Securing Windows Based OS.
#1 - Backup regularly to external disk or to a Cloud solution like Carbonite, Mozy, Barracuda, DropBox or Jungle Disk.
Carbonite is best and a 30 day free trial
#2 – FDISK, Format, Re-Install Windows – assume your computer is infected and rebuild it.
Collect your original installation CD/DVD's from your computer vendor or create the recovery image as many makers today ship an application that you have to provide CD's or DVD's to create/burn recovery CD's/DVD's from a hidden partition on your hard disk.
#3 – Create a location for data that is NOT on the same drive or location as the operating system. Now you can re-install your OS without losing your data if you save it to D: instead of My Documents.
External Hard drive or take some of the C: drive space and partition it as D: for DATA..., yes a bit techie but ask an computer geek.
#4 – Create several user accounts as per need that are NOT administrators (Standard or Limited User depending on the version of Windows). Use the administrator account ONLY when installing software. Do NOT give the Admin account to your children. Over 90% of Malware in Windows is due to the user account being an Administrator.
Check by opening Control Panel - Users and select your user and look to see if below the name it says 'administrator'
#5 – Configure Windows update to auto-update. Patch and make sure it stays updated!!! Windows makes it automatic, as does a Mac and even Linux… you just have to accept the updates and makes sure it’s done and enable the Windows Firewall too.
Check by opening Control Panel - Security Center and make sure they are all on and configured.
#6 – Install Anti-Virus or Security Suites like Microsoft Security Essentials (free) or any other commercial solution like AVG, Sophos, Symantec, McAfee, Kasperski.
One can also try Free Windows Security Essentials.
Windows Security Essentials website
Note: Anti-Virus does NOT protect you from poor surfing habits – New Malware often is designed not to be detected (signatures take time). Behavior first, AV second.
#7 – Install Secunia Personal Software Inspector (PSI). Helps you keep your Microsoft and non-Microsoft applications up to date and patched!
Secunia PSI is FREE
Secunia PSI website
#8 – Always Use Latest Browsers
Use the following Add-ons for FireFox (Tools – Add-ons)
Web of Trust (WOT) - Tells you if links/URL's are know good (green), caution (yellow), unkown (gray) or RED (BAD)
#9 – Use strong passwords for everything, home, the Internet and work. If you want to test how long it would take a hacker to crack your password... Use Steve Gibson's (GRC) Haystacks App and plug in your passwords to see how long they would last...
GRC Haystack password testing
#10 – Use a password manager like SuperGenPass, LastPass or a vault like Password Safe or KeyPass and let them generate unique, long and different passwords for each of your websites. And of course add a Yubikey for additional two-factor authentication.
LastPass and it is FREE
Yubikey, it is AWESOME ! only around USD $25 per key