Windows 10 debuted a few days ago and you may have already installed it over the weekend. Early reviews are very promising. At the office, we love that it is easier and smoother to use, not to mention all the convenience it brings to device management.
But this convenience comes at a price: some experts have been raising a flag over privacy concerns. They have a reason to do so. Windows 10 will track the way you type, networks and devices you use, backs up almost everything on Microsoft servers – just to name a few features infringing your privacy.
But don’t worry, things aren’t as bad as they seem. There are a number of steps you can take to protect your privacy and deactivate most of the intrusive features.
Follow our recommendations to keep Windows 10 at bay. This list will help you set up all changes quickly. We also explain some of the trade-offs coming with a more privacy protective use of Windows 10. Decide for yourself where you draw the line, and decide how much convenience you’d like to sacrifice for your privacy.
Just about to upgrade to Windows 10? Make sure to start here.
It’s best if you are just about to upgrade: DO NOT select Express Settings while installing Windows 10, instead opt for Customized setup.
- Use only a local account. Windows 10 may suggest something different, but keep in mind: you don’t have to connect your local account with your online profile.
- A word about names: Those whose first name contains non-English characters and choose to connect online and local profiles may find themselves in trouble. This can cause incompatibility problems easily with programs that don’t handle non-English characters well.
Already on Windows 10? Take these actionable points for better privacy.
Microsoft collected the most important privacy settings under Privacy in Settings, so it’s easy to find them. We’ll guide you through the most important features to turn off tab by tab. Let’s get started. Start Settings: simply press the Windows button and type “Settings” into the search field.
- To disable personalized advertisements in Windows apps, turn off the <Let apps use my advertising ID for experiences across apps > option. This action will reset your ID to a blank one.
- By default Windows 10 tracks and logs statistics about your writing and uploads that to Microsoft servers. This may not sound harmful in itself, but if it gets exploited it may expose your password (which show up as patterns in your typing) and other sensitive info. Switch off <Send Microsoft info about how I write to help us improve typing and writing in the future >
Location, Camera, Microphone tabs
We also love our smartphones. But letting all apps access your location or photos sounds a bit too much. There are cases when it is essential for apps to access some of this data but we don’t recommend leaving all in as a default. Disable all under this tab. If you want to share your location information, camera image or microphone sound with any specific app in the future, you can always do that with a click.
This tip is especially important if you use Windows 10 on your mobile devices. We highly recommend disabling access to your text messages. Rogue apps can easily use this for reading your two-factor codes. These can be used to access banking information or your Tresorit account. You can easily turn it off by disabling <Let apps read or send messages (text or MMS)>.
Other devices tab
We recommend disabling the option for apps on your work devices to share and sync info with wireless devices automatically. You can opt in if needed with all appropriate devices manually. Just turn off <Let your apps automatically share and sync info with wireless devices that don’t explicitly pair with your PC, tablet, or phone>.
Feedback & diagnostics tab
While sending feedback to the developers of Windows 10 may be a good idea – they can find and fix issues faster – there are privacy trade-offs in the process. On one hand, the stricter setting you use the lower the chance of Microsoft fixes your issue. On the other hand, the more lax your setting, the easier it is to expose sensitive personal information.
- You can fully disable this feature by setting the <Windows should ask for my feedback> to <Never>. If you decide to keep on choose <Automatically>.
- The other option you should consider modifying is <Send your device data to Microsoft>.
- <Basic>: sends basic version and capability information from your device and will also include the list of installed apps. This information may not be sufficient for Microsoft to fix a unique problem, but it will give them insight into how frequent your problem is and they can prioritize fixing it.
- <Enhanced> sends more information from your computer and also reports cases when an app crashes. This might include personal information from the crashed app, like parts of an unsaved document.
- <Full> we do NOT recommend choosing this option, since it will send all available information, including memory content from crashed apps.
Windows 10 comes with a neat new feature called Wi-Fi Sense, which lets your PC automatically connect to Wi-Fi networks that your friends and acquaintances have previously connected to, even if you don’t know the network password. You should not be afraid of Wi-Fi Sense. By default, it will not share Wi-Fi passwords with anyone else. For every network you join, you’ll be asked if you want to share it with your friends/social networks.
However, we still recommend turning it off:
- It is a new protocol, which has not been tested by the security community.
- By enabling this, your WiFi password will be uploaded to Microsoft’s servers. Depending on Microsoft’s policies – which are not known at this point – it can be the safest or the most vulnerable place to store your password.
- It will also share your WiFi password with your contacts, so they can connect to your WiFi possibly without your specific permission. Microsoft says that Wi-Fi Sense only shares your passwords with direct friends/contacts, and not friends-of-friends. If you wish to keep it social, you can add some security by updating your connections.
Disable web search
If you don’t search for web results from your start menu, we recommend disabling web search. The feature sends your search queries to Microsoft, even in cases when you are searching for an email or locally stored document in your computer. You can disable it by turning off <Search online and include web results> under the <Settings> menu.
Although Cortana can help you in your everyday needs just like Apple Siri and Google Now does, we recommend disabling it for your work machine as it will collect information from multiple sources, probably scanning through all your business documents in the process.
+1 – BitLocker recovery key
Although not a new feature in Windows 10 (already available in Windows 8), this is still an important security setting worth highlighting. If you use BitLocker drive encryption, make sure to avoid the <Save to your Microsoft account> option under <How do you want to back up your recovery key?>. To create a backup, Microsoft will decrypt your hard drive (or give this right to 3rd parties).
When upgrading to Windows 10 at Tresorit, we strictly followed these guidelines. If you know of any privacy-infringing settings that we missed, let us know on Facebook, Twitter or LinkedIn!