Oct 18, 2019
Welcome Back!
Microsoft Windows has some built-in Anti-Malware. It is called Windows Defender. However, some cyber criminals found ways to defeat it and so now Microsoft has a new feature to prevent that from happening. Listen in to find out more and how it can help you.
For more tech tips, news, and updates visit - CraigPeterson.com
---
Related Articles:
New Tools Keep
CyberThieves From Disabling Your Cyber Protections
---
Automated Machine-Generated Transcript:
Craig
Craig Peterson here. Welcome back. We are live and of course, we
are live on WGAN. And I love it when you guys send me an email, I
got a few comments from our friends over listening on WGAN and some
more people who are online as well. I love hearing from you and you
can always just send me an email with a question etc me ME at Craig
peterson.com. So let's get into this. This is I think, very, very
good news for everybody who is using Microsoft or maybe those
people who are security people who are using Microsoft or who are
the support people they're supporting using Microsoft. Microsoft
has something called defender and they also have a firewall that's
built into Windows, there are a lot of misc and figuration frankly,
with the whole Windows Firewall and, and the way Microsoft turns on
services and has certain services loaded up and running all the
time, I have some major disagreements with Microsoft on that. And
that's what our hardening course is all about. But let's talk about
Microsoft defender. If you are going to do nothing else, at the
very least make sure you have Windows Defender turned on. And up to
date. Microsoft has taken some of the best techniques, the best
technologies to protect windows and combine them into this free
package that comes with the latest versions of Windows, the Windows
10 that has the best version of it. They've had this around the
action for a little while, but they keep improving it. And that
brings us to help net security article about the new feature that
Microsoft has added to Windows Defender. If, if you're like most
people, you know, you're just somebody who's become the de facto,
IT security specialist. Right? You're probably the de facto IT
person, right? You're the person that people go to when they have a
problem when they have a question, right? And so you got to figure
out who do you go to? What can you trust and that's man, that's
hard to do? Nowadays, you can search for any topic and see a
million videos online about it. So let me give you the bottom line
here. If you're going to do nothing else, turn on Windows Defender
and turn on automatic Windows updates. That'll get you about 80%
safe. So it's very, very good, right. If you want to get to 95 or
99.9% safe, there's a lot of other things you have to do and it can
get expensive. But those two things are the biggest things that you
can do. And you can do them easily you can do them quickly. Now,
Windows Defender and one of the drawbacks to it is that you could
make changes to the security settings, and potentially malware or
hackers could make changes to it. So one of the things Apple has
done for quite a while now is Apple has really tried to harden
their OS even further and prevent the ability to make changes to
all kinds of system-wide software like Catalina introduced some
serious serious protections and caused a lot of applications to
break. And that's been true in Microsoft's world as well. You can't
just run XP code anymore on Windows 10, which is frankly a good
thing. But what Microsoft Windows Defender has done now is it is
added tamper protection to Windows That is absolutely phenomenal.
Okay, very, very good. And when the features turned on and you
should turn it on, this prevents malware, from disabling the virus
and threat protection, real-time and cloud-delivered protection.
And it also stops viruses and malware from turning off behavior
monitoring or removing Security Intelligence updates. It's really
really important to make sure it is turned on because this could
save you big time. So here's a quote straight from Health Net
security and from Microsoft. I don't have a name this is from there
on Microsoft 365 Device Management Portal. tamper protection
essentially locks Microsoft defender and prevents your security
settings from being changed through apps and methods such as
configuring settings and Registry Editor on new Windows machine,
changing settings through power. Shell command lets editing or
removing security settings through group policies, and so on.
Obviously, it's something you should do now if you're running an
Active Directory, you can push some of these settings out to all of
the clients or new network, which I would suggest you do. home
users, by the way, will still be able to switch tamper protection
off by the Windows Security app. If you have admin permissions on
the computer, enterprise users will not be able to do that. There
are quite a few differences between the enterprise versions of
Windows and the home versions. The home versions don't have all of
the security settings even to begin with the enterprise versions
you can schedule when you want software updates to be installed.
