Maximizing Windows 8 Security Features

Windows 8 provides system administrators with a number of new features designed to enhance the product’s security and streamline the end user’s security experience. 

The latest version of the operating system includes three core security enhancements: support for the Unified Extensible Firmware Interface (UEFI) secured boot process; major improvements to Windows Defender; and tight integration of reputation filtering with the operating system. Understanding these enhancements and how best to use them can significantly improve an organization’s security.

1. Protect the boot process with UEFI secure boot.

One of the most important new features in Windows 8 is support for the UEFI secured boot process through a new Windows technology dubbed Secure Boot. This new technology leverages the Trusted Platform Modules that have shipped in most professional-grade computing systems manufactured during the past five years.

Secure Boot protects computers against particularly insidious forms of malware that interfere with the boot process itself, injecting themselves deeply into the operating system as it loads from a disk. When the computer starts up, Secure Boot performs a cryptographic analysis of the operating system to detect the presence of malware. If undesired software is present, Secure Boot prevents the infection and automatically starts the Windows Recovery Console.

This new technology is not without its critics, however. Many in the open-source community fear that the use of UEFI technology will hinder the installation of alternative operating systems on hardware shipped with Windows preinstalled.  Keep an eye on this debate as you make hardware purchase decisions over the coming year.

2. Consider your antivirus strategy in light of Windows Defender.

Some of the biggest news about Windows 8 revolves around a little-used product from earlier versions of Windows. The Windows Defender product, previously designed to protect Windows systems against spyware, has received a significant upgrade to defend against all types of malicious code. 

Like earlier versions, this enhanced Windows Defender will be shipped as an included operating system component, which means there is no subscription fee for updates. It will also be enabled by default, allowing the automatic protection of systems as received from the factory.

The news here will be the impact on McAfee, Symantec and other manufacturers that have built their businesses on providing antivirus software and maintenance contracts. It remains to be seen how the market will react to this free offering from Microsoft.  Security professionals should use the release of Windows Defender as an opportunity to re-examine their security software subscription agreements. 

3. Educate your users about SmartScreen.

If you use Internet Explorer, you’re likely already familiar with Microsoft’s SmartScreen technology. Born as an antiphishing filter, SmartScreen uses a reputation-based scoring database to warn users when they are about to visit a website of questionable origin.

SmartScreen sees two major enhancements with the release of Windows 8. First, it includes improvements designed to reduce the likelihood of false positive reports.  Microsoft’s initial testing of the tool indicates that the typical user should see a SmartScreen warning only once or twice per year. The warning itself is designed to stand out from typical error messages: It explains to the user that the program could pose a threat and offers the user the option of running the program anyway or of not running it.

The second major enhancement to SmartScreen is that it is now an operating system feature and is no longer specific to Internet Explorer. SmartScreen will verify all applications downloaded from the Internet, regardless of the browser used to retrieve the file. IT staff might want to use a Windows 8 upgrade as an opportunity to educate users about SmartScreen and ensure that they understand the impact of clicking “Run Anyway.”

The new security features in Windows 8 are bound to shake up the marketplace. In addition to providing users and administrators with stronger tools in the fight against malware and phishing attacks, Windows 8 introduces technology that is bound to alter the competitive landscape for security products.