How-To

10 Step Security Guide for Keeping your Computer Virus Free

By Steve Krause

Updated May 6, 2024

groovyPost 10 Step Security Guide to Keeping your Computer Virus Free and Your Data Safe!

I’ve managed to dodge the bullet of virus and malware infection on all my numerous devices for more than 30 years of using various computers daily. How did I achieve this feat? By almost religiously following the 10-Step Security Guide I’ve outlined below. Sounds simple, right?

The Big Reveal? What’s in this Security Guide? The strategy is straightforward — I stick to a set of basic principles when operating my computers and lean heavily on sound judgment (or what you might call common sense) when something seems off.

So far, this approach has served me well, and if you’re curious about partaking in this streak of digital well-being, have a glance at my (maybe not so) concise guide to computer security below. Who knows, it might just carry you through the next ten years without a scratch from viruses. ;)

Diving Into My Cybersecurity Soliloquy …

I’d like to begin by sharing a core belief that I apply across all my tech gadgets: there’s no magic wand in the realm of information security. Achieving Information Security, or computer security as some prefer to call it, isn’t as simple as a one-and-done action. It’s about a commitment to a series of actions now, tomorrow, next week, and for as long as you’re using a computing device.

Moreover, robust Information Security involves building multiple layers of defense. Each additional layer fortifies your digital “fortress,” making it increasingly challenging for bad actors to penetrate. The more security layers you have, the better your chances of maintaining a pristine and secure system from the nefarious reaches of malware.

Hence, the security steps I’ve laid out below are not ranked in any specific order. Each one represents an additional layer in your comprehensive security strategy. Individually, they leave you vulnerable, but together, they forge a formidable barrier safeguarding your data against the malevolent elements of the digital world.

1. Install Operating System Security Updates

Windows, macOS, Linux, etc. Despite their differences, all operating systems have one thing in common: they inherently have flaws/bugs/issues/etc. I don’t know, maybe this comes as a surprise to you, but humans are far from perfect, and all of these operating systems are written by humans.

That’s the main reason OS updates are released: the developers find new bugs and exploits, and issue patches to plug those holes in your information security. That’s why you must make sure your computer stays protected by installing the latest security updates.

If you’re an Apple user I can see your smirk from here because you think Macs don’t have any security issues right? Think again — SecurityWeek noted that a total of 21 new malware families emerged in 2023 targeting macOS-based computers. That marked an increase of more than 50% compared to 2022. Even Apple points out the need for antivirus protection in macOS.

2. Install Application Security Updates

Similar to #1, the software you install on your computer is flawed the moment it’s written. In other words, the minute you install a new app on your computer, your computer becomes that much less secure. To make things worse, small software companies don’t have the massive security budgets larger corporations have, like Microsoft and Apple, so it’s not uncommon for “security” to be left out entirely.

The bad guys (hackers) know this, so rather than try to break Microsoft, many are targeting the software on your computer. What makes this even easier for hackers is the fact that they can count on a few pieces of software installed on just about every computer out there.

You guessed it, that’s Adobe Acrobat Reader. Unfortunately for us, Adobe doesn’t have the greatest track record for writing secure software.

The moral of the story is to make sure you’re running the latest versions of software on your system and verify at least once a month that you’ve installed the latest security updates as well. This is not easy if the software doesn’t have an auto-update feature. Nevertheless, that’s a massive attack surface that needs to be kept clean. Yes, this is a tough one, and it will take a lot of work. Good luck, groovyReaders!

3. Install a Quality Anti-Malware Application

With so many high-quality free antivirus applications available for most operating systems, you have no excuse to be running with no antivirus software. My recommendation? Keep things simple and use Microsoft’s free antivirus client. If you’re not a Microsoft Windows user, we’ve got a list of great options for the Mac. By running anti-malware AV software, you’re not just protecting yourself, you’re also protecting the community.

4. Keep Your Antivirus Application Updated with the Latest Virus Signatures

New viruses and malware strains spread like wildfire across the internet every day. To keep pace with these threats, antivirus firms continuously refine their software, enabling it to recognize and thwart (with any luck) the intrusion of these harmful programs into your system. These are known as either “signatures” or “definitions,” depending on the software you’re using.

In the past, refreshing your computer with the latest AV definitions weekly or monthly was good enough. However, given the relentless evolution of cyber threats nowadays, it’s imperative to update your AV software as frequently as possible, daily or even hourly. This makes sure your system is armored against the freshest dangers lurking online.

