 Welcome back everyone. Today we're going to be talking about how to secure a Windows system. And this is just really an introduction, some giving you some things to think about about how you might want to secure your Windows computer. It's definitely not going to be very comprehensive because there's a lot of things you could do to make yourself much more secure. A lot of it has to deal with what you choose to do with your computer or what you tell your computer to do, basically. A lot of attacks happen because the user of the computer actually clicks on something they shouldn't click on or opens up files they shouldn't open up. So I'm just going to show you some basics and talk about these basics, why you might want to do these things on your computer. So first off, I have a Windows 10, a computer running Windows 10 or a virtual box actually running Windows 10 in front of us and that's what I'll be using. If you're using Windows 7 now, which is actually still very, very common, if you're using Windows 7, it's out of our end of support, end of life. So you should be updating basically to Windows 10. Go ahead and skip eight and just go to 10 directly. Yeah, so basically, if you're not using Windows 10 right now, one of the best things you could possibly do I think is really update to the newest version of Windows. If you're using Windows 7 and definitely if you're using Windows XP, just consider yourself insecure basically no matter what you do. So first recommendation, upgrade to the newest version of Windows, which right now is Windows 10. Next, whenever you actually set up your computer, check for a couple of things. So go to the start menu down the corner and then there's this gear, settings gear. Whenever you open that up, one thing that you should do relatively often, often, I would say at least every week you might want to manually check it is go to update and security. And in update and security, you really want to check for updates. So you can configure your computer to check for updates daily. But I usually go in and manually check at least once a week to make sure I have the most most up to date patches. Now, why am I updating so often? Like, do we really need to update very often? Well, sometimes, sometimes Windows pushes down a patch for different types of vulnerabilities that your computer would be vulnerable to if you didn't update that software. So you never really know what's what's going to happen. And if you saw the video about kind of how hackers do what what they do, how the tools that they use, those tools are usually working on older systems or unpatched systems. But those tools don't usually work as well, or at least hopefully they don't work as well on patched systems. So if you have your system up to date, that will stop a lot of different types of attack. Of course, it won't stop everything. But just keeping your system up to date will stop a large number of the attacks that are happening online. Okay, now the next thing we want to do is right under Windows Update, there's this Windows Defender. And if you're not using Windows Defender, you really should at least at least turn on basic protection. So if you have an antivirus installed, some sort of third party antivirus, maybe from I don't know, Trend Micro or Avast or something like that, then this third party antivirus basically Windows will detect it and say, Yeah, you have an antivirus. Good job. Okay, but you can also run Windows Defender alongside a third party antivirus and Windows Defender will kind of act like background protection. It has a mode where it works well with other antiviruses. So one thing you need to turn on is real time protection. And I've turned it off because I was doing some testing with malware. And even though I don't have a third party antivirus installed right now in this virtual system, Windows Defender kept finding malware that I was intentionally trying to install on this computer. So anyway, turn on real time protection for Windows Defender. Make sure you have I mean, it depends on your privacy concerns, but I would turn on cloud based protection as well. So if Windows Defender finds anything potentially, potentially malicious, then it can send it up to Microsoft's cloud and analyze it. Automatic sample submission, again, it's up to your privacy preferences. I mean, this isn't my main system. So I would just turn them on, just in case this virtual machine gets hacked. Okay. Yeah, so then, yeah, we can open up Windows Defender and you actually get the interface for it. Windows, if you have this enabled, it will tell you every week, couple weeks, if you need to update Windows Defender definitions, and it will usually update it automatically. So just like, just like going to Windows Update and checking for updates, we also want to make sure that Windows Defender is up to date as well. So again, making sure that you have the newest Windows software, the patches are applied, will go a very long way in preventing malware, running something like Windows Defender or a third party antivirus and Windows Defender together can also help you a lot in reducing your risk if you happen to run a malicious program. Again, both of them aren't going to protect against everything, but they will protect against a lot. The next thing you need to do is backup. You can use Windows built in backup, you can see that I don't have, I don't use Windows built in backup. But you need to have some sort of backup plan. Actually, I'll show you what I use is something called crash plan. So I've been using crash plan, if it looks up, so it's crashplan.com. I've been using that for a long time. And go away. And it works really well on Linux, OS X and the servers that I'm running. So I use crash plan, because it's relatively easy, but it also works on a lot of different types of systems. You don't necessarily have to pay, you can have a free option if you have a bunch of hard drives laying around, you can use crash plan to backup and encrypt backup and encrypt your data, if you want to use it like that. But minimum, you need to have some sort of backup device. So for example, if I added a drive, if I have an extra hard drive, and I want to backup all of my Windows