Talking about the effectiveness, Microsoft Windows 10 is far more superior than the earlier versions. Windows 10 has introduced significant security enhancements in the form of features. It provides set of controls or warnings such as Windows Defender and SmartScreen filter that blocks potentially dangerous downloads. Windows 10 also enables hardware-based protection, which operates before Windows loads, and network-based security capabilities. Windows 10 also comes inclusive of identity features like biometric sensors and multifactor authentication.
In this Article, I present an overview of the multiple layers of security in Windows 10.
Hardware-based security in Windows 10
Key security features in Windows 10 take advantage of modern hardware designs which distinguish it from the older version of Windows.
- Unified Extensible Firmware Interface (UEFI)
PC BIOS has finally been replaced by UEFI, a firmware interface that takes over the functions traditionally performed by the BIOS. UEFI plays a critical role in providing security, offering Secure Boot capability and support for self-encrypted drives.
- Trusted Platform Module (TPM)
A TPM is a hardware chip that supports high-grade encryption and prevents tampering with or unauthorized export of certificates and encryption keys. The TPM can perform cryptographic operations and store keys for BitLocker volumes and virtual smartcards. It can also digitally sign data, using a private key that any third-party software can’t access.
Additionally, Windows 10 allows users to identify themselves using biometric information such as a fingerprint recognition, facial recognition or an iris scan.
Security of the boot process
The most aggressive forms of malware try to poke their nose during the boot process as early as possible, so that they can take control of the system early and prevent antimalware software from doing its job. This type of malicious code is called a rootkit (or bootkit). The best way to avoid having to deal with it is to secure the boot process so that it’s protected from the very start.
Major advantage of using Windows 10 taking ‘security in boot process’ in concern, is that it supports multiple layers of boot protection.
- Secure Boot
- Early Launch Antimalware (ELAM)
- Trusted Boot
- Measured Boot
These layers provide an additional layer of security to the system while it is booting.
Locking down Enterprise PC
Device Guard is a new feature that allows IT professionals to lock down a device so tightly, that it is incapable of running untrusted software, effectively neutering any attacker or exploit that works by convincing users to run a malicious program. In this configuration, which requires Windows 10 Enterprise edition, the only programs allowed to run are those that are trusted.
Windows 10 implements new services called Next Generation Credentials, bringing identity protection to a new level.
It also provides builds multifactor authentication into the operating system and device itself, eliminating the need for additional hardware security peripherals. Windows 10 also supports fingerprint readers for authentication.
SmartScreen filter protection
Windows 10 includes a feature name called: SmartScreen.
SmartScreen checks any executable file when it’s run. If the file is marked as being from an online source, a web service checks a hash of the file against Microsoft’s application reputation database. Files that have a positive reputation are marked as safe and can run. Files with a negative reputation that are presumed to be malicious are blocked.
When SmartScreen identifies a file that has not yet make a reputation, it blocks execution and displays a warning message.
Also read: How to set a PIN to your Windows 10 account
The above-mentioned features are amongst some features, that have been fully implemented in Windows 10 making it climb the ladder a bit more than the previous version.