Windows Defender doesn’t allow for hourly updates (unless you’re inclined to employ a batch script to manually initiate updates — a strategy I wouldn’t endorse). Nevertheless, you can configure it to automatically update itself every day. That should suffice for robust protection.

For users of other AV solutions like McAfee, verifying that you’re equipped with the latest signatures is straightforward. Usually, it’s as easy as right-clicking the program’s icon in your system tray and selecting About. You might even find options within your AV software to schedule updates and refreshes of its definitions and signatures at intervals ranging from weekly to daily, hourly, or even every minute (though I wouldn’t advise the latter).

Let’s be clear: if not regularly updated, your antivirus software becomes useless 2 to 3 weeks after you install it, sometimes the day of installation. Consider this simile: your antivirus is like a firearm, and the security signature updates dispensed daily are its ammunition. A gun without ammo is worthless. Similarly, an antivirus without continuous updates to its signature database is ineffective. Therefore, it’s critical to keep it refreshed daily with the newest signatures and definitions.

5. Install a good Anti-Spyware / Adware / Malware application

Some might argue that if you have a good AV application installed, you don’t need to worry about installing a specific Anti-Spyware / Adware application. To me, it’s a lot like going out in the bitter cold. You’re always best to dress in layers to protect yourself. I believe computer security is best handled the same way, with layers of security. You’ll notice that Microsoft’s built-in security protection for Windows takes that approach.

That way, if a layer misses an exploit due to an old virus signature, the next layer might get it. So, with that in mind, I like to install an anti-spyware application along with an antivirus application just for the added layer of security.

Despite all the negative press from the Vista days due to performance issues… Windows Defender has worked well on all of my Windows systems with little to no impact on system performance.

Another good option if you want a different set of signature files between your antivirus app and your anti-spyware app is Malwarebytes. They have both been around for years and are very widely used across the world. It’s probably my #2 choice, depending on my mood. ;)

6. Don’t be an Internet Victim! Use Your Brain!

Now that you’ve completed steps 1 through 5 above, guess what? You’re ready to open your web browser, surf the internet, and use email! Just don’t get all carried away with the feeling of invincibility, thinking your PC is fully updated.

The following few tips are actually the most important. That’s right …. If you ignore a few tips below, your computer will probably end up infected with malicious software in just a matter of weeks, if not days.

7. Use Common Sense While Using Email

Although many scams have moved to text messages and phone calls, email is still a very popular tool used by evil people all around the planet. Unfortunately, even in 2024, it’s still an extremely effective way to hook people using social engineering. With that in mind, here are just a few examples of things to look out for.

1. If you get an email from someone you don’t know, DELETE IT!
2. Did you receive an email with a file attachment you weren’t expecting, even from a close friend or family member? DELETE IT! If the email was legit, ask them about it later and have them resend it.
3. If a bank or credit card company emails you to tell you your account was hacked, DELETE IT! Banks will ALWAYS call or text you if there is a problem with your account. I guarantee this 100% of the time. Even if the email is legit, DELETE IT and call your bank. You don’t want all those private details in email anyway.
4. If you get an email that tells you to send money somewhere, DELETE IT!
5. If you get an email that tells you that you’ve won money … DELETE IT!
6. If you get an email with an attachment that’s compressed and password-protected, DELETE IT!
7. Be wary of poorly written, broken English emails. For one, it’s not worth reading, and two, it’s probably a scam or a virus.
8. Be very wary of Greeting cards and e-vites. Most of them want you to click on a link.
9. If you get an email from your mother-in-law telling you about a new virus on the internet, DELETE IT (sorry, I couldn’t resist).
10. Bonus tip (since I wanted to list 10). Although not an email, if someone calls you on the phone and tells you they are the US Government, FBI, IRS, a Bank or Microsoft, etc., you should briefly get their name and company they are calling from, then hang up on them. You can then call them back using an official number from the company/gov website. A simple scam is impersonating law enforcement or a tech support company to tell you you’ve been hacked or going to jail if you don’t install software on your computer so they can help you. Don’t fall for it. Hang up.

Remember – If something doesn’t look right or if an email scares you … DELETE IT. When in doubt, throw it out!

8. Surf the Web Securely

If you visit a website that offers to scan your computer for viruses, leave the site immediately. It’s probably a scam to get you to install malware on your computer. Whatever you do, NEVER install software from a website unless you know exactly what the software is and go to that site to install it.

Some websites will prompt you to install software to either scan your computer for malicious software or to allow you to watch a movie or just use the site. Be VERY wary of this stuff. You can’t know what’s getting installed. Just keep in mind that no credible, modern company will ask you to install anything to view their site.