data, then I would add a drive here, select the drive that's available, but I haven't plugged anything in. And then it backs up the files automatically. Now, why would I want to do that? Well, lots of different reasons. I might actually accidentally delete files that are important to me, and I need to recover them somehow. Or what's happening very, very often now on Windows systems is crypto lockers. So getting a virus that encrypts all of your data, and then basically asks for money. And if you pay them the money, then they claim that they'll give your data back. But usually they don't. So if you get a crypto locker, if your files are get encrypted, do not pay the criminal who's doing that, they probably won't give you the files back. So the easiest way around a crypto locker is having a backup. If you've backed up all of your data, then if the data is encrypted, well, you don't really lose anything, you can just recover it after you remove the crypto locker, then you can recover your data. And that's it, you don't have to pay anything. And you don't lose anything. So the first things you need to do whenever you're working on a Windows system, first off, make sure that the operating system is as new as possible. At least in this case, Windows 10. And then do Windows update, make sure you check for updates, you know, weekly set the system to automatically update, turn on Windows Defender real time protection, make sure you have some sort of backup plan in place. You can either use Windows built in backup or a third party backup tool like crash plan. Okay. Yeah, so the next thing I want to do is, where was it? I would go through, I usually go through privacy settings. So I have a tablet actually that has Windows 10 on it. And I essentially go through the privacy settings and see what I'm comfortable with. I tend to turn everything off in terms of privacy, especially things like location, yeah, location radios, all sorts of different things. So I usually go through and remove as many things that I'm not comfortable with like privacy being privacy issues being shared. The next thing you need to do is go into apps. And every so often, I wouldn't say weekly, but maybe every, you know, six months or something like that go into apps and features. And just check and see if there's any applications that are installed that you either don't know what they are, or you don't need them anymore. If you don't need them anymore, you're not going to use them, or you don't know what they are, you can probably remove them. Now, that's not always the case, removing some applications could potentially break another application. So for example, I have some forensic software, but it also installed Microsoft Server speech platform. So if I remove the speech platform, then the forensic software won't work like it like it should basically. So I usually go through and I remove everything that I know I can remove. And if I don't recognize something, I look up what it's for. So if something gets installed, or you accidentally install something, your friend installs something, then you basically try to clear it out of your system as quickly as possible. And then the last thing I'll talk about now is under network and internet, make sure you go into connections and under in this case, it's under ethernet related settings, go to Windows firewall. So Windows firewall, what does this do? It stops connections from basically coming in. Right now, if you don't have a firewall on, then any applications that are running on your computer, people from the outside can potentially connect into your computer, you know, regardless of what you want, essentially. So what you should do is you can use recommended settings. I'll just click that. And whenever you go into this, let's see. Oh yeah. So if we go over to turn Windows firewall on or off, make sure that Windows firewall is turned on. And we can block all incoming connections, including those from list of allowed apps that will block everything. And you'll probably, some of your applications will probably stop working. Use this if you know how to actually configure your firewall. Notify me when Windows firewall blocks a new app, keep that on so that way if a virus or something happens to get installed on your computer and tries to run, then you can have an indicator whether that application is new or not. So make sure that turn firewall is on for both public and private networks, unless you know how to configure the firewall to allow different types of exceptions. So yeah, there's a lot of different types of security and maintenance, but those are really the big things. Turn on a firewall so that way not everything can connect into your computer. And then under update and security, make sure that you keep your version of Windows up to date. Make sure you turn on Windows Defender or have a third party antivirus with Windows Defender. And then make sure that you have some sort of backup plan in place, at least for your critical files, the main files that you don't want to lose. If you do that, if you can keep your system up to date, if you have a firewall on and you're using Windows Defender and have some sort of backup, then the chance of getting a virus, as long as you're not downloading and running all sorts of random programs, the chance of getting a virus is much less, I'd say. Of course, your actions will dictate how much risk you have. So for example, I don't go to random websites and download everything I can and I block a lot of different types of access to my browser. So a lot of plugins for browsers, I block them. A lot of unknown code, I block it. So whenever I'm browsing, the risk of some sort of random malicious code is relatively low. I don't go to really strange unknown websites, download tools and install those tools. So your behavior will definitely dictate how much risk you have. But if you can do these things in Windows, you'll definitely reduce your risk of some, let's say older virus or older exploit working against you. And if something does happen, then you'll have a backup of all of your data just in case. So yeah, that's it for very basics, very introduction to securing a Windows system. Thank you very much.