A feature that was previously only available as an optional add-on, Microsoft Security Essentials is now an integrated part of Windows Defender in Windows 8, providing free built-in antivirus protection in Windows for the first time. While that’s good news all round, especially for consumers, where does that leave businesses that require comprehensive endpoint protection?
Antivirus in Windows 8 is an effective solution for consumers that wouldn’t otherwise spend money on 3rd-party antivirus software, and will put Microsoft in a strong position in the tablet market, particularly as malware becomes more prevalent on Android and Apple platforms. Since I started using the Release Preview of Windows 8 a month ago, I’ve been impressed that not only is it more responsive than Windows 7, but Microsoft has achieved this engineering feat at the same time as adding real-time antivirus scanning, traditionally notorious for negatively affecting system performance.
Another nice touch is that antivirus definition updates are distributed by the same mechanism Windows uses for operating system upgrades and patches, Windows Update, which is a mature and reliable technology, so you can be sure to always have the latest protection - assuming you have Internet connectivity.
But the free antivirus in Windows 8 won’t go far enough for businesses that need insight and management capabilities across their systems. The scanning engine in Windows Defender is the same as that found in Microsoft’s Forefront products, but Defender lacks centralized management and reporting capabilities. As such, enterprises still need to look to 3rd-party solutions for deploying antivirus across endpoints and servers.
Today’s malware writers are more interested in accessing valuable data than distributing denial of service attacks that cause computers to enter an endless reboot cycle. In order to get to that information, no special operating system privileges are required; and if administrative rights are needed for malware to run, it’s more likely to end in a mission failure for the cyber criminals, thanks to technologies such as User Account Control (UAC) and products like Privilege Guard, which help enterprises run with standard user accounts.
As more businesses adopt least privilege on the desktop, hackers are changing their tactics to access sensitive data; so layered security on endpoints remains important. Enterprise solutions from Microsoft, McAfee, Avecto and others, provide additional defense with managed antivirus, device control and application allow listing. Despite the improved security in newer versions of Windows, 3rd-party solutions add value by giving enterprises the management and reporting tools they need, plus additional layers of security for a defense-in-depth strategy which reduces the risks associated with Web 2.0 and flexible computing practices, such as Bring Your Own Device (BYOD) and tablets.
Russell Smith, IT Consultant & Security MVP
Russell Smith specializes in the management and security of Microsoft-based IT systems. In addition to blogging about Windows and Active Directory for the Petri IT Knowledgebase, Russell is a Contributing Editor at CDW’s Biztech Magazine.
Russell has more than 15 years of experience in IT, has written a book on Windows security, co-authored one for Microsoft’s Official Academic Course (MOAC) series and has delivered several courses for Pluralsight.