Windows 7 End of Support will officially end on January 14, 2020, and this very popular operating system will no longer get updates. Microsoft will not roll out any security or feature updates for the decade-old operating system. Microsoft has been asking Windows 7 users to upgrade. But if you want to keep using Windows 7, then this post is just for you. There can be many reasons why you would want to stay, which also means the OS is now open any security vulnerability. The lingering threat on an old unprotected OS is now even more significant today, especially with Ransomware in the picture. In this post, we will suggest the steps you can take to protect and secure Windows 7 after End of Support.
How many users are still using Windows 7?
Windows 7 users still account for around 30%, and that’s a big chunk of users! It is going to be almost impossible for them to stay secure if they keep connecting to the internet. This figure tells us why Microsoft rolled out Windows 7 Extended Security Updates, as they do not want the business to say unguarded. After all, there are risks involved, in staying with Windows 7 after End Of Life!
Secure Windows 7 after End of Support
While we, would recommend upgrading to Windows 10, some home users or businesses may not want to invest in buying a new license, because it could result in a hardware upgrade. For many, its a software upgrade issue as well. It’s not going to be easy, but one day you will have to upgrade. Here are some steps which a Windows 7 user could take to minimize the risks and mitigate their potential security problems.
- Use a Standard User Account
- Subscribe for Extended Security Updates
- Use a good Total Internet Security software
- Switch to an alternative web browser
- Use alternative software instead of built-in software
- Keep your installed software up-to-date
- Use an additional On-demand antivirus scanner
- Harden Windows 7 security by tweaking it
- Take backups regularly religiously
- Use Strong Passwords
- Beware of what you download from the Internet and Email
- Enable Show file-extension
- Enable BitLocker
- Prescan before connecting a USB drive
- Use Secure DNS
- Use a VPN
- Take Windows 7 offline.
Let us take a look at this in detail.
1] Use a Standard User Account
Never use an Admin account. You should create & use a Standard User Account for your day-to-day use. In this scenario, malware may not be able to modify any system file, it will be a lot safer. If you need to change anything, switch to the admin account and make the changes. If you want to keep using the Admin account, raise the UAC bar to maximum. You can choose to “Always notify” for maximum security.
2] Subscribe for Security Updates
Microsoft is offering paid subscriptions for Enterprise users of Windows 7. Its called Windows 7 Extended Security Updates, where Microsoft will keep fixing security bugs for the next three years. The business will have to buy the package every year as it will keep getting expensive. However, if you are finally moving to Windows 10, and want to spend the next three years testing, and educate your employees, then its an excellent way to move ahead.
- Windows 7 Enterprise: It will cost you $25 per user for first, $50 for second and $100 for the third year
- Windows 7 Pro: The cost is double compared to Windows 7 Enterprise, i.e., $50, $100 and $200
The program is open for all users and not just business.
Another suitable option for Windows 7 users is to opt for Windows Virtual Desktop. Since you will have to upgrade your hardware in the future, you can switch to the cloud version. You will have to pay for per user, but it will also include free Windows 7 Extended Security Updates.
3] Use a good Total Internet Security software
Unlike Windows XP, Microsoft has promised to keep updating Virus signatures for Microsoft Security Essentials. It is a free antivirus solution from Microsoft. However, it may not be enough and so I would recommend you to buy a total security solution that is still offering support for Windows 7 users.
A Firewall can block threats that your antivirus may miss. Not only that, it can prevent hackers from breaking into your computer! Since Microsoft will stop updating Windows XP components, its firewall too, will remain unpatched. So it will be imperative that you install a good firewall too, apart from antivirus software. While you can always go in for some free AntiVirus software and a free Firewall software, I’d recommend that you install a free, but fully integrated Internet Security Suite, which could offer multi-layered protection. Kaspersky, BitDefender, Malwarebytes are some of the good paid options.
4] Use an additional On-demand antivirus scanner
There may be times of doubt, where you might want a second opinion. At such times you may use these on-demand antivirus scanners. In fact, make it a practice to use it once a week at least.
5] Harden Windows 7 security by tweaking it
You may also use our freeware portable UWT for Windows 7 to harden security settings.
XP-AntiSpy is a little utility that lets you disable some built-in features and harden Windows 7 security.
XPY is another such tool Do check them out and use one of them to disable features like Remote Desktop, etc, easily. They work on Windows 7.
6] Switch to an alternative web browser
You should consider using an alternative browser like Firefox or Chrome. It’s going to be tough as most of the browsers will stop support their browser support for Windows 7. You may download the browser, and it might work, but do not be surprised if updates stop coming someday.
7] Use alternative software instead of built-in software
Since Microsoft will not roll out updates for their software, it is a good idea that you start looking for an alternative. We already have a list for:
Here is a complete list of free Windows software that you can take a look at.
8] Keep your installed software up-to-date
A Software Update Checker will scan your computer for installed software. You will thus be protected from vulnerabilities in that software. Run their scans regularly and make sure that all your installed software is updated.
9] Take backups regularly religiously
If you are connected to the internet, be prepared to get locked out by a Ransomware or Virus, which takes over all your data. You should backup all the computer data, and you must do it every day. There are tons of backup software available which can take backup and restore for free. Windows 7 also offers an inbuilt Backup and Restore Tool, using which you can schedule a daily back to external storage.
I would also recommend you to backup all the drivers installed on Windows. OEMs will soon start removing all the Windows 7 drivers from their websites.
10] Use Strong Passwords
Again, if you are a single user, you might turn off the password on your user account so that you can save time. However, this can help others log in when you are not looking and steal your data. For securing Windows PC, strong passwords are a must – be it the user account or when logging on to the Internet. Do not forget to lock the computer when you intend to leave it for a while. Press Windows Key + L to lock your computer.
11] Beware of what you download from the Internet and Email
It is a general warning and something you should always take care about. Do not click on download attachments or click on any file which you are prompted to download without your concern.
While you can surely download attachments, you are expecting from friends, relatives & associates, but be very careful of the mail forwards which you may receive even from your friends. A small rule to remember in such scenarios: If in doubt – DONT!
12] Enable Show file-extension
We said that during Windows XP end of support, and we mean it now as well. It is always a good idea to keep the option to show file extensions turned on. When the extensions are visible, you will quickly notice if it is not a regular format like .doc, .pdf, .txt, etc. It will help you in seeing the real extensions of the files and thus make it a bit more difficult for malware to disguise itself and get on your computer.
13] Enable BitLocker
If you have never used it before, its time to use it now. Bitlocker can encrypt drive partitions or the whole drive, including boot drive. It will generate a key which you will need to unlock data from it. So make sure it is noted somewhere.
14] Prescan before connecting a USB drive
An infected USB can infect the computer. It’s a good idea to tighten up or restrict what USB drives can do when connected. I would recommend you to always first scan it with your antivirus software to make sure that it is clean of the latest threats and then access the files on it.
15] Use Secure DNS
It is an excellent idea to use OpenDNS or CloudFlare to prevent your computer from visiting bad malicious websites. You can easily change DNS or block adult websites. These DNS will also automatically block sites that can serve SPAM and Viruses.
16] Use VPN
Use a good VPN to stay invisible on the net.
17] Take Windows 7 offline
If you want to keep the system running and you have no plans to connect to the internet, keep it offline. Do not connect to the internet. If you want to update anything, download it from some other computer, scan it, and then connect to Windows 7 to install it.
We hope these tips help you to secure Windows 7 after the end of the support. If there is something else you do, please share it here for the benefit of others.