From websites through to email attachments the threat that Windows malware poses to the security of our personal information cannot be overstated.
It seems that hardly a day goes by without a new report of a Windows virus, or software vulnerability that looks set to expose our inner most thoughts and credit card details.
Security doesn’t have to be expensive.
Microsoft, aware of the damage that malware causes (not least to their own reputation) have invested heavily in defences for Windows. Modern versions ship with a host of features and settings that are designed to protect your PC and make the internet safer.
Features like Defender, User Account Control and Bitlocker work quietly in the background keeping everything in order. For their part, Microsoft always respond to newly discovered threats with patches and mitigations in a timely manner.
In Windows 10 these patches are download and installed automatically. User involvement is not required and blocking the update process is not practically possible. These improvements have made direct attacks against the Windows operating system more difficult. Consequently, malware authors are launching indirect attacks using social engineering techniques that target the applications that we use everyday.
Damage limitation.
In order to protect our data we must be vigilant. A momentary lapse of concentration is all that is required to fall victim to these miscreants. A single misplaced click on a poisoned link and then boom! Our security has been compromised. Once infected the clean-up process can be long and painful.
However, it doesn’t have to be. By creating separate user accounts for each person and/or activity that is performed on a PC, it is possible to limit the damage that can result from an internet security breach. For a shared computer, a separate account for each user should be considered just as important as anti-virus protection.
Even where there is only one primary user, creating separate accounts for online banking and web-browsing makes sense. Should the security of the web-browsing account be compromised any data belonging to the other account will benefit from the security features that have been baked into Windows.
The great thing about this approach is that as soon as a problem is detected the affected account and all of its data can be deleted. Making the clean-up process far easier than would otherwise be the case. Any remedial action that is necessary to remove the malware and re-secure the PC can be performed using the remaining account.
Internet security cannot be guaranteed.
Unfortunately, when it comes to internet security we’re always playing catch-up. This means that we can only create defences for threats after they have become known to us. This makes it impossible to prevent all security breaches.
However, the combination of a good anti-malware tool (I have found Microsoft Security Essentials / Defender to perfectly adequate), up-to-date back-ups and multiple user accounts make it is possible to limit the damage that malware can cause whilst reducing the time required to restore your PC to good health.