Windows 10 is getting kudos from technology pundits everywhere for producing an operating system that is efficient, technically excellent, and more secure than anything Microsoft has ever produced. But this is an operating system that is attached to cloud services, and that collects and transmits more personal data to Microsoft and other cloud providers. Just like your smartphone, your Windows PC and all those Apps are keeping track of your location, the things you look for online, integrates with your social networks, and tracks other personal information. So just how secure is Windows 10, really?
I have been running unadulterated Windows 10 Enterprise since it was launched last July. I like this OS, but I don’t love it they way I loved Windows 7. All the technical stuff under the hood is awesome. But visually, I’m still not crazy about where they took the user interface, and they still have those silly app tiles, but at least the Start Menu is back.
I have NOT tightened up the security the way I will recommend in this article. But I probably will. Should you? Well that is the point of this article. Let’s begin
There are a couple of good do-it-yourself articles at TechRepublic and ZDNet for those of you who like to know where all the bits are located. Heck, when you are rummaging around in Privacy settings, you may find other setting that you want to experiment with.
If you are looking for a quick and simple way to do change your privacy and security setting automatically, I can suggest O&O Software’s ShutUp10. This was recommended to me by a colleague. This is a free download, and it runs from your Desktop or Downloads folder without the need for installation. They say:
“O&O ShutUp10 means you have full control over which comfort functions under Windows 10 you wish to use, and you decide when the passing on of your data goes too far.
Using a very simple interface, you decide how Windows 10 should respect your privacy by deciding which unwanted functions should be deactivated.
O&O ShutUp10 is entirely free and does not have to be installed – it can be simply run directly and immediately on your PC. And it will not install or download retrospectively unwanted or unnecessary software, like so many other programs do these days!”
But my colleague talked about a cybersecurity team that had used O&O ShutUp10 on some Windows 10 systems in a HIPAA environment. We are all concerned whether Windows 10 systems can ever be set up to be fully HIPAA compliance, due to the chattiness problems we talked about earlier. This team was still seeing unusual outbound traffic, even after running ShutUp10 and trying some other things. So they imaged everything back to Windows 7. So this may not be a HIPAA compliance solution. I have to imagine that Microsoft will come out with some sort of patch or Fix-It solution for at least the Enterprise version.
Turning off some of these settings will disable the machine learning of services such as Cortana, and will interfere with other clouds apps and services, so be prepared to decide which is more important to you – privacy or ease of use.
Nevertheless, this is still a vast improvement over the default privacy setting the comes with Windows 10, and if this is a concern for you, go for it.
- O&O ShutUp10
- Tech Republic – Windows 10 violates your privacy
- ZDNet – How to secure Windows for paranoids
- PCWorld – Stop Windows 10 ad pushing
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com