Protecting Windows from Viruses and Spyware : Antimalware Strategy: Defense in Depth (part 1) - Windows Action Center

So far, no one solution has been developed that solves all computer security problems. To date, the best strategy for protecting information systems is to use layers of defense to stop attackers. Although security technologies can be complex, the strategy behind them is simple: Give attackers as little as possible to target, and protect what must be exposed with multiple layers of security. Even if one layer is defeated, another will likely block the attack.

Think of a medieval castle on a hilltop. Tall watchtowers provide visibility in every direction. A massive outer wall surrounds the castle, as does a foul moat. Attack options are limited and grim because there are so many layers of defense to counter. The castle’s archers, catapults, and other defenses make even approaching the wall a daunting task, while the moat protects against undermining the castle walls. But even if one were to somehow penetrate the outer defenses, concentric inner walls, protected by all manner of vicious implements, stand ready to deliver more punishment. And then, if the inner walls are breached, the innermost keep must be stormed, which will be defended most fiercely by its inhabitants.

Defense in depth is not a new security strategy, but it is an effective one. Besieging a castle was a formidable task. Eventually, of course, new technology in the form of gunpowder rendered these defenses obsolete. Such is the nature of an arms race.

1. Windows Action Center

The easiest way to get a high-level security overview of your computer’s own defense-in-depth strategy is to check the Control Panel’s Action Center, shown in Figure 1. It monitors the state of the main security components on the system: Network Firewall, Windows Update, Virus Protection, Spyware and Other Unwanted Software Protection, Internet Security Settings, User Account Control, and Network Access Protection. If there are any security concerns, a yellow or red vertical bar appears alongside a message in the content pane to indicate the importance of the issue, along with a red indicator (for high-priority issues) on the flag icon for this utility in the notification area on the taskbar.

Figure 1. Action Center alerts the user to security and maintenance issues.

If you see such an indicator, click the flag in the notification area to open a flyout menu. You can either click the appropriate link to resolve the issue in one step, or select Open Action Center to view all message details and take appropriate actions. Common reasons for indicators include outdated virus definitions, security updates to apply, or a firewall disabled, perhaps for troubleshooting purposes.

Microsoft graciously enables several of the main security categories right out of the box. With no action on your part, Network Firewall, Windows Update, Spyware and Other Unwanted Software Protection, Internet Security Settings, and User Account Control all show an On or OK status (see Figure 2).

Figure 2. Action Center displays a list of security items.

One section, however, might be red even on a brand-new PC. Although it is a universally recommended component, and you’d be remiss to get on the Internet without one, no antivirus protection is included with Windows 7. Spyware protection is present in the form of Windows Defender, but you must procure your own antivirus product.

If you buy Windows 7 on a new PC, the manufacturer may bundle antivirus software, improved firewalls, or some spyware solution besides Windows Defender. You can monitor these programs in Action Center as well.