Microsoft Windows has some built-in Anti-Malware. It is called Windows Defender. However, some cyber criminals found ways to defeat it and so now Microsoft has a new feature to prevent that from happening. Listen in to find out more and how it can help you.
For more tech tips, news, and updates visit – CraigPeterson.com
New Tools Keep CyberThieves From Disabling Your Cyber Protections
Automated Machine-Generated Transcript:
Craig Peterson here. Welcome back. We are live and of course, we are live on WGAN. And I love it when you guys send me an email, I got a few comments from our friends over listening on WGAN and some more people who are online as well. I love hearing from you and you can always just send me an email with a question etc me ME at Craig peterson.com. So let’s get into this. This is I think, very, very good news for everybody who is using Microsoft or maybe those people who are security people who are using Microsoft or who are the support people they’re supporting using Microsoft. Microsoft has something called defender and they also have a firewall that’s built into Windows, there are a lot of misc and figuration frankly, with the whole Windows Firewall and, and the way Microsoft turns on services and has certain services loaded up and running all the time, I have some major disagreements with Microsoft on that. And that’s what our hardening course is all about. But let’s talk about Microsoft defender. If you are going to do nothing else, at the very least make sure you have Windows Defender turned on. And up to date. Microsoft has taken some of the best techniques, the best technologies to protect windows and combine them into this free package that comes with the latest versions of Windows, the Windows 10 that has the best version of it. They’ve had this around the action for a little while, but they keep improving it. And that brings us to help net security article about the new feature that Microsoft has added to Windows Defender. If, if you’re like most people, you know, you’re just somebody who’s become the de facto, IT security specialist. Right? You’re probably the de facto IT person, right? You’re the person that people go to when they have a problem when they have a question, right? And so you got to figure out who do you go to? What can you trust and that’s man, that’s hard to do? Nowadays, you can search for any topic and see a million videos online about it. So let me give you the bottom line here. If you’re going to do nothing else, turn on Windows Defender and turn on automatic Windows updates. That’ll get you about 80% safe. So it’s very, very good, right. If you want to get to 95 or 99.9% safe, there’s a lot of other things you have to do and it can get expensive. But those two things are the biggest things that you can do. And you can do them easily you can do them quickly. Now, Windows Defender and one of the drawbacks to it is that you could make changes to the security settings, and potentially malware or hackers could make changes to it. So one of the things Apple has done for quite a while now is Apple has really tried to harden their OS even further and prevent the ability to make changes to all kinds of system-wide software like Catalina introduced some serious serious protections and caused a lot of applications to break. And that’s been true in Microsoft’s world as well. You can’t just run XP code anymore on Windows 10, which is frankly a good thing. But what Microsoft Windows Defender has done now is it is added tamper protection to Windows That is absolutely phenomenal. Okay, very, very good. And when the features turned on and you should turn it on, this prevents malware, from disabling the virus and threat protection, real-time and cloud-delivered protection. And it also stops viruses and malware from turning off behavior monitoring or removing Security Intelligence updates. It’s really really important to make sure it is turned on because this could save you big time. So here’s a quote straight from Health Net security and from Microsoft. I don’t have a name this is from there on Microsoft 365 Device Management Portal. tamper protection essentially locks Microsoft defender and prevents your security settings from being changed through apps and methods such as configuring settings and Registry Editor on new Windows machine, changing settings through power. Shell command lets editing or removing security settings through group policies, and so on. Obviously, it’s something you should do now if you’re running an Active Directory, you can push some of these settings out to all of the clients or new network, which I would suggest you do. home users, by the way, will still be able to switch tamper protection off by the Windows Security app. If you have admin permissions on the computer, enterprise users will not be able to do that. There are quite a few differences between the enterprise versions of Windows and the home versions. The home versions don’t have all of the security settings even to begin with the enterprise versions you can schedule when you want software updates to be installed. The home versions you can’t I got a call from a law firm who had a deposition that was due in the court by 4 pm. And it was like 230 and their machine decided to do update And they could not override it, because they were running the home edition of Windows not knowing the difference, right? Again, another example of a managed services provider not doing their client any good, which was certainly the case here. Tamper protection can be available to organizations that have Microsoft defender ATPE, five. Now, this again gets complicated. We’ve had this happen before we go into a company will do a security audit, we’ll put together an action plan for them. And we’ll say okay, well, we advise you to subscribe to this Microsoft service and we’ll usually sell it to them. And there are various levels or different levels of Microsoft service for the basic office 365 or also for your windows licenses. There’s a lot of different services that are out there. So a TP five is a level Microsoft has more than ten-thousand SKUs, if you can believe that 10,000 different products, so you have to really know what you’re doing when you’re buying the Microsoft licenses. So we’ll go into an organization and will say, Okay, well, it’s going to be this much per month, per desktop. And people will ask their smart uncle, hey, Uncle, you know, I’m been talking to this managed security services provider. And they say it’s going to cost this much per machine per month, and those are
