Tactical Advice

Maximizing Windows 8 Security Features

Three core enhancements can improve security.
Maximizing Windows 8 Security Features

Windows 8 provides system administrators with a number of new features designed to enhance the product’s security and streamline the end user’s security experience. 

The latest version of the operating system includes three core security enhancements: support for the Unified Extensible Firmware Interface (UEFI) secured boot process; major improvements to Windows Defender; and tight integration of reputation filtering with the operating system. Understanding these enhancements and how best to use them can significantly improve an organization’s security.

1. Protect the boot process with UEFI secure boot.

One of the most important new features in Windows 8 is support for the UEFI secured boot process through a new Windows technology dubbed Secure Boot. This new technology leverages the Trusted Platform Modules that have shipped in most professional-grade computing systems manufactured during the past five years.

Secure Boot protects computers against particularly insidious forms of malware that interfere with the boot process itself, injecting themselves deeply into the operating system as it loads from a disk. When the computer starts up, Secure Boot performs a cryptographic analysis of the operating system to detect the presence of malware. If undesired software is present, Secure Boot prevents the infection and automatically starts the Windows Recovery Console.

This new technology is not without its critics, however. Many in the open-source community fear that the use of UEFI technology will hinder the installation of alternative operating systems on hardware shipped with Windows preinstalled.  Keep an eye on this debate as you make hardware purchase decisions over the coming year.

2. Consider your antivirus strategy in light of Windows Defender.

Some of the biggest news about Windows 8 revolves around a little-used product from earlier versions of Windows. The Windows Defender product, previously designed to protect Windows systems against spyware, has received a significant upgrade to defend against all types of malicious code. 

Like earlier versions, this enhanced Windows Defender will be shipped as an included operating system component, which means there is no subscription fee for updates. It will also be enabled by default, allowing the automatic protection of systems as received from the factory.

The news here will be the impact on McAfee, Symantec and other manufacturers that have built their businesses on providing antivirus software and maintenance contracts. It remains to be seen how the market will react to this free offering from Microsoft.  Security professionals should use the release of Windows Defender as an opportunity to re-examine their security software subscription agreements. 

3. Educate your users about SmartScreen.

If you use Internet Explorer, you’re likely already familiar with Microsoft’s SmartScreen technology. Born as an antiphishing filter, SmartScreen uses a reputation-based scoring database to warn users when they are about to visit a website of questionable origin.

Friday, October 26, 2012

Date of Windows 8 general release

SmartScreen sees two major enhancements with the release of Windows 8. First, it includes improvements designed to reduce the likelihood of false positive reports.  Microsoft’s initial testing of the tool indicates that the typical user should see a SmartScreen warning only once or twice per year. The warning itself is designed to stand out from typical error messages: It explains to the user that the program could pose a threat and offers the user the option of running the program anyway or of not running it.

The second major enhancement to SmartScreen is that it is now an operating system feature and is no longer specific to Internet Explorer. SmartScreen will verify all applications downloaded from the Internet, regardless of the browser used to retrieve the file. IT staff might want to use a Windows 8 upgrade as an opportunity to educate users about SmartScreen and ensure that they understand the impact of clicking “Run Anyway.”

The new security features in Windows 8 are bound to shake up the marketplace. In addition to providing users and administrators with stronger tools in the fight against malware and phishing attacks, Windows 8 introduces technology that is bound to alter the competitive landscape for security products.

Sign up for our e-newsletter

About the Author

Mike Chapple

Mike Chapple is an IT professional and assistant professor of computer applications at the University of Notre Dame. He is a frequent contributor to BizTech magazine, SearchSecurity and About.com as well as the author of over a dozen books including the CISSP Study Guide, Information Security Illuminated and SQL Server 2008 for Dummies.

Security

Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.