The home versions you can't I got a call from a law firm who had a
deposition that was due in the court by 4 pm. And it was like 230
and their machine decided to do update And they could not override
it, because they were running the home edition of Windows not
knowing the difference, right? Again, another example of a managed
services provider not doing their client any good, which was
certainly the case here. Tamper protection can be available to
organizations that have Microsoft defender ATPE, five. Now, this
again gets complicated. We've had this happen before we go into a
company will do a security audit, we'll put together an action plan
for them. And we'll say okay, well, we advise you to subscribe to
this Microsoft service and we'll usually sell it to them. And there
are various levels or different levels of Microsoft service for the
basic office 365 or also for your windows licenses. There's a lot
of different services that are out there. So a TP five is a level
Microsoft has more than ten-thousand SKUs, if you can believe that
10,000 different products, so you have to really know what you're
doing when you're buying the Microsoft licenses. So we'll go into
an organization and will say, Okay, well, it's going to be this
much per month, per desktop. And people will ask their smart uncle,
hey, Uncle, you know, I'm been talking to this managed security
services provider. And they say it's going to cost this much per
machine per month, and those are
Microsoft Office and Windows only cost you five to $10 a month. What are they charging them for? Well, yeah, that's true. If you're getting the home version if you're not going to get any of the extra features. Yeah, that's very true. But it is not true if you want the professional version. So tamper protection, ATP five or higher, and only for endpoints that run the latest versions of Windows, which is Windows 10 1903. Which, by the way, is being dedicated, I think this week or next week. Alright, so there's a lot of stuff to understand. I know this is confusing. If you want help with any of this reach out to me, and my team will be glad to help you out and talk to you talk you through it. If you want my services to hire great. If not, that's fine, too. We are really here to help just email me and II at Craig Peterson calm because I understand this stuff is very, very complicated. So kudos to Microsoft for doing that. I think it's important, we need to understand that we need our systems to be safe. And that's one of the things that Windows Defender help so make sure you have that in place. Now another thing that I see very commonly when we're out in doing these assessments, these cyber health assessments or the security assessments and action plans Is that Moore's better? Have you got that, you know, basically, if, if I am going to run antivirus, and I bought Norton, let's say, and I got it at Staples, if I want better security, I'm going to get something else? So maybe you have Microsoft defender turned on. And then you also go out and you get bit defender and you get some anti-spyware software and you get Norton and you know what, it'd be even better, I'm sure if I went and got semantics software, or if I went and got you to know, you name it. There are a lot of them out there antivirus and anti-malware packages that don't tie together. Okay, so it's going to make your life more confusing, but potentially even worse than that. What is going to end up doing is it's going to have all of these pieces of anti-malware software anti-virus off We're competing with each other.
So we go out and we'll see that there are two or three different pieces of software out there. And they are fighting with each other. And they're complaining about each other because of it to all to each antivirus software package. The other antivirus software package looks like it's a virus because of what it can do, what it does do this signature that has onboard, etc, etc. So you see what, where I'm going here, you're much better off using a single end-to-end product that is going to keep you save this going to keep all of your systems safe. That's going to also alert you when something's going on. Because these point products that we're talking about my point product is like Microsoft defender, it runs on one computer it has one point of information, so it knows what it is seen. Now some of these pieces of software like When Microsoft defender does look in memory, others don't they only understand desk, etc, etc. But it's a point product, it's looking at one machine, versus what you need to be doing in this day and age where you're looking at all of the machines in concert. So you can see that there is an attack underway where the attack is coming from what kind of attack it is, where not only are the machines in your office working in concert, but they're tied into smart switches that can turn off the spread of ransomware. If someone brings ransomware into your office, right, because you don't want that to spread, you want to stop it right away. And one of the easiest ways to do that is if you have software that can turn that switch off automatically that port on the switch to shut off to isolate that machine that's trying to spread the ransomware or it's trying to spread a virus. And then beyond the switch. You have a smart next-generation firewall that's watching everything that's going on stopping things from getting in, watching the internal networks communicating with the switches communicating with the desktops, then going out even further. And all of these firewalls data are tied together. So we know right now China, North Korea, you name it is running an attack against us businesses in this way, watches forward and updates within seconds. That's what you want. You don't want all these point products fighting against each other to get complicated. Again, if you have any questions, just reach out to me at Craig Peterson calm and make sure you subscribe to my newsletter, Craig peterson.com slash subscribe. I'll keep you up to date on all the things you need to know. So stick around after the top of the hour will be back. We'll be talking about the Tor Browser. Is it the world's safest browser? What does it mean? What is it doing? All of that right here. So stick around. We'll be right back.
Transcribed by https://otter.ai
---
More stories and tech updates at:
Don't miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text:
855-385-5553