Protecting Your Computer

Simple Security Is Still Security

Most online problems arise from haste. Most protection comes from brief, calm verification.

For Protecting Your Computer the practical route is straightforward: choose small measures you can set up today and maintain.

The goal is not perfection, but predictably safe behaviour that holds up even on busy days.

Immediate measures (15 minutes)

• Apply basic measures immediately: MFA, password manager and updates.
• Use secure default settings for privacy, browser and device.
• Record a recovery plan for account loss, fraud or data breach.

Why this matters

The core of Protecting Your Computer is risk reduction in practice. Technical context supports the choice of measures, but implementation and embedding are central.

The day the hospitals ground to a halt

On 12 May 2017, employees of the British National Health Service arrived at work and discovered that their computers had been held hostage. On the screens was a terrifying red message: all their files had been encrypted, and they had to pay to get them back. Not with ordinary currency, but with Bitcoin. The attack was called WannaCry and spread within hours to 150 countries. Hospitals could no longer access patient data. Operations were postponed. Ambulances were redirected.

The bizarre thing? The vulnerability that WannaCry exploited had already been patched by Microsoft weeks earlier in a security update. The hospitals that were affected had simply not installed that update. That is all. An update that takes a few minutes and runs in the background could have prevented the entire disaster.

This story tells you everything you need to know about computer security. It is not complicated. It is not technical. It is mostly: do the boring things you keep putting off.

Updates, updates, updates

I will say it again, because it cannot be repeated often enough: the single most important thing you can do to secure your computer is to install your updates.

Every time you click away that notification with "Remind me tomorrow," you leave a door open that a criminal can use. Security updates are not cosmetic improvements or nice new features. They are repairs of holes through which malicious actors can break into your computer.

How to make sure updates happen automatically:

1. Windows: Go to Settings, then Windows Update, and check that automatic updates are enabled. This is the default setting, but some people turn it off because it is "annoying." Don't do that.
2. Mac: Go to System Settings (or System Preferences on older versions), then General, then Software Update, and enable automatic updates.

And just like on your phone: don't forget your other programmes. Your web browser, your PDF reader, your office suite — everything that connects to the internet deserves attention.

Tip: Restart your computer at least once a week. Many updates only take effect after a restart, and there are people who close their laptop for months without ever properly turning it off.

Antivirus: do you still need it?

This is a question many people ask, and the answer is more nuanced than you might think.

Twenty years ago, antivirus software was absolutely essential. Windows was riddled with holes and viruses spread like wildfire. Nowadays the situation is different. Windows comes with a built-in security solution: Microsoft Defender. And it is — surprise — quite good.

The short version:

Situation	Advice
You have Windows 10 or 11	Microsoft Defender is sufficient. Leave it on.
You have a Mac	The built-in security (XProtect) is good. Extra software is optional.
You download a lot from unknown sources	Consider an extra scanner, but mainly change your behaviour.
You already have a paid antivirus programme	Fine, keep it. But two antivirus programmes simultaneously is a bad idea.

Important: the best antivirus programme in the world will not help you if you click on every link and open every attachment yourself. Software is a safety net, not a replacement for common sense.

What you should do:

1. Check whether Microsoft Defender (Windows) or XProtect (Mac) is active.
2. Do not install two antivirus programmes simultaneously. They will conflict with each other and make your computer slower and less secure.
3. Be sceptical of free antivirus programmes you encounter everywhere on the internet. Some are fine, but others earn their money by collecting and selling your data. The cure is then worse than the disease.

Backups: the insurance nobody takes out

Imagine your laptop breaks down tomorrow. Or is stolen. Or is hit by ransomware. Everything gone: your photos, your documents, your administration, that one assignment you spent three weeks on.

Most people do not make backups. Or they made one at some point, three years ago, on a USB stick they can no longer find. That is not a backup, that is a reminder of good intentions.

The 3-2-1 rule

Security experts swear by a simple rule:

Component	What it means	Example
3 copies	Have your files in at least three places	Your computer, an external drive, and in the cloud
2 different media	Use at least two types of storage	Hard drive plus cloud storage
1 at a different location	One copy outside your home	Cloud storage or a drive at a relative's home

That may sound excessive, but think about it: if your house burns down and your computer and your backup drive are both on your desk, you effectively have no backup.

Practical advice:

1. The easiest option: use a cloud service. iCloud, Google Drive and OneDrive all offer automatic synchronisation. Turn it on and forget about it.
2. The most thorough option: connect an external hard drive to your computer and set up automatic backups. On Mac this is called Time Machine (you find it in System Settings under General). On Windows it is called File History (look for it in Settings under System, then Storage, then advanced storage settings).
3. The golden combination: do both. Cloud synchronisation for day-to-day use, an external drive for a full backup.

Tip: Test your backup. Seriously. A backup you cannot restore is not a backup. Try restoring a file to see whether it works.

Ransomware: digital kidnapping

You have probably heard about it, but what exactly is it? Ransomware is software that encrypts your files — makes them unreadable — and then demands a ransom to release them. It is essentially digital kidnapping.

How does it get onto your computer?

The most common ways:

1. Email attachments. An invoice that looks real but is not. A parcel notification from a delivery service. A so-called document from your bank.
2. Infected websites. You click a link, land on a fake website, and the software is quietly downloaded.
3. Outdated software. As with WannaCry: if you do not install your updates, you are vulnerable.

How do you protect yourself?

1. Install your updates (there it is again).
2. Make regular backups (if your files are held hostage but you have a recent backup, you can ignore the criminals).
3. Do not open attachments you were not expecting, even if they appear to come from someone you know.
4. Do not download software from unknown websites.

