Online security advice can be extreme, confusing, and even scary for beginners. Many “experts” recommend overcomplicated setups that most users will never need. Let’s take a calm, practical look at what security measures are available for your PC, using a Dell Precision as an example, and how you can protect sensitive data without wasting time on unnecessary complexity.
1. BIOS Passwords on Dell Precision PCs
Many people don’t even know that their computer can have a BIOS password. On a Dell Precision (mine was purchased without Windows), this is easy to set up:
- Restart your PC and press F2 to enter the BIOS.
- Navigate to Security → Set Supervisor/Administrator Password.
- Create a strong password. This prevents unauthorized changes to BIOS settings.
- Optional: Set a Power-On Password to require authentication before booting.
Why it matters:
Dell BIOS includes intrusion detection. If someone tries to tamper with the PC or resets the BIOS, the event is logged. You can easily see if a reset occurred. It’s a solid measure if you’re concerned about someone physically accessing your machine.
2. Hard Drive (ATA) Passwords
You can also set a password for your internal hard drives:
- Go to BIOS → Security → Hard Drive Password.
- Set a strong password. The drive will refuse to boot without it.
Pros: Adds another layer of protection for offline, sensitive work.
Cons: If you forget the password, the drive is permanently locked. HD passwords can be inconvenient for everyday use, and for most users, they are overkill.
3. Practical Encryption for Everyday Use
For most of us, the threats are low. We mainly need to protect data from scammers, script kiddies, or accidental leaks. For this, I rely on GPG encryption and air-gapping:
- Store sensitive info like email passwords, web server credentials, and banking logins in GPG-encrypted text files.
- Keep them on external drives formatted as exFAT. This makes them readable on GhostBSD, Linux, Windows, and macOS.
- Air-gap your system if possible: install software, unplug the PC from the internet, and work offline.
This setup is reliable, portable, and practical. It protects what matters without locking you into a single operating system or creating unnecessary complexity.
4. Keeping Things in Perspective
- Absolute security doesn’t exist. Every computer has at least one hardware-level backdoor. LUKS, HD passwords, and BIOS protections cannot stop a determined state-level actor.
- Many online videos and articles exaggerate the risks. Don’t let that intimidate you. Focus on real, achievable protections for your workflow.
- Sometimes, a hard drive or BIOS password is useful. For example, before leaving your PC unattended or traveling. But once you return, entering passwords just to boot your system is often unnecessary.
5. My Approach to Practical Security
I trust GPG encryption and air-gapped storage for all my modest security needs. It’s enough to keep data safe from ordinary threats and provides peace of mind without constant hassle.
I follow the advice of General Sun Tzu: “Know your enemy and know yourself.” Once you understand the threats realistically, you can ignore extreme advice online and focus on measures that actually make sense for your situation.
Closing Thoughts
Security is about balance. Set BIOS or hard drive passwords if you feel the need, encrypt files with GPG, and consider air-gapping your PC for sensitive work. But don’t overcomplicate things. Protect what you need to protect, and understand the limits. Your brain is still the safest storage device of all.
Practical takeaway: Calm, proportional measures often outperform panic-driven setups. Work efficiently, stay informed, and only adopt extreme protections when your actual threat level justifies it.