Understanding the Role of Built-In Windows 8 Internet Security Protection

By

March 6, 2013SoftwareNo comments

One of the unique characteristics of Windows 8, compared to its predecessors, is the built-in internet security protection.  While there are a lot of features and functionality which contribute to this, there are two items of particular importance – Boot Time Protection and Windows Defender.  The key to truly protecting a Windows 8 device from ever-present internet security risks rests in understanding what their roles really are.

 

Boot Time Protection

 

The most talked about internet security feature of Windows 8 is the built-in boot time protection capabilities.  It is designed to overcome common vulnerabilities found in previous operating systems.  Previous operating systems allowed malware to insert itself during the boot sequence.  Boot time malware is one of the most difficult to internet security threats to control once it has infected a device.

 

3 Aspects of Boot Time Protection

 

Windows 8 uses three different capabilities to provide boot time protection against malware and other internet security threats.  The first is UEFI (Unified Extensible Firmware Interface).  Microsoft has required all logo-certified Windows 8 devices to utilize UEFI because it is the only way to fully support the secured boot environment created by Windows 8.  Another capability is an ELAM (Early Launch Anti-Malware) driver.  This feature verifies every boot driver during the initial system startup.

 

The final capability is Remote Attestation.  With this function, remote verification is used to ensure a device is not infected.  This ability is important from an internet security perspective because some malware stops devices from checking themselves for malware.

 

The Role of Windows Defender

 

The Windows Defender included with Windows 8 is notably improved over previous versions.  The big question users need to ask themselves is whether it should be considered a cure-all internet security solution.  Unfortunately, most internet security experts agree that Windows Defender shouldn’t be the sole layer of protection.

 

Native Windows 8 Firewall

 

Windows 8 includes two separate firewalls through Windows Defender.  The first is an incoming firewall which is active by default.  The problem is the outbound firewall is turned off by default.  This is because if both are active at the same time, users are constantly bombarded with unnecessary warnings.  A much better alternative is to use a firewall which provides a more synergistic solution which includes both inbound and outbound protection.

 

Windows Defender Virus Protection

 

Another benefit of using Windows 8 is Windows Defender includes anti-virus capabilities.  Unfortunately, it doesn’t stack up well against other commercial options.  Most internet security experts agree that the anti-virus technology included with Windows 8 is primarily there to protect people who otherwise wouldn’t to protect themselves.  To get more complete internet security protection, a 3rd party anti-virus solution such as VPNis likely to be much more effective.  3rd party vendors who focus solely on providing internet security tools consistently provide more up-to-date protection which is essential with the growing number of malicious code discovered on a daily basis.

 

Windows 8 offers more built-in internet security protection than any of its predecessors.  At the same time, it is important to understand what the role of this protection should play.  While the boot scan is often more than enough for the average user, it is beneficial to look elsewhere for more comprehensive anti-virus and anti-malware protection.