Many people use their computers every day without realizing that the default settings in Windows are designed more for convenience than security. This can leave your system more vulnerable. Fortunately, by tweaking a few key settings, you can significantly enhance your computer’s security.
This guide provides 8 essential settings to adjust in your Windows PC to make it more secure. These changes are straightforward, and you don’t need any technical expertise to follow along.
Table of Contents
- 1. Enable BitLocker Encryption
- 2. Verify that the Windows Firewall is on
- 3. Keep Your Software Updated
- 4. Require Administrator Credentials for Installations
- 5. Disable Remote Desktop
- 6. Enable Windows Defender SmartScreen
- 7. Enable Tamper Protection
- 8. Use Password-Protected Screensaver
- 9. Wrapping Up
Enable BitLocker Encryption
BitLocker protects your data by encrypting your hard drive, adding an additional layer of security that ensures no one can access your files without proper authorization, even if your computer is stolen. Without BitLocker, someone could remove your hard drive and read its contents (files) using another computer, bypassing your Windows password entirely. BitLocker can also be used to encrypt removable drives, such as USB sticks and portable hard drives, protecting them as well in case they are lost or stolen.
Why it matters: Without encryption, your files can be accessed if someone has physical access to your computer or its storage devices / hard drives.
How to enable it:
- Go to Control Panel > System and Security > BitLocker Drive Encryption
- Turn on BitLocker and follow the steps to secure your drive with a password or encryption key.
An instructional video by Dell on how to set up BitLocker.
Verify that the Windows Firewall is on
The Windows Firewall is a built-in security tool designed to protect your PC by monitoring and controlling incoming and outgoing network traffic. It ensures only safe connections are allowed.
Why it matters: The firewall acts as your computer’s first line of defense, blocking unauthorized access from hackers and malware trying to reach your system from outside.
How to enable it:
- Go to Settings > Privacy & Security > Windows Security > Firewall & Network Protection.
- Ensure the firewall is turned on for all network profiles (Domain, Private, and Public).
Keep Your Software Updated
Updates often include security patches that fix vulnerabilities hackers can exploit. Keeping Windows and your apps updated is one of the simplest ways to stay secure. While Windows 11 has automatic updates enabled by default, it’s important to ensure that updates are working properly and not being paused or failing to install.
Learn more about the importance of updating softwareWhy it matters: Outdated software is more vulnerable to attacks.
How to verify:
- Open Settings > Windows Update and check for any pending or failed updates.
- Ensure that Pause updates is turned off.
- Review your update history to confirm recent installations.
Require Administrator Credentials for Installations
This setting ensures that anytime a program tries to install or make changes that require elevated permissions, you’re prompted to enter your administrator credentials. It adds an extra layer of control and prevents malware from sneaking into your system without your knowledge.
Why it matters: Prevents unauthorized programs from being installed, especially by malware.
How to enable it:
- Search for UAC (User Account Control) in the Start menu.
- Open Change User Account Control settings.
- Set the slider to Always Notify to ensure you’re prompted every time an app tries to make changes.
Disable Remote Desktop
Remote Desktop allows other users to access your computer remotely, but you’re unlikely to use this feature, so it’s safer to turn it off to reduce the risk of unauthorized remote access.
Why it matters: Hackers can gain unauthorized remote access to your computer.
How to disable it:
- Go to Settings > System > Remote Desktop.
- Turn Remote Desktop off.
Enable Windows Defender SmartScreen
Windows Defender SmartScreen blocks websites and downloads that are identified as malicious or suspicious.
Why it matters: Protects you from accidentally visiting harmful websites or downloading dangerous files.
How to enable it:
- Go to Settings > Privacy & Security > Windows Security > App & Browser Control > Reputation-based protection.
- Ensure that all the options are turned on within this menu page.
Enable Tamper Protection
Tamper Protection prevents malware or unauthorized users from turning off key security features like antivirus and firewall settings.
Why it matters: Ensures your security tools remain active and can’t be disabled by malicious programs.
How to enable it:
- Go to Settings > Privacy & Security > Windows Security > Virus & Threat Protection > Virus & Threat Protection Settings.
- Ensure that all the options are turned on within this menu page.
Use Password-Protected Screensaver
This setting locks your computer automatically after a period of inactivity, requiring your password to regain access. It ensures no one can access your computer if you step away.
Why it matters: Prevents unauthorized access when you’re away from your computer.
How to enable it:
- Right-click your desktop and select Personalize > Lock Screen > Screen Saver.
- Check On resume, display log-on screen, and set a short wait time (e.g., 5 minutes).
Wrapping Up
By changing these 8 settings, you can significantly enhance the security of your Windows PC. These adjustments protect against common cyber threats like malware, hacking attempts, and unauthorized access, ensuring your personal information stays safe.
Take the time to go through these settings—you’ll not only protect yourself but also create a safer environment for anyone using your computer.
