7 November 2012
Comments: 0

Going phishing? Windows 8 says no

Ahh phishing, we’re not talking about the get up early, sit on a boat in the hot sun all day kind, we mean the more harmful social engineering kind. While this isn’t new, it’s a big issue, one many users are well aware. They dread finding themselves victims of a malicious attack on their systems. There are many ways to protect against catching something malicious, one of which is upgrading to Windows 8.

Below are three common security issues faced by all networks and how Windows 8 combats them.

Spear phishing

Spear phishing is a form of social engineering conducted over email. If a hacker wants to access a system, they will often pose as a customer and either send an email with an attachment, or send this over an Instant Message. The attachment contains a virus or Trojan horse which then gives the hacker access to any system that the ‘attachment’ is downloaded onto.

The main way Windows 8 prevents this is through Windows Defender. This is a full antivirus and malware solution that is based on the Microsoft Security Essentials platform. If you aren’t currently working with a Managed Service Provider, or have decided to take on the migration in-house, Windows Defender can be a good device to protect you while you upgrade and before you implement other antivirus solutions, and is available on all versions of Windows 8.

Drive-by malware

One way to infect a network is to post a link to a website or file that contains malware. When a person clicks on the link, the malware is installed, often without the user knowing. To combat this, Windows 8 has two features: Smart Screen and Secure Boot.

Smart Screen has two functions. It scans URL links typed into a browser. When a URL is entered that’s known to contain malware, it blocks the user from accessing the website. While this isn’t a new feature, reports have noted that this is the best URL scanner among any modern browser. The other function of Smart Screen is to scan files that have been downloaded for malicious software.

Many users know there is a similar feature on Windows 7, which notifies you that a file has been downloaded from the Internet when you open it, and gives you choices on what to do with it. Smart Screen improves on this, and takes an active role in notifying you about the security of downloaded items. Smart Screen is available on all versions of Windows 8.

Secure Boot on the other hand works on a far more basic level. Developed for use on motherboards using Unified Extensible Firmware Interface, It works by validating the digital signature of all boot components to look for any tampering. If a disparity is found, Windows Recovery will start and attempt to fix the problem. This will help cut down on the number of Root kits.

Out-of-date devices connecting to network

One of the more common trends in the past couple of years is employees wanting to bring their own devices to work. While there are many benefits to this, a device that an employee brings in which isn’t up to date, or already infected, could pose a huge security risk. One way IT can manage this is through an approved list of programs that can be centrally managed.

Windows 8 allows this through a feature called Applocker. Applocker is an application control program that allows an administrator to create either a white or black list of apps users are allowed to download on a company controlled system. If you create a Bring Your Own Device policy where an employee can bring their own device, but have to connect through a virtualized desktop, managed by the company, this is a great way to ensure malicious apps and unapproved programs aren’t downloaded and that company security is maintained. Applocker is available on Windows 8 Enterprise.

These are just a few of the common security issues faced by companies, and how Windows 8 can protect a network or system from them. If you’re thinking of upgrading to Windows 8, please contact us.

Comments are closed.