Microsoft Office and Windows only cost you five to $10 a month. What are they charging them for? Well, yeah, that’s true. If you’re getting the home version if you’re not going to get any of the extra features. Yeah, that’s very true. But it is not true if you want the professional version. So tamper protection, ATP five or higher, and only for endpoints that run the latest versions of Windows, which is Windows 10 1903. Which, by the way, is being dedicated, I think this week or next week. Alright, so there’s a lot of stuff to understand. I know this is confusing. If you want help with any of this reach out to me, and my team will be glad to help you out and talk to you talk you through it. If you want my services to hire great. If not, that’s fine, too. We are really here to help just email me and II at Craig Peterson calm because I understand this stuff is very, very complicated. So kudos to Microsoft for doing that. I think it’s important, we need to understand that we need our systems to be safe. And that’s one of the things that Windows Defender help so make sure you have that in place. Now another thing that I see very commonly when we’re out in doing these assessments, these cyber health assessments or the security assessments and action plans Is that Moore’s better? Have you got that, you know, basically, if, if I am going to run antivirus, and I bought Norton, let’s say, and I got it at Staples, if I want better security, I’m going to get something else? So maybe you have Microsoft defender turned on. And then you also go out and you get bit defender and you get some anti-spyware software and you get Norton and you know what, it’d be even better, I’m sure if I went and got semantics software, or if I went and got you to know, you name it. There are a lot of them out there antivirus and anti-malware packages that don’t tie together. Okay, so it’s going to make your life more confusing, but potentially even worse than that. What is going to end up doing is it’s going to have all of these pieces of anti-malware software anti-virus off We’re competing with each other.
So we go out and we’ll see that there are two or three different pieces of software out there. And they are fighting with each other. And they’re complaining about each other because of it to all to each antivirus software package. The other antivirus software package looks like it’s a virus because of what it can do, what it does do this signature that has onboard, etc, etc. So you see what, where I’m going here, you’re much better off using a single end-to-end product that is going to keep you save this going to keep all of your systems safe. That’s going to also alert you when something’s going on. Because these point products that we’re talking about my point product is like Microsoft defender, it runs on one computer it has one point of information, so it knows what it is seen. Now some of these pieces of software like When Microsoft defender does look in memory, others don’t they only understand desk, etc, etc. But it’s a point product, it’s looking at one machine, versus what you need to be doing in this day and age where you’re looking at all of the machines in concert. So you can see that there is an attack underway where the attack is coming from what kind of attack it is, where not only are the machines in your office working in concert, but they’re tied into smart switches that can turn off the spread of ransomware. If someone brings ransomware into your office, right, because you don’t want that to spread, you want to stop it right away. And one of the easiest ways to do that is if you have software that can turn that switch off automatically that port on the switch to shut off to isolate that machine that’s trying to spread the ransomware or it’s trying to spread a virus. And then beyond the switch. You have a smart next-generation firewall that’s watching everything that’s going on stopping things from getting in, watching the internal networks communicating with the switches communicating with the desktops, then going out even further. And all of these firewalls data are tied together. So we know right now China, North Korea, you name it is running an attack against us businesses in this way, watches forward and updates within seconds. That’s what you want. You don’t want all these point products fighting against each other to get complicated. Again, if you have any questions, just reach out to me at Craig Peterson calm and make sure you subscribe to my newsletter, Craig peterson.com slash subscribe. I’ll keep you up to date on all the things you need to know. So stick around after the top of the hour will be back. We’ll be talking about the Tor Browser. Is it the world’s safest browser? What does it mean? What is it doing? All of that right here. So stick around. We’ll be right back.
Transcribed by https://otter.ai
More stories and tech updates at:
Don’t miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: