« Previous 1 2 3 4
Endpoint Security for Windows 10
Well-Tempered Computer
Recommendations for Windows 10
The majority of successful attacks on systems with Windows 10 can already be detected or prevented with the on-board tools available in the operating system. To make it easier to configure the operating system appropriately, the German Federal Office for Information Security (BSI) recently published recommended actions for securing Windows systems: SiSyPHuS Win10: Study on System Integrity, Logging, Hardening, and Security-Relevant Functionality in Windows 10. [9] One focus in creating this was on ease of implementation and practical application. For this reason, the BSI makes the recommended configuration settings available for download as group policy objects that can be imported directly.
In the security analysis, BSI examines the security-critical functions of the operating system. The goal is to be able to evaluate the security and residual risks for using Windows 10, to identify framework conditions for secure use of the operating system, and to create practically applicable advice for hardening and secure use. The recommendations from SiSyPHuS are primarily aimed at federal and state authorities, as well as companies. However, technically savvy citizens can also implement the listed points, depending on the Windows 10 version they are using.
The recommendations, Group Policy objects (GPOs), and other partial results of the study that have already been published are available on the BSI website [9]. The BSI intends to publish further conclusions from other parts of the study successively. The analyses include components such as PowerShell, the application compatibility infrastructure, driver management, and PatchGuard. The subject of the study was Windows 10 Enterprise LTSC 2019, 64-bit, German-language version.
Conclusions
Microsoft has made an effort in Windows 10 to expand the list of new security features in addition to those already built-in and, as a result, has achieved a better level of protection than in older operating system versions. The semiannual updates and the ever-increasing integration with Azure Cloud make Windows 10 one of the most secure operating systems on the market. Unfortunately, many features require the use of the Enterprise version and cloud integration.
Infos
- Windows Update for Business: https://docs.microsoft.com/en-us/windows/deployment/update/waas-manage-updates-wufb
- Windows Hello: https://support.microsoft.com/en-us/windows/learn-about-windows-hello-and-set-it-up-dae28983-8242-bb2a-d3d1-87c9d265a5f0
- Defender Security Center: https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/windows-defender-security-center
- Defender for Endpoint: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide
- Defender Application Control: https://docs.microsoft.com/en-us/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control
- Defender Credential Guard: https://docs.microsoft.com/en-us/windows/security/identity-protection/credential-guard/credential-guard
- Defender Exploit Guard: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-exploit-protection?view=o365-worldwide
- Defender SmartScreen: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-smartscreen/microsoft-defender-smartscreen-overview
- BSI: SiSyPHuS project (in English): https://www.bsi.bund.de/EN/Topics/Cyber-Security/Recommendations/SiSyPHuS_Win10/SiSyPHuS_node.html
« Previous 1 2 3 4
Buy this article as PDF
(incl. VAT)