The following is a guest blog by George Pecherle, EAST-TEC
When you work with personal data on a Windows computer, your privacy and identity are at risk. We will show you a few basic things you should keep in mind, to make sure your privacy and identity are always protected:
1. Password protect all your Windows accounts
This way, no one will be able to access your computer. In Windows 8, you have the option to create either a Local Account or a Microsoft Account. A Local Account is the same as on the previous versions of Windows (an account locked by a password). A Microsoft Account is more than a Local Account: you will also be able to access files and photos anywhere, sync settings and more.
2. Use virtual safes to keep data encrypted and secured
If you have very sensitive data, create a virtual safe where all your data is encrypted. A virtual safe is nothing more than a special disk drive (like you have your C or D drive on your computer) where all data is kept encrypted. When you want to use data from this virtual safe, you just need to open (mount) it after entering the access password and you will be able to work with data, as if you work with data from your C or D drives. When you are finished working with data from the virtual safe, you just close (unmount) it and no one will be able to access it (and not even know you have a virtual safe or something to hide).
There are many tools on the Internet (some free and some commercial) that can help you create encrypted virtual safes.
3. Wipe your private data and your online/offline activity traces beyond recovery
When you "delete" a file in Windows, it is not really gone. The file is just marked as deleted until other files will occupy the same disk areas. Until then, the data is recoverable by anyone. For this reason, always wipe your private files using a specialized data wiping tool that will overwrite the disk areas occupied by the file with special data, in order to make it unrecoverable.
Some of these tools also offer you features that automatically detect private data on your computer, such as traces of your online and offline activities (web browser history, cookies, etc.) and wipe this data beyond recovery for you.
4. Use an antivirus and firewall
This will prevent intruders or viruses to steal your data or use it on your behalf.
5. Backup your data
You can keep copies of your data on external devices or in the cloud (there are many services who offer a lot of disk space in the cloud). Always keep confidential data encrypted (see suggestion no. 2 above).
6. Make online transactions only on HTTPS websites
Always check the website where you make financial transactions is HTTPS secured, otherwise you risk having your credit card stolen and used by someone else. When you are on a HTTPS connection, your web browser usually shows a lock somewhere indicating the connection is secure.
7. Hide private data in images or videos
This is called steganography, a technique that allows you to hide data inside innocent looking files (such as a common image file or a video) and no one will know that file actually contains private data or messages.
8. Do not save passwords in web browsers
Even if this is a useful feature, it is not very secure, as someone might obtain the list of passwords. Even if obtaining the passwords is not very easy, it is better to stay on the safe side and do not save passwords, especially for important sites.
9. Do not trust links received in emails or instant message conversations
Some of these messages might ask you to update your banking information or social media profile. This attack is called "phising". Do not trust all of them and always check if they come from a legitimate source (e.g. your bank). The easiest way is to see that the Internet address contains the correct domain name as you know it.
10. Always update Windows, your drivers and your software
Having an up-to-date system with all patches and updates will minimize the risks of attacks or security issues with your computer.