Windows 10 drastically changed a lot of elements in a traditional Windows Operating System. Learning from the missteps of Windows 8, its features are sleek, robust, and fast.
It aims to replace the seven-year-old Windows 7.
Unlike Windows 7, which was meant to be an incremental upgrade to Windows Vista's shortcomings, Windows 10 took new steps and approach to the operating system.
It aims to be the overall operating system across different devices. Taking its cue from the goals of Ubuntu a few years back, Windows 10 wants to unify its user experience.
While the features and user interface sure catches one's attention, Microsoft highlighted Windows 10's security improvements from its predecessors. The rapid evolution of malware in recent years have made it a significant concern, not only to IT professionals but home users as well. The shocking effects of WannaCry is still a hot topic these days.
Along with the discussion of malware threats comes the concern of protection. Inevitably, Windows 10 was put under the spotlight especially its capability to protect computers and data from the ever-evolving cyber security attacks.
Windows 10 Security
Most concerns, especially from cybersecurity experts, focus on the ability of Windows 10 to protect itself from malware. Its claim that the security is better than Windows 7 further intensifies the debate on whether it can deliver its promise.
Windows 10 did introduce a couple of new applications developed to focus on the operating systems' security. One example is Windows Hello, which is Microsoft's attempt to password-less login. Machines running Windows Hello allows login using fingerprints or face recognition.
Microsoft introduces it with the release of Surface Pro 4 and Surface Book. PCs which can recognize fingerprints can also use the application. Devices that can recognize faces will be available in the future.
Another security measure introduced in Windows 10 is Virtualization-based security (VBS). It creates an isolated and restricted subsystem to protect and operate sensitive parts of the operating system. That means VBS protects the core components of your operating system from attackers.
Integrated into Device Guard, it aims to block zero-day attacks. It tags suspicious programs before it can even run on your machine. It determines which applications and scripts will be allowed to execute.
Microsoft also promised more updates and patches. Windows 10 provides security patches even outside "Patch Tuesday." It means the operating system gets a security update as needed, which is truly valuable especially in combating zero-day attacks.
Windows Defender is front-and-center when Microsoft released the security suite of Windows 10. It is one of Microsoft's selling point for the operating system. It functions as antivirus and anti-malware in one.
Along with Windows Defender Security Center, it puts all security tools in one place such as firewall, system monitoring, and parental control.
Windows Defender Application Guard and the Device Guard mentioned above protect Windows 10 PCs from attacks previously undetected in Windows 7. It ensures that websites not labeled as "trusted" are launched inside a "container," a virtual environment separated from the rest of the machine.
It is well-integrated into the operating system. That means no installation is needed and it works out-of-the-box. It also has an intuitive interface which makes it easy for any users to run scans and enable other protection services.
Window 10's security is not without criticisms. Subsequently, Windows Defender is also scrutinized, revealing significant weaknesses. While taking note and integrating effective solutions from its predecessors, the introduction of new programs and applications makes users uncertain about its effectiveness in protecting their machines.
The advanced protection also only works efficiently with native Windows applications. Third-party applications, especially browsers, can still be vulnerable to attacks. Real-time protection is available, but it depends heavily on the consistency of the updates.
Will Dormann of CERT Coordination Center at the Software Engineering Institute pointed out that Windows 10 cannot provide better security because of the planned discontinuation of EMET. The Enhanced Mitigation Experience Toolkit (EMET) prevents exploitation of vulnerabilities in software.
While it is still available in Windows 7, Microsoft only integrated some parts of EMET to Windows 10. Microsoft announced that it would be discontinuing EMET after July 2018.
The unexpected WannaCry crisis caused massive, unprecedented havoc across the globe. It affected at least 100,000 computers according to Avast. The ransomware hit even government agencies, hospitals, and corporations.
It initially targeted Windows XP systems, but Windows 7 computers were also locked down. It took advantage of the exploit in the Windows operating system. The US National Security Agency develops the EternalBlue program, which was then believed to be stolen and leaked by hackers leading up to the WannaCry outbreak.
It also helped carry-out the NoPetya cyberattack in the middle of 2017. WannaCry targeted a Server Message Block (SMB) critical vulnerability patched by Microsoft last March 2017 with MS17-010.
Windows 10 computers were not affected by the attack. However, researchers at RiskSense are worried that a different version of EternalBlue can be used to infiltrate Windows 10. A newer, more potent version of WannaCry might be looming just around the corner.
Securing Windows 10
While Windows Defender and other relevant programs in Windows 10 provide essential security solutions, additional steps are necessary to protect your system completely.
The regular services offered by the antivirus and anti-malware still opens your computer to new and future variants of viruses and malware.
It is necessary to update and upgrade your system as soon as patches, and newer versions are released. This latest update does not guarantee immediate protection from frequent attacks, but it ensures your PC is less vulnerable. It is best to employ layered security using programs specializing in each protection layer.
The principles of layered security involve three elements: prevention, detection, and response. Typically used by system architects, you can apply the same philosophy in protecting your system.
A firewall is one of your first-line defense against attacks. Applications such as ZoneAlarm by Checkpoint adequately protect your connection. You should always practice some good browsing habits, but its real-time detection adds a layer of security.
Additionally, you have to schedule regular scans to catch any virus or malicious software lurking on your computer. Avira offers robust features and detection to remove unwanted applications from affecting your system.
Malware attacks are getting much more aggressive as well. MalwareFox provides you with zero-day attack protection by analyzing questionable files and disabling them. It also protects your from ransomware, such as WannaCry, by providing optimal real-time protection. MalwareFox blocks Ads, pop-ups, and toolbars as they are conventional malware sources.
Lastly, consider encrypting your data to avoid privacy breach during attacks. Windows 10 comes with BitLocker integrated for faster encryption. You can also use third-party software like AxCrypt which is one of the most user-friendly encryption application around.
No operating system is perfect. Hackers are always working hard to find vulnerabilities, especially on new ones like Windows 10. Microsoft equipped Windows 10 with security tools as primary protection. However, specialized applications are one-step ahead in cybersecurity.
Third-party security software often has frequent and faster patches and updates. Having simple protection using Windows Defender and advance layered security is the best way to reduce the risks of malware and other threats.