Never install free games found on the internet. If you want a game for your kids, stick to games you can find on the Microsoft Store or Mac App Store. If a kids’ site wants you to install something on your computer, forget it. Run away!

Ready for this one? If you can … avoid the shadowy side of the internet. That’s right, I’m talking about porn sites, hacking sites, and BitTorrent sites. The same goes for those password sites for porn and applications. These are all FULL of malicious software that is just waiting to be installed on your computer.

Don’t steal software by downloading it from BitTorrent sites. Almost 100% of the time, the software you download from a torrent will be protected by copyright law and is probably infected with some malicious code/virus that will install right alongside the application. Best to just buy the software you want and stay away from the “Free / Illegal” side of the internet.

9. Use a Unique, Strong Password and Two-Factor Authentication For Each of Your Online Accounts

Password management is key to keeping your computer and your online data secure. Honestly, in 2024, you really shouldn’t be coming up with a password at all. Instead, you should use a password manager like 1Password, which is my favorite. It will create and store passwords for you, and when you visit a website, it will automatcilly enter in the Username and PW for that website.

Personally, I only know a single password for every website I use daily. The password is my “Master Password” that gets me into 1Password. This is where all my passwords are stored.

If you must create a password, however, please follow the three steps below to help you create a secure and unique password!

1. A strong password is a unique password. As tempting as it might be, never use the same password on multiple websites. Sharing passwords between sites is like Russian Roulette. All it takes is one website hack to ruin your day. Add a layer of security to your online accounts by using unique passwords.
2. Don’t use dictionary words. Yeah, I know, your kids are adorable, but their names make horrible passwords, as do months of the year. Dictionary words are easy to guess, and there are about a million apps out there that specialize in attacking accounts using dictionary words in all known languages.
3. Use a passphrase. Do you mean like an actual phrase? Yes, that’s exactly what I mean. The great thing about a passphrase is it’s long, it’s not a dictionary word and in some cases, it’s easy to include special characters. Unfortunately, Twitter doesn’t allow spaces in their passwords but you can still use special characters like in my example: ilovegroovypostsoverymuch!!

Wow, a 27-character password that is easy to remember and includes two special characters. Good luck trying to hack a password like that one!

You should also take advantage of two-factor authentication whenever possible. This is a fantastic way to add one more layer of security to your online accounts. Many popular online services support 2FA, including Google, Apple, Facebook, Twitter, Dropbox, and more. If you don’t understand what 2FA is and I just confused you, jump over to my free Tech Support Forum and post your question there. No, it’s not a scam site. It’s just easier to answer questions and walk you through 2FA on that site.

10. Routine System Maintenance

Backup … oh … how could we forget about backups? No matter how many precautions you take, having a solid and reliable backup is a must-have. If you’re not backing up your system today, stop what you’re doing and take the steps necessary to get a full system backup now! What should you use? There are a million different options. If you prefer to keep your backup close, grab a USB drive and create a system image.

If you want my advice, use Backblaze. It’s a rock-solid cloud solution that just works. Period. It’s cost-effective for both a single PC and all the PCs in your home (Windows or Mac). I loved it so much, I bought it for all my computers at home AND for work. Yup, we run over 2000 copies of Crashplan at my corporation, and it works great!

As a final security tip, you should routinely clean out the cobwebs on your system by deleting old cookies, Internet history, browser cache, and system temp folders. I’ve already written a guide for this using a free tool called CCleaner. That said, the tool is very simple to use, automatically updates itself and if you follow my guide — is safe to use.

This final tip is important because as you surf the web and install software, you pick up “things” like small bits of websites in your cache as well as cookies that track your surfing, etc. By clearing out these small bits from time to time, you’re not only wiping away those tracking cookies, but you’re also protecting yourself in the event your system becomes compromised. Granted, if that happens, you’re probably already in trouble. However, as I mentioned above, security is about layers, and this is just one more you can add to your routine.

Conclusion

It’s important to note that this Security Guide is not a 100% comprehensive list. Honestly, with Information Security, nothing is 100%. As already stated, it’s about doing a lot of little things and using common sense vs. finding an end-all security guide on the internet somewhere. That being said, if you notice something obvious that I missed, please contribute and drop your tips in the comments below, and I’ll do my best to quickly add it to the Security Guide. I’m sure all the groovyReaders out there will appreciate it!

This article received a significant update on 3/6/2024. Original publish date: 2/18/2010.