Contributor:
Russell Smith
July 20th, 2012

Defending Windows

A feature that was previously only available as an optional add-on, Microsoft Security Essentials is now an integrated part of Windows Defender in Windows 8, providing free built-in antivirus protection in Windows for the first time. While that’s good news all round, especially for consumers, where does that leave businesses that require comprehensive endpoint protection?

Antivirus in Windows 8 is an effective solution for consumers that wouldn’t otherwise spend money on 3rd-party antivirus software, and will put Microsoft in a strong position in the tablet market, particularly as malware becomes more prevalent on Android and Apple platforms. Since I started using the Release Preview of Windows 8 a month ago, I’ve been impressed that not only is it more responsive than Windows 7, but Microsoft has achieved this engineering feat at the same time as adding real-time antivirus scanning, traditionally notorious for negatively affecting system performance.

Another nice touch is that antivirus definition updates are distributed by the same mechanism Windows uses for operating system upgrades and patches, Windows Update, which is a mature and reliable technology, so you can be sure to always have the latest protection – assuming you have Internet connectivity.

Windows Defender in Windows 8

Simple antivirus protection in Windows 8

But the free antivirus in Windows 8 won’t go far enough for businesses that need insight and management capabilities across their systems. The scanning engine in Windows Defender is the same as that found in Microsoft’s Forefront products, but Defender lacks centralized management and reporting capabilities. As such, enterprises still need to look to 3rd-party solutions for deploying antivirus across endpoints and servers.

Today’s malware writers are more interested in accessing valuable data than distributing denial of service attacks that cause computers to enter an endless reboot cycle. In order to get to that information, no special operating system privileges are required; and if administrative rights are needed for malware to run, it’s more likely to end in a mission failure for the cyber criminals, thanks to technologies such as User Account Control (UAC) and products like Privilege Guard, which help enterprises run with standard user accounts.

As more businesses adopt least privilege on the desktop, hackers are changing their tactics to access sensitive data; so layered security on endpoints remains important. Enterprise solutions from Microsoft, McAfee, Avecto and others, provide additional defense with managed antivirus, device control and application whitelisting. Despite the improved security in newer versions of Windows, 3rd-party solutions add value by giving enterprises the management and reporting tools they need, plus additional layers of security for a defense-in-depth strategy which reduces the risks associated with Web 2.0 and flexible computing practices, such as Bring Your Own Device (BYOD) and tablets.

 

More from the Blog

Related technology and security insights

  • 28
    Jun
  • Story related

    NotPetya ransomware: Attack analysis

    On June 27, 2017 a number of organisations across Europe began reporting significant system outages caused by a ransomware strain referred to as Petya. The ransomware is very similar to older Petya ransomware attacks from previous years, but the infection ...