatically (recommended), in case it is not already selected.

After the initial installation of available updates for your Windows operating system, keep the automatic update turned on in order to download and install the important updates that can help protect your computer against new viruses and security threats.

It is a very important step to install the latest security and stability fixes for your operating system, since cybercriminals always try to benefit from these security holes.

windows 10 up to date


2. Keep your software up to date


It is important to have not only your Windows operating system up to date, but the software you are using, therefore make sure you have the latest updates and security patches for your main programs and applications.

Since it is a well-known fact that malicious hackers try to exploit popular software, such as Java, Adobe Flash, Adobe Shockwave, Adobe Acrobat
Reader, Quicktime or popular web browsers like Chrome, Mozilla Firefox or Internet Explorer, always make sure you have the latest available patches.

Since these pieces of software are always under threat from criminal minds, don’t just rely on your memory to manually update every program or application you have installed. Simply install a dedicated solution to perform these actions for you. And most of all: follow the experts’ advice!


3. Create a Clean Installation restore point


After you have installed your security updates for your Windows operating system, make sure you have created a Restore Point for your installation.

You can create the Restore Point as soon as your Windows installation is ready and name it Clean installation and then you can continue installing drivers and applications.

In case one of the drivers causes issues on the system, you can always go back to the Clean installation restore point.

For more information on how to create a restore point in Windows, check this how-to article.

system_restore


4. Install a traditional antivirus for reactive protection


Use a known antivirus product from a big security company. It is important to have a reliable security solution on your system, which should include real-time scanning, automatic update and a firewall.

To find the best solution, check the antivirus test results run by big company names in the security industry, such as AV Comparatives, PC Magazine, AV-TEST or Virus Bulletin and select the best antivirus solution for your system.

In case you choose to install a security product that doesn’t include a firewall, make sure you have turned on the Windows firewall. To turn it on, go into Control Panel, select Firewall, select Turn Windows Firewall on or off, then select Turn on Windows Firewall for all options.

av comparatives


5. Install a security solution against spyware


First of all, what exactly is spyware?

Spyware refers to that category of software which installs on your computer sending pop-ups, redirecting your browser to malicious websites or in some cases, it may even monitor your browsing history.

Usually, these are the signs a computer is infected with spyware:

  • computer is slow when opening programs or running some applications
  • pop-up windows appear all the time
  • a new toolbar may appear in your web browser
  • the Home page of your web browser has been modified
  • the search engine in your web browser has been changed
  • error messages start to appear unexpectedly

Can I prevent spyware from installing on the computer?

To avoid having spyware on your system, follow these good security practices:

  • don’t click any suspicious links or pop-up windows
  • don’t answer to unexpected answers or simply choose No
  • be careful when downloading free applications

How can I remove spyware from my system?

There are a number of popular anti-spyware products you can use to protect your system from malware. A few security solutions capable of removing spyware from your system are Malwarebytes, Spybot Search and Destroy, Lavasoft’s Ad-Aware and others.

For more information on spyware and how to remove it, here are some helpful communities where you can find the answers to your problems.


6. Install a proactive security solution for multiple defense layers


We need to say that a traditional antivirus solution cannot fully protect you against the latest malware out there. Financial malware epecially is created to steal private data and confidential information and it uses sophisticated methods to do so.

To have the best protection against financial and data-stealing malware, such as the infamous Zeus family or CryptoLocker, it is better to use a specially designed software.

Even though you are protected against traditional viruses and spyware, you still need a specially designed software to protect you against financial theft and data stealing software.

To improve the financial control of your online banking account, you can always set banking alerts to track your account activity and apply other simple and effective financial protection tips.


7. Back up your system


You updated the operating system and your system applications, you have installed additional security products for your system safety and even created a Clean installation restore point for your Windows.

The steps above are meant to keep you safe from malicious software and online threats, but you may still encounter hardware issues that could endanger your private information.

To make sure your data stays safe, you should be using a twofold strategy, which should include combining an external hard drive usage with an online backup service.

We need to emphasize the importance of having a back-up solution which provides stability (look for a big company name), it’s easy to use (so you won’t have a headache backing up from files), allows you to synchronize your files with the online backup servers and provides some sort of security, such as encryption capabilities.

Online Backup

Our guide on how to do a data backup includes more information on most popular backup solutions available and what the best ways to keep your data safe are.

At the same time, you could simply use your Windows Backup system.

To set it up, access your Windows Control Panel and then click Backup and Restore to access the location. From this place, you can set an automatic backup, create a schedule and even choose a network location for your backup files.


8. Use a standard user account to access your Windows operating system


Windows grants a certain level of rights and privileges depending on what kind of user account you have. You may have a standard user account or an administrator user account.

It is recommended to use standard accounts for your computer to prevent users from making changes that affect everyone who uses the computer, such as deleting important Windows files necessary for the system.

