Ed Bott - Windows 10 Support Secrets

36 CHAPTER 3 | Staying secure CHAP T E R 3 Staying secure If you’re responsible for teaching people the basics of computer security, one lesson is paramount: Securing a Windows PC is an ongoing process. In modern computing, there are no magic hardware bullets, nor are there any software magic spells that can ward off evildoers. Instead, an effective security regimen includes multiple layers of protection—hardware and software, policies and configurations, and above all regular training for users on how to identify and avoid common online snares. And even then it’s possible that a PC or network under your control will fall victim to some sort of attack. Because the bad guys are persistent and change tactics regularly, even a smart, well-trained user can be fooled by social engineering or a realistic-looking phishing site. In fact, some experts suggest that even with security measures in place you should assume that your network and individual PCs will be compromised at some point. In that case, the most important skill to learn is how to recover as quickly as possible, with as little damage as possible. I’m not sure I endorse such a fatalistic point of view, especially when talking to a nontechnical audience. But it’s certainly true that identity theft and ransomware, to name two popular threats, have become epidemic in recent years. These threats usually find their way onto PCs through malicious software and websites, and the cleanup process can be time-consuming and expensive. As a trainer, your goal is to help people make effective use of the security tools that Windows 10 includes. Securing your user account The single most important security precaution anyone should take with a Windows 10 PC is to create a strong, unique, impossible-to-guess password (or passphrase). That step prevents someone with physical possession of your PC from gaining access to the valuable information it contains—if a portable PC is lost or stolen or an intruder sits down in front of a desktop PC, don’t make their job any easier by using a weak password or, worse, no password at all.