For many years, the perceived wisdom when it came to Windows PCs was that you needed to install antivirus software if you wanted to keep your computer and your data safe.
But, with the continued security improvements in the Windows operating system itself, is that still the case? We explain whether you should install antivirus apps on your PC or laptop.
Does Windows 10 come with antivirus software?
It does indeed: Windows Defender. Windows has had virus protection for a number of years, and the latest iteration found in Windows 10 is the strongest it’s ever been.
Many people stick with Windows Defender as their primary security software and, when combined with a few sensible precautions, we think that’s an acceptable approach. It's almost as good as the free antivirus offerings from AVG, Avast and Bitdefender.
Microsoft’s offering has the advantage of being baked into the OS, so it has a low drag factor when it comes to system resources. The upshot of this is that you shouldn’t see much of a performance dip if you have it running in the background. And you don't have to install it or configure it in the first place, which is also a bonus.
To check if Windows Defender is working correctly, take a look at our How to turn on or off Windows Defender tutorial.
The advantage of dedicated anti-virus software, though, is that they usually provide a wider range of features in terms of how they protect your system.
So, you’re looking at the age-old trade off of performance over safety.
Is Windows Defender enough by itself?
Windows Defender is a capable tool, and is updated regularly, just like all antivirus software.
Defender also now has 'Exploit Guard' which helps to protect your files against ransomware, but only if you've updated to the Creators Update (or a later version of Windows 10).
Paid-for antivirus software often gets new features sooner, though, and many now employ AI for better threat detection. And you'll probably get extras such as password managers, as well as email and web-browser plug-ins which can warn you of dodgy attachments and websites.
Don’t use an Administrator account
It's not a good idea to use an account with Administrator privileges. This simple modification can eradicate many of the threats out there, as malware, spyware, and the like will not be able to install itself.
To do this you’ll need to create a new Administrator account (as you’ll want one on your system), then change your existing one to a Standard account.
This can be achieved in Settings > Accounts > Family & other people, where you add either a family member or a generic account.
Set this as an Administrator, then log out of your existing account. Log in as the new one, click on your normal account and when the option to Change account type appears click on it. This opens a window where you can select to make that account either Standard or Administrator.
With this up and running it should offer a fair amount of protection from accidental downloads with malware under the covers.
If you do find that certain programs you use regularly require the higher-level access, then you can always give that a special pass. Read How to run programs as Administrator in Window 10 for more details.
Have a dedicated browser for Flash or Java
Another common weak point on Windows comes from third party software. Flash and Java both are known to be the route many malware programs take to get onto your system, so it’s wise to limit their use.
In some cases, this is hard, as you might have specific websites that require them – banking sites were a prime example for a time - meaning you can’t disable the programs completely.
Our advice is to download another browser - Chrome, Firefox, Opera, etc. - and have Java and Flash enabled on that one. Then whenever you need to use the website that requires them, you can open that browser, but for the rest of the time online you’ll be in a secure browser instead.
Be very careful what you click on
Many of the ways people are compromised these days comes through being fooled into clicking on links in emails, which then downloads malware, or clicking through to fake versions of websites which then ask you to log in, therefore stealing your account details.
A good rule of thumb is to always navigate to a site yourself. If you get an email saying your account password needs changing, or even that there’s a great sale on, then don’t click on the link. Instead, go to your browser and type in the address of the site. If the sale is real, then you’ll be able to find it.
Be very cautious about links in emails or social media messages too, as these can be just as perilous. Basically, treat every link or download as suspicious, and you can avoid a lot of problems.
Make regular backups
The last essential part of protecting yourself is to make regular offline backups. Yes, using online services is a good idea, and as you’ll see from our best cloud storage roundup there’s plenty of choice, but with Ransomware becoming more of a threat we’d also highly recommend creating your own local, offline backups too.
Follow our How to backup Windows 10 guide for more details on the software you can use, and how to set up a regular schedule for protecting your precious data.
So, I don’t need any other anti-virus software at all?
Yes and no. If you’re a careful user, who doesn’t click on things without reading them first and sticks to the main roads of the internet, then using the methods outlined above should keep you safe. Be sure to set up Windows Defender properly, enabling its SmartScreen and Ransomware features, and it will serve you well.
But, and this is important, there’s always going to be a chance that something will slip through the net. If you want the highest levels of defence, then do all of the above but add a full security suite on top.
We’ve created a guide to the best antivirus that you can use to make your decision, just so long as you remember that no software is going to prevent you from giving your account details away if you’re careless online.
Stay vigilant, and stay safe.
Click here for the best Microsoft voucher codes.