Turn off remote access
Windows 10 has a Windows Remote Desktop feature that allows you (or others!) Connect remotely to your computer through a network connection. Remote access allows anyone to control everything on your computer as if they were directly connected to it.
Unfortunately, hackers can take advantage of Windows Remote Desktop. In more than one cyberattack, criminals have gained access to manage external systems, installed malware, or stolen databases that are full of personal information.
This feature is disabled by default. Once activated, it will be easy for you to turn it off again. You want to keep the remote access feature disabled unless you are actively using it.
Enable or install antivirus tools.
You can block viruses and malware with the built-in tools in Windows 10. You can also install multiple antivirus programs if you need to (we have some of our favorites on securicy’s Marketplace).
Enterprise versions of Windows 10 include Windows Defender Advanced Threat Protection, a security platform that monitors endpoints, such as Microsoft’s SmartScreen technology, another built-in feature that controls downloads and prevents malicious people from running.
Enable automatic updates for the operating system.
Install critical security updates immediately. Some security updates are important updates that protect you from new types of malware or cyberattacks.
Your organization may also have a security policy for updating the operating system. You can see if you’re installing updates directly or if your IT team tells you when updates are installed. Depending on your business, your IT team may be responsible for updating your operating system.
Ultimately, it does not skip operating system updates for critical security updates. (Even if you’ve heard of a design change, you don’t like it.) Microsoft keeps it relatively easy by configuring two types of updates: quality updates, feature updates. They also long kept a schedule of updates known in the IT world as Patch on Tuesday.
If your business is running on an older version of Windows? Be sure to upgrade your operating system before they become a security workshop. Support for Windows 7 expires in January 2020, meaning anyone still using it (or an older operating system!) New malware or virus scenes are at risk.
Enable encryption.
BitLocker is Microsoft’s own disk encryption program that is included with Windows 10. Encryption is a security technology that can sound daunting, but in this case it is as simple as clicking “Enable Bitlocker”. Bitlocker has set a password, gives you a recovery key, and shows you the “Encrypt entire device” option.
Bitlocker data encryption is free and you don’t need to install anything. Encryption encrypts your data so that only authorized users with your password can view, copy, or make changes. If your encrypted data were stolen, it would be useless. Encryption of the entire device also protects against unauthorized changes to the system, such as firmware-level malware.
Encryption is a method often included in the company’s security principles, including Securicy’s enterprise infosec program.