Built-In Protection Systems In Windows 8
Protection is always important
Development of technologies has led to overall usage of the Internet and cloud services in different organizations; it also cased more broader use of personal devices by employees at work places in corporate networks and, as a result, a need for remote access to working resources. It is obvious that such tendencies of the market promote toughening of requirements for information security. Microsoft company offers own vision of safety issues, confidentiality and reliability.
Microsoft combined in Windows 8 two conception of usage.
The operating system is designed for devices of new generation. The system is the next development stage of Microsoft operating systems. The new version is not only a set of programs with a new interface, but it is also re-thinking idea for PC.
Start-up time of the system and work completion time are improvements in Windows 8, which undoubtedly are a great part of Windows 8 development. There is also improvement in productivity of multimedia.
The product is a new ideology embodied in traditional design, which has many innovations, even though there is exterior likeness with previous Windows 7. In general, Windows 8 leaves a positive impression. This operating system is developed for ordinary users, but keeping options available for professionals.
Special attention while creating the new operating system for home and business users of Windows 8 was paid to data security technologies. The new system is protected reliably, and it improves technologies providing safety both for users and for whole IT infrastructure of a company – all of these create a good base for successful business development.
We are going to look into new technologies with built-in protection means that designed in Microsoft Windows 8. Special focus is, in particular, on issues of information security while developing this operating system. Many options were built into the system, such as Secure Boot, Windows Defender, reputational filter Smart Screen, expanded opportunities of users’ identification and so on.
Safe loading by Secure Boot
The function of safe loading by Secure Boot on the base of UEFI in Windows 8 allows protecting a device in the process of system loading. It is an important condition of protection, since a number of harmful programs can try to be fixed in an operating system substituting its loading records. The option Secure Boot in Windows 8 prevents start-up of any code without a valid digital signature. In case if, after all, malicious programs will be able to interfere in the start-up process, Windows 8 automatically will detect them and execute rollback of actions. All of these acts are possible excluding physical access to a computer due to which keys can be physically changed.
Secure Boot has two modes: Setup and User.
The first mode serves for setting. Here you can replace Platform Key (PK), Key Exchange Keys (KEK), db and dbx. To start any signed efi file in User mode, it should be signed by the key which is in db, but not in dbx.
Secure Boot protects from bootkits, attacks such as Evil Maid and so on.
There are two pre-loaders for Linux that support Secure Boot: Shim and PRELoader. Both are almost similar except some details.
The advanced anti-virus program is also built into the new operating system. It works as an anti-virus tool protecting a computer from malware and other kinds of viruses. Defender is started automatically from the beginning of system performance. Besides, in new Windows speed-up of this anti-virus program, which receives updates every day, is improved.
Windows Defender is a basic anti-virus tool in Windows 8.
In contrast to the similar instrument in Windows XP, Vista and 7, Defender protects both from viruses, harmful programs and spyware. However, the program does not have some function such as a possibility to set time or CPU resource limitation used for planned scanning with the help of a graphical interface, fast start of scanning by a contextual menu, an icon in the field of the task bar and more.
Windows Defender uses Windows update service for downloading new virus signatures once per day. If the update process is failed, it is necessary to reset Windows updates. If you want to install an external anti-virus program, Windows Defender will be turned off, since there is no need to consume extra system resources while using few anti-virus solutions.
Expanded opportunities of identification and the storage passwords system
One more protection system became available when Windows 8 came out. Now users have a choice of variants for passwords’ implementation when log into the system – a PIN code out of four digitals and the “graphical password”. Having chosen the last option, a user will be able to use an image or a photo as a password, and create a certain sequence of touches to it. For example, it is possible to round a face on a picture, draw a line or create own object for unblocking. The function allows preventing unauthorized access to your system.
Moreover, the operating system provides a possibility to create virtual smart cards functioning on the base of Trusted Platform Module (TPM). Thus, a user can use a virtual card safely stored in TPM, if he is afraid of losing physical one. Remote users can also work with virtual smart cards using the Direct Access technology for safe connection to corporate networks.
With the built-in system of the centralized passwords’ storage (Credential Manager) users don’t need to memorize passwords for own accounts – login into the system is performed with the help of a single Microsoft account. Registration user’s data, before sending to Microsoft servers, is being encrypted and synchronized on all computers marked as “trusted”.
Differentiation of users’ rights and application rights
Access for users to apps and work with them are controlled by means of the AppLocker component allowing IT administrators to ensure safety with group policy and by doing so to prevent startup of potentially dangerous applications. Besides, all applications work separately from each other – each has a separate area which does not limit application functioning, but it isolates from other applications and a core. If a virus attacks an active application, other programs and the operating system are safe from that. The application has to undergo testing and certification by Microsoft, before putting this application in Windows Store. It gives a certain guarantee to users that all presented applications in the Store are safe.
The important aspect of providing security is a possibility to manage data access for the purpose of its protection against unauthorized use in case of loss or theft. The BitLocker technology helps to protect data stored on local devices; BitLocker To Go guards data stored on portable carriers. In Windows 8 speed of data encrypting with BitLocker has been increased significantly. The advanced technology does not encrypt an entire disk, but it encrypts only the space occupied on it. By doing so, this tool provides safety without notable interruption into user’s work. One needs to use a password, a PIN code or a smart card to unblock the disk with encrypted data.
Reputational filter Smart Screen
Reputational filter Smart Screen should be noted here as well when talking about security assurance which is observed strongly. It carries out a check of reputations for files and programs, detects and blocks unknown and potentially dangerous files, apps and archives on USB carriers, hard drives or downloaded from the Internet; and also it reflects attacks from phishing websites. At the first start of a loaded program, Smart Screen scans a list of known safe apps and in case of danger it shows a caution. The filter works with any user browser.
Technologies of past operating systems, providing protection against exploits (programs or codes that use vulnerabilities for attacks on a system), in Windows 8 were improved. 16 new technologies of counteraction to exploits were also added.
Technology Address Space Randomization (ASLR) prevents creation of correctly and steadily working exploits. Updated ASLR is spread on a bigger amount of internal structures of the operating system reflecting attacks directed on technology bypass in its previous versions.
Functions’ renewal of factory settings
In case of a need to clear computer settings, a user can use an expanded option for deletion of all data and reset Windows that will restore factory settings. All data and installed programs will be removed. The system keeps all reserve files. The “Personal computer restoration” function helps users, in case of detection of any malfunctions, to conduct return to a certain moment in the past, thus, having kept program data.
Windows To Go
Windows To Go (WTG) came out for those who lead mobile lifestyle and, thus, wish that Windows with traditional apps always stays close at hand. In fact, Windows To Go is a USB disk with OS and apps. Having loaded from it, you receive trusted and usual environment on any equipment, which is there, supporting Windows.
WTG is referred to corporate opportunities of Windows 8, in other words, it is oriented on usage, firstly, at companies. Scenarios of possible WTG usage:
1. Mobile workers. Workers who often move among branches of a company and need access to a corporate network, using own settings, documents and more, in every place. It is convenient to have a small hard drive or a flash drive, which may be a good solution, instead of a heavy laptop. After arrival an employee needs to connect a carrier to an appropriate computer.
2. Temporary workers working, for example, in the framework of any project. Such worker can have own laptop that does not meet security requirements of the network. It is advised to give him/her a prepared carrier with WTG, and after that this employee will be able to use WTG while working on a project.
3. Workers without fixed workplaces (or working in shifts) who need to have access to a corporate network in an office or from other places.
4. Work from home. A worker can load his personal computer with prepared WTG, if it is necessary, and get access to a corporate network and business apps.