As the arms race between hackers and IT security rages on, Windows 10 built-in security features provide options to protect end users and their organizations from cyberattacks.
It's only natural for some people to be skeptical when Microsoft claims Windows 10 is the most secure OS yet, but the company has delivered some notable Windows 10 security features that should make a difference. Microsoft started by ramping up the hardware requirements for the OS itself, ensuring that users don't have vulnerable devices with old disk drives and processors.
Some security options are only useful in certain situations, such as Windows 10 S, a stripped-down version of the OS that limits app choices to amplify security. Windows 10 S is most appropriate for endpoints that only perform data entry.
Other Windows 10 built-in security features are essential for any organization, such as Windows Defender's add-ons and Microsoft's Security Compliance Toolkit.
Windows Defender ATP
The basic Windows Defender tool protects against spyware, viruses and other malicious software.
Windows Defender Advanced Threat Protection (ATP), a monitoring and analysis service add-on, raises the bar by providing additional features, such as cloud-based security analysis, machine learning and behavioral sensors. These Windows 10 built-in security features collect more information by linking security event information from different endpoints. They then analyze this information to improve security for Windows 10.
With centralized management and detailed machine timelines, as well as file and browser access histories, Windows Defender ATP collects more security data to inform IT pros' decision-making. It also includes a simple management interface that enables IT to implement any necessary changes.
Further, every breach is a lesson with Windows Defender ATP because IT can submit suspect files that may have caused an attack to Microsoft's threat intelligence team for further analysis.
Windows Defender ATP can reduce the number of data breaches by 40% and lead to quicker threat recognition and reaction times, according to Microsoft and the results of a study by Forrester Research. This tool can help IT spend less time on security and breach management, which can result in potential cost savings.
Windows Defender Exploit Guard and Application Guard
Other add-ons for Windows Defender include Exploit Guard and Application Guard. These tools are less overarching than ATP, but they are still key Windows 10 built-in security features.
Exploit Guard. This set of host intrusion capabilities shrinks the attack surface for potential intrusions, regulates folder access to minimize the risk of a breach and protects networks from potential malware attacks. It comes in handy most often when handling non-Windows applications.
Exploit Guard is the heir apparent to the Enhanced Mitigation Experience Toolkit, a Windows security tool for legacy and third-party apps that reaches its end of life on July 31, 2018. IT pros can use Exploit Guard to generate event reports based on security breaches and update security preferences to prevent attacks from happening again.
Application Guard. This Edge browser-exclusive security feature isolates browsing sessions from potential threats, including external services and apps.
IT pros set browser preferences by whitelisting sites and networks they consider trustworthy. If a breach occurs through a user's browser, Application Guard contains the attack within the single end user's desktop session. This guarantees that the attack doesn't reach the company network or the end user's physical device.
Microsoft Security Compliance Toolkit
Microsoft's Security Compliance Toolkit is filled with Windows 10 built-in security features to enforce policies through testing, editing and storing security configurations. IT can prevent potential disasters by using Microsoft's recommended settings and standards, such as two-factor biometric authentication, requiring admin permission for third-party app downloads and keeping patches up to date.
IT can use company-wide Group Policy Objects (GPOs) to apply these standards across networks and prove to customers and business partners that an organization has competent security. The toolkit also enables IT pros to compare their current GPO management to Microsoft's recommendations for Windows 10 and apply the suggested baselines to improve security where necessary.