In case you want to install an application or make security changes, Windows will ask you to provide the credentials for an administrator account.

Top Security Tip:
Using a standard account ensures that a piece of malware which infects a limited-user account won’t do much damage as one infecting an administrator account.

We also recommend that you set a strong password for your Windows user account.

If you don’t want (or don’t have time) to use a password manager or to set a strong password, at least make sure you follow a few simple rules:

  •  the password should contain around 20 characters
  •  combine upper and lowercase letters, numbers and symbols
  •  don’t use the same password for other accounts
  •  change your password every 30 days

Windows account


9. Keep your User Account Control turned ON


Many users have the tendency to turn off User Account Control after installing/reinstalling the Windows operating system.

We don’t recommend this. Instead of disabling the UAC, you can decrease the intensity level using a slider in the Control Panel.

UAC monitors what changes are going to be made to your computer. When important changes appear, such as installing a program or removing an application, the UAC pops up asking for an administrator-level permission.

In case your user account is infected with malware, UAC helps you by keeping suspicious programs and activities from making changes on the system.

UAC


10. Secure your web browser before going online


Since our web browser is the main tool used to access the Internet, it is important to secure it before going online.

The vulnerabilities in your web browser are like open door invitations to attackers. Using these vulnerabilities, the attackers will try to remove private information or destroy important data.

To stay safe while accessing various web pages, make sure you respect the following:

  1. Choose the latest version for your browser.
  2. Make a series of security changes in your web browser settings. For an extended explanation on how to configure your web browser, we recommend the following article.
  3. Choose a private browsing session when you access a website you are not sure about. Choosing this browsing mode will prevent authentication credentials (or cookies) from being stored.
  4. Since data stealing malware spreads through malicious code embedded in pop-up windows even in legitimate websites, make sure your web browser can block pop-ups:

And there’s even more you can do with this free safe browsing guide.


11. Use BitLocker to encrypt your hard drive


Even if you set a password to your Windows account, intruders can still get access to your private files and documents. They can simply do this by booting into their own operating system – Linux, for example – from a special disc or USB flash drive.

A solution for this is to encrypt your hard drive and protect all your files. It is wise to use this degree of security if you use a laptop, which can be very easily stolen.

BitLocker is available on the latest Windows operating systems and you may turn it on at any moment. Even after you have enabled the BitLocker protection, you won’t notice any difference because you don’t have to insert anything else but your normal Windows user account password.

To activate BitLocker on your system, follow these steps:

  1. Click Start.
  2. Go to Control Panel.
  3. Access System and Security and click BitLocker Drive Encryption.
  4. Turn on BitLocker.

For additional information on BitLocker, check this article.

If you’d rather use another solution to encrypt your data and keep it away from prying eyes, there are plenty of options to choose from.


12. Lock it up!


A final touch for the security of your system is to add a Kensington lock.

And why wouldn’t you? It’s so easy these days to have your mobile devices stolen, especially a laptop or a notebook, that adding a physical security measure doesn’t seem to be a bad idea.

Though Kensington locks are usually used in large places, like libraries, private companies and public offices, this doesn’t mean you can’t use one in your own home.

For more information on a Kensington lock, access this location.


13. Be careful online and don’t click suspicious links


To make sure you won’t be infected by clicking on dangerous links, hover the mouse over the link to see if you are directed to a legitimate location. If you were supposed to reach your favorite news website, such as “www.cnn.com”, but the link indicates “hfieo88.net“, then you should resist the urge of clicking the link.

Most of us use shortening services for their links, such as goo.gl or tinyurl. But in some cases an unknown link may send you to a malicious site that can install malware on the system.

So, how can you know where you’ll arrive if you click it?

To make sure you are going to the right direction, use a free tool such as Redirect Detective. This tool will allow you to see the complete path of a redirected link. Another tool which can provide very helpful in checking suspicious links is the reliable URL checker, VirusTotal.

For more information on how to maximize your financial data protection, check out this article.


Conclusion


It’s not just about staying safe. 

The steps above are meant to keep you safe online. But, at the same time, following them means that you also set up your system to work smoothly for online browsing and financial operations, activities we do every day.

Since there are many other solutions to protect a system after a Windows installation, we would also like to know your opinion.

How do you increase your security after a Windows installation?
Do you have an established routine?
We’d love to add your tips to the list, so share them in the comments below.

This post was originally published by Aurelian Neagu in August 2014. It was updated by Andra Zaharia in April 2016.

the ultimate windows 10 security guide
2016.05.30 QUICK READ

Introducing: The Ultimate Windows 10 Security Guide – a Must-read!

