Light Dark
May 10, 2017 By David Strom 4 min read
Endpoint
Identity & Access

Microsoft’s Windows 10 is rapidly replacing older operating systems in both personal and professional environments. As with any OS, however, there are several key things you need to know upfront. The addition of unique advertising IDs that inject Microsoft ads into your browser, recommended express privacy settings and cloud syncing of personal information can inadvertently overshare your sensitive data if you don’t take precautions.

Nine Tips to Stay Secure

Here are my top nine tips to help you maintain the appropriate level of privacy and security with your own Windows 10 installation.

1. Turn Off Ad Tracking

By associating a unique advertising ID with each account, Microsoft collects information to create personalized ad experiences across platforms. While that sounds good in theory, it is borderline creepy in practice. These ads will follow Windows 10 users from one device to another.

To disable the feature, go to the Privacy Settings menu and turn off General > “Let apps use my advertising ID for experiences across apps.” If you want to get rid of ads following you around on your browsers, head to Microsoft’s advertising opt-out page. You will also have to adjust your Bing account settings on the web to clear your Cortana history. If you’d like to disable built-in ads for Microsoft’s cloud service, navigate to View > Options in File Explorer. Scroll down and turn off the option for “Show sync provider notifications.”

2. General Annoyances

You should always use the custom setup install. The latest Windows has some really lousy default express settings for privacy, such as automatic hotspot connection, bad personalization and browser protection choices, error reporting and location awareness assumptions. You can always change these later, but why start out aggravated? Also, if you can choose the Pro version rather than Home, you can make changes to your individual policy settings using the GPEDIT.MSC tool, which is installed on the former but not the latter.

One more thing: You’ll find the Active Hours in the Settings menu, under Update & Security > Windows Update > Change Active hours. You can only designate up to 12 hours as active. Windows will not restart your device to install updates during these hours.

3. Avoid Edge Browsing

Microsoft’s Edge browser has gotten some big improvements, such as plug-in support and ad blockers, in the latest build. However, unless you are an absolute Microsoft fanboy, you should stick with another browser. “Microsoft is getting closer to providing a browser on Windows that could convince many to switch from Chrome,” according to The Verge. However, reports show that Edge is still not very secure.

4. Do You Really Need Cortana?

Speaking of which, with Anniversary Edition, you can’t turn Cortana completely off, because it now encompasses both desktop search and the personal digital assistant. But there are some things you can do to protect your privacy, depending on how much you want to use voice commands on your PC. If you navigate to Settings > Privacy > Speech, inking and typing menus, you can click on the “Get to know you” box to turn this off. Of course, this means the system won’t learn your voice commands.

5. Lock Screen Security

A set of features added to Windows for convenience might be a security issue,. For this, you want to visit the settings that affect the lock screen that you see when you first boot up your PC. To make it more secure, open the Settings menu and go to System > Notifications & actions and turn off “Show notifications on the lock screen.”

You’ll also want to go to the Settings screen > “Use Cortana even when my device is locked” and turn that off, and turn off the setting that lets Cortana access your calendar, email, messages and Power BI when your device is locked.

6. Turn Off Location Services

When you first set up Windows, it asks if you want to turn location services on globally. If you go into the Settings > Privacy section, you will see a set of choices for more granular control over location services. You can enable it for your login account and particular apps, and also clear location history on your PC.

7. Make Sure Defender Is Running

If you use Defender, make sure it is still running. Defender will turn itself off if it detects a third-party antivirus tool. You can check its status under the Update and Security settings. It sometimes forgets to turn itself back on — or takes a few days to remember — if you remove the other tool.

8. Enable Smart Screen

The one express setting that you probably want to leave turned on is Smart Screen, which is Windows’ method of protecting you from potential harm inflicted by unrecognized apps. It actually has three choices that you can revisit when you bring up System and Security > Security and Maintenance controls. To force admin approval before running these apps, just bring up a warning dialog box, or turn it off completely. You’ll probably want to leave it on the most restrictive setting.

9. Additional Steps

There are a number of other settings to consider adjusting. For example, you can limit which particular apps can access your camera and microphone. Similarly, you can limit the amount of diagnostic and usage data that Microsoft collects from your computer, although you can’t completely shut this feature down.

You can also revoke apps’ access to your Microsoft account info and control which apps you wish to run in the background. Some apps may be leaking information about your activities without your knowledge, so if you are ultra paranoid, this is for you.

Protect Your Digital Privacy in Windows 10

Windows 10 has introduced several new features that could pose a threat to digital privacy. While these tips are a good starting point, remember that future updates may add or change features, so always pay attention to the Windows Update notes to make sure you’re not giving away more than you should.

 | 
David Strom
Security Evangelist

More from Endpoint
November 28, 2023

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

October 30, 2023

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature