Windows Security — Complete Guide for UK Home Users
Windows is the most widely used operating system in the UK — and the most widely targeted by criminals. The good news: Windows 10 and 11 include powerful built-in security tools that most people never switch on. This guide walks you through every key setting, step by step, using only free tools already on your computer.
Why this matters
Outdated software and disabled security features are the entry points in the majority of real-world UK incidents. Both are free to fix and take under an hour to address.
Step 1 — Enable Windows Security (Windows Defender)
Windows 11 and Windows 10 include a full antivirus and threat protection suite called Windows Security — built in, free, and maintained by Microsoft. If you have not installed third-party antivirus, it is active by default.
How to do it
- 1Press the Windows key and type Windows Security
- 2Open the app — all sections should show green tick marks
- 3If any section shows a yellow or red warning, click it and follow the on-screen instructions
- 4Run a Quick Scan now from Virus & Threat Protection if you have never done so
Step 2 — Turn On Automatic Updates
Software updates fix the security weaknesses criminals exploit. An unpatched vulnerability is an open door. The UK government's Cyber Essentials framework lists patch management as one of five core controls.
How to do it
- 1Open Settings → Windows Update
- 2Click Check for updates — install anything pending now
- 3Click Advanced options
- 4Toggle Automatic updates to On
- 5Also enable Receive updates for other Microsoft products
Step 3 — Enable the Windows Firewall
The Windows Firewall monitors traffic in and out of your PC and blocks unauthorised connections. It is on by default but can be accidentally disabled by software installers.
How to do it
- 1Open Windows Security → Firewall & network protection
- 2All three network types (Domain, Private, Public) should show as On
- 3If any are off, click and enable them
Step 4 — Set a Password-Protected Screen Lock
Set your screen to lock after 5–10 minutes of inactivity. This protects you if someone has physical access to your computer.
How to do it
- 1Open Settings → Accounts → Sign-in options
- 2Set up Windows Hello (fingerprint, face, or PIN) for quick secure login
- 3Under Additional settings, set Require sign-in to When PC wakes from sleep
- 4Press Win + L any time you step away from your desk
Step 5 — Enable Device Encryption (BitLocker)
BitLocker encrypts your hard drive so stolen devices cannot be read without your password. Available on Windows 10/11 Pro. On Windows Home, check Device Encryption under Settings → Privacy & Security.
How to do it
- 1Open Settings → Privacy & Security → Device encryption
- 2If the toggle is off, turn it on
- 3For Pro editions: search for BitLocker in the Start menu to access full controls
Get your free personalised cybersecurity plan
Answer a few quick questions and we'll build a step-by-step plan tailored to your situation — no jargon, no credit card required.
Start for free →Related guides
Frequently asked questions
Do I need paid antivirus software on Windows?
For most home users, Windows Defender (built into Windows Security) is sufficient. Independent tests consistently rate it among the top antivirus products. Paid options add extras like VPNs, but the core protection is comparable.
Is Windows 10 safe to use?
Windows 10 receives security updates until October 2025. After that date, upgrading to Windows 11 (free if your hardware supports it) is strongly recommended, as unpatched systems are a significant security risk.
How do I know if my Windows PC has been hacked?
Common signs include: the PC running much slower than usual, programmes opening or closing by themselves, your contacts receiving messages you did not send, or unusual charges on linked payment accounts. Run a full Windows Security scan and check haveibeenpwned.com for your email address.