Features to boost your PC's security and privacy (by BleepingComputer)

Gandalf_The_Grey

Level 53
Verified
Trusted
Content Creator
Apr 24, 2016
4,202
40,869
An interesting guide from Bleeping Computer:
Security features you should know about:
Potentially Unwanted App (PUA)
Memory Integrity
Controlled Folder Access
Network scanning

Windows 10 settings to increase your privacy
Turn off ads and tracking
Disable Start Menu suggestions and promotions
Restrict Diagnostic data
Manage permissions for location, microphone, camera
Disable the Windows Timeline (Activity history)
App permissions
Read the full guide here:
 
F

ForgottenSeer 85179

In my setup i turn off advertising ID, Start Menu suggestions, timeline and configure app permissions but set diagnostic data to full.
On security side the only one i don't use (anymore) is controlled folder access due to high breakage which isn't important on secure system anyway.

But good to see they don't spread any strange tweaks or third-party tools (y)
 

plat1098

Level 25
Verified
Sep 13, 2018
1,487
12,937
Good to see this list again--sometimes these settings and others are mysteriously turned off, particularly after a big update. I just found one that was off (prob. I forgot to re-enable it)--CFA. Every little bit helps.

Diagnostic Data is set to "optional" always due to Insider build requirements. Some of my very old games did not work at all, graphics-wise. After a couple of weeks, they work again due to the telemetry (send problem reports to Microsoft). Prob. missing some libraries somewhere.
 

rndmblk

Level 3
Nov 18, 2020
93
875
I'm not familiar with the network scanning option for Defender. I did some searching and the consensus seems to be that in general it's not recommended to enable this feature?
 

Arequire

Level 27
Verified
Content Creator
Feb 10, 2017
1,652
7,028
A few articles quoted MS documentation (although they didn't link to it).
Bleeping Computer for example - Windows Defender Fix For Windows 10: Enable Network Scanning - "Microsoft states in their documentation that scanning network files is not recommended"
Scanning network files and Network Protection are two completely different things.
Network Protection blocks access to malicious domains system-wide. Scanning network files, well, scans files on the network.
It's perfectly safe to enable Network Protection.
 

rndmblk

Level 3
Nov 18, 2020
93
875
Scanning network files and Network Protection are two completely different things.
Network Protection blocks access to malicious domains system-wide. Scanning network files, well, scans files on the network.
It's perfectly safe to enable Network Protection.
Yes but the article in the original post is talking about Network scanning as is the post I quoted. No mention of network protection that I can see
 

Gandalf_The_Grey

Level 53
Verified
Trusted
Content Creator
Apr 24, 2016
4,202
40,869
Compared to the past, Windows protection is much better. What I feel I need is a straightforward shortcut to these settings. Every time I set up Defender, I feel like I'm hunting for socks in a messy closet.🧦
It would be great if Microsoft gave easier access to those settings, but for now the answer is ConfigueDefender :D
 

Gandalf_The_Grey

Level 53
Verified
Trusted
Content Creator
Apr 24, 2016
4,202
40,869
Memory integrity is another security layer, so why does microsoft have it switched off by default?
Because of possible incompatibele third party drivers it can't be enabled by default.
The default is for maximum compatibility.
The question is if it's needed in a home environment?
See the discussion here:
 
Top