Ensuring your Windows 11 PC is secure is vital to protect your personal data and maintain optimal system performance. While Windows 11 includes advanced security features, there are additional steps you can take to enhance your system's defense against potential threats.
1. Enable Windows Security and Run a Virus Scan
Windows Security, built into Windows 11, provides robust protection against viruses, ransomware, and spyware. Keeping it active and performing regular scans is essential for maintaining your system's integrity.
Sakshi Garg
Step 1: Click the 'Hidden icons' arrow in the taskbar corner and select the 'Windows Security' icon. Alternatively, search for 'Windows Security' in the Start menu and open it.
Step 2: In the Windows Security window, choose 'Virus & threat protection' and click on 'Manage settings' under it.
Ensure that the following protection settings are turned on:
- Real-time protection.
- Cloud-delivered protection.
- Automatic sample submission.
- Tamper protection.
Run a Full Virus Scan
Step 1: Return to the 'Virus & threat protection' page and click on 'Scan options' under 'Current threats'.
Step 2: Select 'Full scan' and click 'Scan now' to begin scanning your entire system for threats.
While Windows Security offers substantial protection for most users, if you require comprehensive defense against advanced threats, consider installing reputable third-party antivirus software.
Beaulah Sahana
2. Keep Windows Updated
Regularly updating Windows 11 is crucial for fixing bugs, enhancing security, and improving performance. Although automatic updates are enabled by default, you can manually check for updates or install optional ones when needed.
Step 1: Click the 'Start' button and select 'Settings'.
Step 2: In the Settings window, navigate to 'Windows Update' on the left pane and click 'Check for updates'.
Step 3: If updates are available, download and install them.
Step 4: After installing updates, click 'Advanced options' for additional settings.
Step 5: Under 'Additional options', select 'Optional updates' and install any pending optional updates, such as driver updates.
Step 6: Restart your computer if prompted to complete the update process.
3. Enable Windows Firewall
Windows Firewall monitors network traffic to block unauthorized access to your PC. Ensuring it is enabled and properly configured enhances your system's security.
Step 1: Press Windows+R to open the Run dialog box, type firewall.cpl, and press Enter.
Step 2: In the Windows Defender Firewall window, click 'Turn Windows Defender Firewall on or off' from the left sidebar.
Step 3: Select 'Turn on Windows Defender Firewall' under both 'Private network settings' and 'Public network settings', then click 'OK' to save changes.
Step 4: Back in the main Firewall window, click 'Allow an app or feature through Windows Defender Firewall' on the left.
Step 5: Click 'Change settings', then uncheck the boxes next to apps or features you do not want to allow through the firewall. After adjusting, click 'OK'.
4. Enable Multi-Factor Authentication on Windows 11
Adding Multi-Factor Authentication (MFA) to your Windows account provides an extra layer of security by requiring a second form of verification, such as a code sent to your phone.
Step 1: Visit the Microsoft account website and sign in with your Microsoft account.
Step 2: Click on the 'Security' tab and select 'Advanced security options'.
Step 3: Under 'Ways to prove who you are', click 'Add a new way to sign in or verify'.
Step 4: Choose your preferred verification method, such as 'Use a different phone number' for text codes or 'Use an app' for an authenticator app. Follow the prompts to set it up.
Step 5: After adding a verification method, enable two-step verification by clicking 'Turn on' under 'Additional security'.
Step 6: Click 'Next', then note down the recovery code provided. This code can be used to regain access if you lose your usual sign-in methods.
Step 7: Click 'Finish' to complete the setup.
5. Enable User Account Control (UAC)
User Account Control (UAC) helps prevent unauthorized changes to your system by prompting for permission or an administrator password before allowing certain actions.
Step 1: Open the Start menu, search for 'User Account Control', and select 'Change User Account Control settings'.
Step 2: Adjust the slider to 'Notify me only when apps try to make changes to my computer' or 'Always notify', then click 'OK'. This provides a balance between security and convenience.
6. Enable BitLocker on Drives
BitLocker encrypts your drives to protect your data from unauthorized access, especially useful if your device is lost or stolen. Note that BitLocker is available on Windows 11 Pro and Enterprise editions.
Step 1: Open File Explorer, right-click on the drive you want to encrypt, and select 'Turn on BitLocker'.
Step 2: Choose how you want to unlock the drive, either with a password or a smart card, then click 'Next'.
- Password: Create a strong password with a mix of letters, numbers, and symbols.
- Smart Card: Use a physical card and PIN to unlock the drive.
Step 3: Choose how to back up your recovery key and click 'Next'. Options include saving to your Microsoft account, a file, or printing it.
Step 4: Decide whether to encrypt used disk space only or the entire drive, then click 'Next'.
Step 5: Select the encryption mode. Choose 'New encryption mode' for fixed drives or 'Compatible mode' for removable drives used on older versions of Windows.
Step 6: Optionally, run a BitLocker system check to ensure everything works correctly, then click 'Continue' and restart your computer.
7. Activate Smart App Control
Smart App Control (SAC) in Windows 11 helps protect your system by blocking untrusted or potentially malicious applications.
Step 1: Open Windows Security and select 'App & browser control'.
Step 2: Click on 'Smart App Control settings'.
Step 3: Choose 'On' to enable Smart App Control or 'Evaluation' mode to let Windows determine optimal settings based on your usage.
