As you might imagine, I get questions like this all the time.
Here’s a short summary of my current recommendations.
Become a Patron of Ask Leo! and go ad-free!
The short-short version
Most home and small-business users who don’t want to think about it too much should simply:
- Get a router, even if you have only one computer. This will be your primary firewall.
- Use Windows Defender, already installed in Windows 8, 8.1, and 10, or install the free Microsoft Security Essentials for Windows 7. This will be your anti-virus, anti-spyware, and malware scanner.
- Make sure Windows Update is on to keep your computer as up to date as possible.
- Make sure Windows Firewall is on when you travel — or just leave it on all the time.
Good basic protection in four steps.
Basic security software: Windows Defender
Windows Defender — referred to as “Windows Security” in Windows 10 — comes pre-installed in Windows 10. Microsoft seems to be improving it with every release.
Defender does a fine job of detecting malware without adversely impacting system performance or nagging you for renewals, upgrades, or up-sells. It just does its job quietly in the background — exactly what you want from your anti-malware tool.
The ratings game
Every so often, Defender comes under fire for rating lower than some other security packages in tests published online. I get push-back — often angry push-back — that Defender remains my primary recommendation.
There are several reasons I stick to that position.
- No anti-malware tool will stop all malware. Malware can and does slip by even today’s highest-rated packages.
- “Highest-rated” changes depending on the date, the test, and who’s doing the testing. There is no single clear, consistent winner.
- Regardless of how the data is presented, the differences among detection rates across most current anti-malware tools is relatively small compared to other factors.
There are also some practical reasons I continue to prefer Windows Defender.
- It’s free.
- It’s already installed; there’s nothing you need to do.
- It rarely impacts system performance.
- It keeps itself up to date using Windows Update.
- It has no hidden agenda — it’s not going to pester you with renewals, upgrades, or up-sells to tools you don’t need.
It’s not perfect, but no security tool is.
My recommendation stands. Windows Defender remains a solid, free security package with minimal system impact. It should be appropriate for almost everyone.
Alternatives and additions
I also recognize that Defender might not be right for everyone. No single product is.
This is where I run into difficulty making specific recommendations. The landscape keeps changing. Tools that were once free have, more than once, started promoting their paid product so heavily that the free version virtually disappears. People download and install programs thinking they are free, only to discover it’s a “free trial” or “free download” (if you want to keep it past a certain length of time, you’re required to purchase).
Some have become as much self-promotion tools as they are security tools, bombarding you with sales pitches and upgrade offers to the point of getting in the way of your work.
Things keep changing. So to the extent that I mention specific tools below, caveat emptor: “let the buyer beware”. I can’t honestly predict these tools will remain recommendation-worthy.
Spybot Search and Destroy is one of the oldest and most highly-regarded anti-spyware tools out there. Like Malwarebytes, it has also expanded to be a more fully-featured security tool.
AVG, Avira, and Avast, or the “three AV’s”, as I like to call them, are three other free solutions I’ve recommended over the years. I continue to hear both good things, and not quite so good things, about each, often in waves as each make significant updates.
Caveats with all
I need to reiterate some important points.
- I’m referring to the FREE version of each of these tools, not the “free trial”. In several cases, they are two completely different downloads. A “free trial” is just that — a trial, typically of a more fully-featured product. Unless you know otherwise, the truly FREE version of these tools would be my recommendation.
- Regardless of which you download, you are still likely to be faced with upgrade and up-sell offers to a more fully-featured version, or even an ongoing subscription. Unless or until you know you want this, always decline.
- Speaking of declining: when installing any of these products, always choose custom installation, never the default. You may well get toolbars and other unrelated software you don’t need or want. Consider using Ninite to install these tools — all are available there.
For home and business use, I recommend the use of an NAT router as a firewall. You probably already have one.
They don’t have to be expensive, and are one of the simplest approaches to keeping your computer safe from network-based threats. If all the computers on the local network side of the router can be trusted, there’s no need for an additional software firewall.
When traveling, or if you don’t trust the kids’ computer connected to the same network as your own, I recommend turning on the built-in Windows Firewall. In recent versions of Windows, it’s already on by default. There’s no harm in leaving it on, but it can occasionally get in the way of some local machine-to-machine activities like sharing files and folders.
I strongly recommend you back up regularly.
In fact, I can’t stress this enough. 99% of the disasters I hear about could be completely avoided simply by having up-to-date backups.
Stay up to date
Keep your computer — Windows and all the applications you run — as up to date as possible.
In Windows 10, this happens automatically, as long as you don’t take steps to disable it. Needless to say, I strongly recommend you not take those steps, and let Windows Update keep your system as up to date as possible.
Many of the security issues we hear about are due to individuals who have not kept their operating system or applications up to date with the latest available patches.
And finally, Internet Safety: 7 Steps to Keeping Your Computer Safe on the Internet has even more tips for keeping your computer safe.