Windows 8 Security Tips
Windows 8 is being touted as a major change in the way that people will use and interact with their PCs, tablets and other devices. Much of the change is evident in the user interface, with its tiled appearance and app-friendly setup. But there are some important changes behind the scenes, as well, and many of them are designed to make life online safer and more secure for users.
Microsoft is releasing Windows 8, the newest version of the Windows operating system, for general availability on October 26. Although Windows 8 offers enhanced security features, it also raises new security concerns because of changes to the graphical user interface and a new online app store. We're offering the following eight security tips to help you stay secure as you move to Windows 8.
- Windows 8 is dedicated to protecting your passwords. The Windows Credential Manager does the hard work, looking after web passwords and any local network
passwords you have. Type 'Credential' at the Start screen.
- The Credential Manager looks after your passwords if you save them when logging in. It is worth periodically backing up logins, in case Windows is reset. Click 'Back Up
Credentials' and point it to a safe location to do this.
- Exercise caution with apps for the new Windows 8 user interface (formerly known as Metro).
Some familiar applications have been completely re-written for the new Windows 8 UI. As a result they may work completely differently, despite looking the same. For example, an application historically delivered as an executable could now be entirely web-based. This impacts the visibility your existing security and monitoring tools have into these apps.
- Use the Windows 8 style UI version of Internet Explorer
By default, plugins are disabled, blocking a major target for exploit kits and Blackhole attacks.
- Think carefully about the passwords you use. If they are easy to guess, or based on dictionary words, you risk someone with the right tools breaking in. We like
to create passwords from a string of random words - for example, greensydneylionfighting is super secure and easy to remember.
- You can also generate dictionary-proof passwords. These are not easy to remember but they are rock-solid. Try the PCTools generator at www.pctools.com/guides/password/ to create something automatically.
- There is another password generator if you don't trust a web service. Search the Windows Store for 'Random Password Generator'. Install it, then drag the slider to
determine the length of your password, and hit 'Generator'.
- The real key to password management, particularly if using complex passwords, is online storage. LastPass is the field leader, and it has a Windows 8 app to help
you keep your logins in check.
- Windows 8 has a built-in malware filter called SmartScreen that protects your PC from online threats, from spam emails to phishing web sites, and much more besides.
Unlike in previous versions of Windows, this works independently from Internet Explorer and it should not be disabled - for obvious reasons. SmartScreen will display an unmissable on-screen warning when it detects potentially harmful activity.
- Encrypt your data. Math is hard, even for attackers with lots of time and powerful computers at their disposal. So take advantage of the beauty of massive integers
and use the built-in data encryption feature in Windows 8, known as BitLocker. Once enabled, this system will automatically encrypt any files or other data stored on
designated drives, making it useless to hackers.
- Turn on the firewall. Windows includes a built-in firewall, which helps prevent malicious traffic from getting through to your PC. It's enabled by default, so
unless you have a *very* good reason, leave it alone.
- One thing you should remember about sharing on the network securely, it is this: never turn off password protected sharing. Force all network users who want
to access what you are sharing to use the Homegroup or a username and password. This way, if an unwanted guest has access to your network, your shared data is
safe from prying eyes.
Also, when sharing something on the network, using the Sharing Wizard or other tools that were covered in the Windows Networking class, avoid sharing with the user 'Everyone.' This user means anyone with or without a user account on your computer. Folders shared with this user account are easily accessed by anyone on your network, including unwanted guests who may have received or obtained access.
If you want to have a secure experience as well as an easy way to share folders on your home network, it is best to use the Homegroup feature. With it, you can quickly share just about anything, and your shared resources are accessed only by computers that know the Homegroup password and that have joined the Homegroup. Unwanted guests are left in the dark, unless they crack the Homegroup password and join it as well.
- The most private way of browsing is through a virtual private network, or VPN. It means even your ISP can't see what you are doing; your traffic is encrypted from one end to the other.
Try Hotspot Shield (www.hotspotshield.com) - it is free, supported by ads.
- Install Hotspot Shield (avoiding the toolbar during installation) and run it to get secured. If you set it to 'Always turn on' mode when you first run, your laptop
is protected whenever you are on an untrusted network.
- Sometimes a legitimate site might be misreported as compromised. Whichever browser you use, there will be an 'advanced' or 'more information' link on the warning page;
report the page as being mistakenly flagged here.
- If you suspect a site, check the address bar. Make sure it is a properly formed web address of the format you might expect from the site you are visiting. If it is not copy the
address and send it to www.phishtank.com, which catalogue such things.
- Pay attention to your email. You might get something purporting to be from your bank, which is in fact a phishing attack, trying to trick you into giving up personal details. Look out for spurious addresses, bad grammar,
and links that take you to odd addresses.
- Your children's safety is important. Use parental control, or picture password on your main account, so they can't misbehave. Untrusted users should never be able
to log in to your account.
- Antivirus is very important. Windows comes with me built-in protection to help you out - just type 'defender' at the Start screen to find it.
- Windows Defender should runs scans automatically, but you can run a quick scan on demand (if you are worried) by clicking the 'Scan now' button.
- All full scan (click the 'full' radio button, and then 'Scan now') takes rather a long time to complete, but covers everything on your computer.
- Windows Updates: The code behind the Windows operating system often contains security loopholes and errors, meaning the importance of installing all the available Windows Updates cannot be overstated. Sadly, a vast number of users will rarely, if ever, bother to take the time to download and run them.
There are three main reasons for installing all the updates and patches. Firstly, given the frequency with which weaknesses in a program's code are identified, your system is more exposed to malicious software if you do not update. Secondly, it will improve the performance and stability of Windows by resolving non-critical bugs, and finally, Windows Updates often install new features or improvements.
- Microsoft Security Essentials (MSE) is Microsoft's free anti-virus software. It is designed to protect against malware and viruses on Windows XP, Vista, and 7, but in Windows 8 it has been discontinued and merged with Windows Defender. In truth MSE has never been a robust anti-virus, receiving widespread criticism for covering the basics of malware protection and nothing more; we have always recommended that you should replace MSE with a more effective antivirus.