« Previous 1 2 3 4
Endpoint Security for Windows 10
Well-Tempered Computer
Recommendations for Windows 10
The majority of successful attacks on systems with Windows 10 can already be detected or prevented with the on-board tools available in the operating system. To make it easier to configure the operating system appropriately, the German Federal Office for Information Security (BSI) recently published recommended actions for securing Windows systems: SiSyPHuS Win10: Study on System Integrity, Logging, Hardening, and Security-Relevant Functionality in Windows 10. [9] One focus in creating this was on ease of implementation and practical application. For this reason, the BSI makes the recommended configuration settings available for download as group policy objects that can be imported directly.
In the security analysis, BSI examines the security-critical functions of the operating system. The goal is to be able to evaluate the security and residual risks for using Windows 10, to identify framework conditions for secure use of the operating system, and to create practically applicable advice for hardening and secure use. The recommendations from SiSyPHuS are primarily aimed at federal and state authorities, as well as companies. However, technically savvy citizens can also implement the listed points, depending on the Windows 10 version they are using.
The recommendations, Group Policy objects (GPOs), and other partial results of the study that have already been published are available on the BSI website [9]. The BSI intends to publish further conclusions from other parts of the study successively. The analyses include components such as PowerShell, the application compatibility infrastructure, driver management, and PatchGuard. The subject of the study was Windows 10 Enterprise LTSC 2019, 64-bit, German-language version.
Conclusions
Microsoft has made an effort in Windows 10 to expand the list of new security features in addition to those already built-in and, as a result, has achieved a better level of protection than in older operating system versions. The semiannual updates and the ever-increasing integration with Azure Cloud make Windows 10 one of the most secure operating systems on the market. Unfortunately, many features require the use of the Enterprise version and cloud integration.
Infos
- Windows Update for Business: https://docs.microsoft.com/en-us/windows/deployment/update/waas-manage-updates-wufb
- Windows Hello: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0
- Defender Security Center: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center
- Defender for Endpoint: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide
- Defender Application Control: https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control
- Defender Credential Guard: https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard
- Defender Exploit Guard: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-exploit-protection?view=o365-worldwide
- Defender SmartScreen: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview
- BSI: SiSyPHuS project (in English): https://www.bsi.bund.de/EN/Topics/Cyber-Security/Recommendations/SiSyPHuS_Win10/SiSyPHuS_node.html
« Previous 1 2 3 4
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
New security features in Windows 10
With each version of Windows, Microsoft has expanded the built-in security functions. Windows 10 includes a number of new and interesting security features. -
Reducing your attack surface
Windows Defender Application Control protects systems against threats that traditional virus scanners and signature-based mechanisms cannot detect by restricting applications in the user context and reducing the code allowed in the system kernel. -
Reducing the Windows 10 attack surface
Windows attack surface reduction policies make significant progress in protecting your entire IT infrastructure. -
Six new security features for Windows Server 2022
Configure the Secured-core server components to reduce the attack surface of your system with minimal overhead. -
Protect Hyper-V with on-board resources
With the right settings and small tools, security in virtual environments can be increased significantly by tweaking the on-board tools.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