New Dyreza variant
2015.11.18 QUICK READ

Security Alert: New Dyreza variant supports Windows 10 & Edge

end of support for Windows XP users
2015.07.14 INTERMEDIATE READ

The never-ending Zero Day: Microsoft shuts down antimalware support for Windows XP users

Comments

Good blog and very useful blog for service people. Hard disk issue can cause boot disk failure error and system might not work. We are into Laptop service in Chennai and hard disk issues are very common.

Nice article. I’ve recently acquired a windows PC and it’s lack of out of the box security drove me to search for solutions. This covers all the basics and gives good links to more information. Thanks!

So glad yo hear that we were able to help, Samantha! Enjoy your new PC!

A very useful and informative article. Appreciate the effort in making this as detailed (with useful links and references) and updated. Gone are the days when you only had to rely on 2-3 programs to preserve online security and privacy.

Updating virus signature databases is essential to make an anti-virus software more effective. Everyday, new malwares are infecting web and local networks. Its a good thing that ESET Antivirus has daily updates for that.I am very much confident that new viruses cannot infect my business systems. Thank you for posting this article.

It appears that updates made by Microsoft are currently the biggest security risk for all Windows users not running Windows 10. They are desperately pushing 10 and uploading secretly installation files, masking adware as security updates and doing whatever they can to force users to migrate to Windows. And with Windows 10 there are no longer options for disabling updates making users lose the control of their system.

In that sense turning automatic updates on opens the computer to Microsoft attacks and malware and is pretty irresponsible. And the same applies to all software. You should update your software only when there is a reason to do that, such as a specific feature you need or a fix to issue that is important to you.

I will have to politely disagree with this. And it’s not just me saying that software updates are crucial to your cyber security, but security experts which have a lot more say and experience. I recommend you read this article on the subject: https://heimdalsecurity.com/blog/most-common-mistakes-27-cyber-security-experts/

Are you sure the link was correct? I found there only one mention regarding updates (“…not applying patches or software updates, leaving people exposed to exploits cybercriminals actively leverage.”) with not a single arguments. It would make more sense for cybercriminals to exploit buggy automatic updates or new, unknown exploits created by crappy updates.

Do you seriously think that updating e.g. flash is good for security? The only sustainable way to secure flash is to remove it from your system completely and keep it out.

The opinions of “security experts” depend on who is paying their salary. Please provide arguments why you believe so strongly in updates so we can have a discussion.

We are preparing a much bigger guide on the matter, but you can find references related to patching in almost all of our articles. While some users can eliminate certain plugins and types of software entirely (as they don’t need them), on a corporate level, things aren’t always that simple.

And there are users who still want to use Flash or Java, but do it safely (to the extent of which that is possible). So, in order to do that, updates are absolutely essential. They are not perfect, but they do solve a series of problems with the risk of creating new ones (which is an entire debate I don’t think is worth starting here).

The same goes for operating systems. Air tight security is impossible by itself, so we have to remain grounded and understand the benefits and disadvantages of each type of software and so on. But not everyone cares as much for their online safety. Outdated software is creating problems for the entire ecosystem that is the web, but not updating it is certainly not the answer.

And we do have to take into account that not all expert opinions are biased and generalizations are not healthy for any constructive discussion.

I fail to see any reason why eliminating insecure software instead of frantically updating it would not work on a corporate level as well.

Updating does not help with flash or java as they are simply way too badly made to be ever safe. Advising people to update them is like pissing in the wind and will only provide them false feeling of security. It is actually pretty irresponsible.

I still fail to see how outdated software could create problems. People should use those versions of software that work best for them, no matter are they new or old, updated or outdated. An old version is not automatically bad, risky and insecure. On the contrary, the old oudated systems tend to attract attacks way less than new one. I am pretty sure that for example Windows XP is currently one of the safest Windows versions although it is outdated and Microsoft does not support it any longer.

Everyone is biased. Understanding and accepting that is IMHO part of all healthy and constructive discussions.

You are absolutely correct, mate. You shouldn’t update unless you are sure that update isn’t messing things up as we hear in a lot of stories/has some fixes you need or features you want. Also, the Windows 10 part was damn right. I personally used it for like 2 months or so and now I’m back to windows 7.

The piece of advice that I want to give to you and would applly to any operating system; you install no matter if it is widow, Linux, vista, Mac OS X, window XP or window 8. The first thing is to check for security updates. People don’t know how important updates are for their systems.

Zachary@Notebookservice

If you want to clone your Windows drive without a boot CD, however, Drive Image XML can do it on the fly. It has options to save to a disk image (as opposed to simply cloning) to another drive, but since you need to save the data to a separate drive anyway, you’re probably better off doing an actual clone than a disk image.

Issa@PC repairService

Some other steps for install fresh window installation security Clone Your Hard Drive,Zero Out Your Data,Install Your Operating System and Install Your Operating System.good article related to it support Lancaster.

Leave a Reply

Your email address will not be published. Required fields are marked *

GO TO TOP
176 queries in 5.102 seconds