Note that once Smart App Control is enabled, disabling it requires a Windows reinstallation.
8. Enable Core Isolation
Core Isolation protects your system by isolating critical processes from software vulnerabilities. It includes 'Memory integrity', which prevents malicious code from accessing high-security processes.
Step 1: Open Windows Security and click on 'Device security'.
Step 2: Under 'Core isolation', click 'Core isolation details'.
Step 3: Toggle 'Memory integrity' to 'On'.
Step 4: Restart your computer to apply the changes.
9. Set Up Dynamic Lock on Windows 11
Dynamic Lock automatically locks your PC when you step away by detecting the absence of a paired Bluetooth device, such as your smartphone.
Step 1: Ensure Bluetooth is enabled on both your computer and your mobile device.
Step 2: On your PC, go to 'Settings' > 'Bluetooth & devices' and click 'Add device' to pair your phone.
Step 3: Select 'Bluetooth' and follow the prompts to connect your device.
Step 4: Go to 'Accounts' > 'Sign-in options' in Settings.
Step 5: Scroll down to 'Dynamic lock' and check 'Allow Windows to automatically lock your device when you're away'.
Now, your PC will automatically lock when your paired device is out of Bluetooth range.
10. Switch to a Local Account
Using a local account instead of a Microsoft account can enhance privacy by keeping your data stored locally on your device.
Step 1: Press Windows+I to open Settings and navigate to 'Accounts'.
Step 2: If you don't have a local account, create one by clicking 'Family & other users' and adding a new user.
Step 3: To make the local account an administrator, go to 'Other users', select the account, and click 'Change account type'. Choose 'Administrator' and click 'OK'.
Step 4: Under 'Your info', click 'Sign in with a local account instead'.
Step 5: Follow the prompts to switch to a local account, entering your Microsoft account password when asked.
Step 6: Create a username and password for your local account, then click 'Sign out and finish'.
11. Enable Biometrics on Windows 11
Using Windows Hello biometrics, such as facial recognition or fingerprint scanning, enhances security and speeds up the sign-in process.
Step 1: Open Settings, select 'Accounts', and click on 'Sign-in options'.
Step 2: Choose 'Facial recognition (Windows Hello)' or 'Fingerprint recognition (Windows Hello)' and click 'Set up'.
Step 3: Follow the on-screen instructions to complete the setup.
If these options are unavailable, you may need to install optional updates or drivers. Go to 'Windows Update' > 'Advanced options' > 'Optional updates' to check for Windows Hello updates.
12. Use a Secure Browser
Utilize a secure web browser like Microsoft Edge, Google Chrome, or Mozilla Firefox that can block pop-ups, identify malicious websites, and protect your online activities.
Always ensure you are browsing secure websites by looking for 'https://' at the beginning of the URL, indicating a secure connection.
13. Use a VPN Connection
A Virtual Private Network (VPN) encrypts your internet connection, protecting your data from eavesdropping and masking your IP address. This is especially important when using public Wi-Fi networks.
Choose a reputable VPN service to ensure your data remains secure and your online activities private.
14. Avoid Pirated Software
Refrain from installing pirated software, as it often contains malware or viruses that can compromise your system. Always download software from official sources or authorized distributors, and keep your applications updated to patch security vulnerabilities.
15. Disable Remote Access
Unless necessary, it's advisable to disable Remote Desktop to prevent unauthorized access to your PC.
Step 1: Open Settings, go to 'System', and select 'Remote Desktop' on the right pane.
Step 2: Turn off the 'Remote Desktop' toggle and confirm by clicking 'Confirm'.
16. Backup Your Windows 11 PC
Regularly backing up your system ensures that you can recover your data and settings in case of system failure or other issues.
Step 1: Search for 'Control Panel' in the Start menu and open it.
Step 2: Switch the view to 'Large icons' and select 'Backup and Restore (Windows 7)'.
Step 3: Click 'Create a system image' on the left pane.
Step 4: Choose a location to save the backup, such as an external hard drive, and click 'Next'.
Step 5: Confirm the backup settings and click 'Start backup'.
After completion, keep the backup in a safe place and avoid modifying the backup files.
17. Protect Your Privacy in Windows 11
Managing your privacy settings helps control how your personal information is used. Adjust settings related to location tracking, ad tracking, diagnostics, feedback, and app permissions.
Disable Location Tracking
Step 1: Open Settings and select 'Privacy & security'.
Step 2: Under 'App permissions', click on 'Location'.
Step 3: Toggle off 'Location services' to disable location tracking.
If you wish to keep location services on for certain features but limit app access, leave 'Location services' enabled and turn off 'Let apps access your location'.
Disable Ad Tracking
Step 1: Go to 'Privacy & security' and select 'General'.
Step 2: Turn off 'Let apps show me personalized ads by using my advertising ID'.
Disable Diagnostics and Feedback
Step 1: In 'Privacy & security', select 'Diagnostics & feedback'.
Step 2: Turn off 'Send optional diagnostic data' and other related options like 'Improve inking and typing' and 'Tailored experiences'.
Disable Activity History
Step 1: Navigate to 'Privacy & security' and click on 'Activity history'.
Step 2: Uncheck 'Store my activity history on this device'.
By implementing these steps, you can significantly enhance the security and privacy of your Windows 11 PC, ensuring your data remains protected and your system operates securely.
Member discussion