And if it happens anyway?

1. Do not pay. There is no guarantee you will get your files back, and you are funding criminals.
2. Disconnect your computer from the network (unplug the network cable or turn off wifi) to prevent it from spreading.
3. Contact a professional or call the Fraud Helpdesk (0088-7867372).
4. Restore your files from your backup.

Tip: The police and security companies have created free decryption tools for some types of ransomware. Check nomoreransom.org before giving up hope.

Encryption: your digital safe

Suppose someone steals your laptop. If your drive is not encrypted, the thief can simply remove the hard drive, connect it to another computer, and read all your files. Your login password does not help in that case — it only protects the front door, not the contents.

Encryption ensures that the contents of your drive are unreadable without the correct password. As if all your files are stored in a safe that only you can open.

How do you enable it?

1. Mac (FileVault): Go to System Settings, then Privacy & Security, then FileVault. Click "Turn On FileVault." On most modern Macs this is already enabled by default. Check it anyway.
2. Windows (BitLocker): This is available on Windows 10/11 Pro and Enterprise. Go to Settings, then Privacy & Security, then Device Encryption. If you have Windows Home, device encryption may also be available — search for "encryption" in your settings.

Important: store your recovery key in a safe place. If you forget your password and have no recovery key, your data will be permanently inaccessible. With Apple you can link it to your Apple Account. With Windows it is stored in your Microsoft account.

Securing your browser

Your web browser is your window to the internet, and just like a real window you should sometimes clean it and check that it closes properly.

Three things you can do right now:

1. Install an ad blocker. Not just because advertisements are annoying, but because malicious adverts are one of the ways malware is distributed. This is called "malvertising" — harmful software hidden in advertisements on otherwise legitimate websites. An ad blocker like uBlock Origin (free, available for all major browsers) blocks this.

2. Check for the padlock. That small padlock in your address bar means the connection between you and the website is encrypted. No padlock? Then absolutely do not enter any passwords or personal data. Modern browsers also warn you about this.

3. Be critical about browser extensions. Every extension you install can potentially read everything you do in your browser. Only install extensions you genuinely need, from reputable developers, with good reviews.

Recommended extensions	What it does
uBlock Origin	Blocks advertisements and malicious scripts
Your password manager	Fills in passwords securely (see the passwords chapter)

Tip: Clean up your extensions regularly. Go to your browser's extension menu and remove everything you no longer use. Extensions that are no longer maintained by the developer can pose a security risk.

Old software: end of life

Software has a shelf life. At some point the developer stops releasing security updates. This is called "end of life" and it means that every new vulnerability that is discovered will no longer be repaired. Your computer becomes progressively less secure, and there is nothing you can do about it except upgrade.

Important dates to remember:

Software	Status
Windows 7	No longer supported since January 2020
Windows 8.1	No longer supported since January 2023
Windows 10	Support ends on 14 October 2025
Windows 11	Currently supported
macOS	Apple generally supports the current and two previous versions

If you are still using Windows 10: make a plan to upgrade to Windows 11 before support ends. Can your computer not handle Windows 11? Then unfortunately it is time to think about a new computer. That is annoying, but using an unsecured system is like driving a car without brakes. It works for a while, until it does not anymore.

Tip: Check your other software too. An outdated browser or an old office suite can be just as dangerous as an outdated operating system.

Your home network: the forgotten front door

Almost everyone has a router at home — that box from your internet provider that your wifi comes from. And almost nobody has ever changed the default password.

That is a problem. Because if someone gains access to your router, they can potentially intercept all your internet traffic, redirect you to fake websites, or attack your devices.

What should you do?

1. Change the administrator password of your router. This is the password used to change the router's settings, not your wifi password. You can usually find the login page by going to 192.168.1.1 or 192.168.0.1 in your browser. The default password is often on a sticker under the router or in the manual.

2. Change your wifi password if you are still using the default password on the sticker of your router. Choose a strong password (or better: a passphrase).

3. Check the encryption method. In the wifi settings of your router there should be WPA3 or WPA2. If it says WPA or WEP, your network is poorly secured and you need to change this.

4. Keep your router up to date. Yes, your router gets updates too. Many modern routers do this automatically, but check it anyway.

Setting	What it should be
Administrator password	Not the default password
Wifi password	Strong, not the default password
Encryption	WPA3 or WPA2 (never WEP or WPA)
Firmware	The latest version

Tip: Not sure how to access your router's settings? Search online for the brand and model of your router (on the sticker) plus "login." Or call your internet provider and ask for help.

Do this today

The most important steps to better secure your computer. Start with the first three and work through the rest when you have time.

• Check that automatic updates are enabled for your operating system
• Restart your computer if you have not done so for a while
• Check that Microsoft Defender (Windows) or XProtect (Mac) is active
• Set up an automatic backup (cloud storage, external drive, or both)
• Test your backup by restoring a file
• Enable disk encryption (FileVault on Mac, BitLocker or device encryption on Windows)
• Store your recovery key in a safe place
• Install uBlock Origin in your browser
• Remove browser extensions you no longer use
• Check whether your operating system is still supported
• Change the administrator password of your router if it is still the default
• Check that your wifi is set to WPA2 or WPA3

Remember: computer security is not a one-off action. It is a habit, like brushing your teeth. You do not need to spend hours a week on it. But by doing a few simple things regularly — installing updates, making backups, paying a little attention — you make it much harder for criminals. And that is ultimately the goal: not to be invulnerable, but not to be an easy target.

← Previous Securing Your Phone Next → Safe Browsing and Wi-Fi