Attackers haven’t been slow to take advantage of the quick transition to hybrid work and the lack of business cybersecurity. As the globe acclimated to working outside the office, cybercriminals have increased their targeting, speed, and precision daily. According to Microsoft, more than 9.6 billion malware threats, more than 35.7 billion phishing and other malicious emails, and 25.6 billion attempts to hijack our enterprise customers by brute-forcing stolen passwords were all stopped in 2021 by protections built into Windows, Azure, Microsoft 365, and Microsoft Defender for Office 365. Here are some Windows 11 cybersecurity features you should consider using for your business’s data protection.
Microsoft Pluton
By storing sensitive data inside the chip itself, Microsoft Pluton is a new type of secure processor that hopes to revolutionise cyber security services. This method differs significantly from the current processor design, which typically requires the CPU to communicate with a separate trusted platform module (TPM), which is where sensitive data like encryption keys and key information are stored. Malicious actors have begun to target the TPM as cyber security risks have advanced, which has caused the number of potential attack paths to skyrocket. This communication route has been virtually eliminated in Pluton to solve this problem, and the sensitive data is now stored inside the chip.
Smart App Control
By preventing harmful or shady apps, Smart App Control significantly increases business cyber security against malware, including new and emerging threats. Smart App Control also aids in the blocking of potentially undesirable applications, which include programmes that can slow down your device, show unexpected advertisements, offer you more software you didn’t want, or carry out other unexpected actions. Smart App Control will determine if our clever cloud-powered security service can make a reliable prediction about the safety of an app before allowing it to operate on Windows. Smart App Control will permit the app to operate if the service determines it to be secure. Smart App Control will prohibit an app if it’s thought to be dangerous or possibly undesirable, ensuring maximum data protection.
Microsoft Defender SmartScreen
Microsoft Defender SmartScreen guards users against downloading potentially harmful files as well as phishing or malware-infected websites and programmes. It accomplishes this by analysing the URLs that have been viewed, looking for signs of unusual activity, and comparing them to a dynamic list of websites that have been reported to be phishing sites and harmful software sites.
By comparing downloaded files to a list of known dangerous websites and applications as well as a list of files that are well-known and often downloaded by Windows users, Microsoft Defender SmartScreen may also evaluate whether a downloaded app or app installation is possibly harmful.
Credential Guard
Windows 11 has hardware-backed, virtualization-based cyber security services to help shield computers against attack methods that leverage pass-the-hash or pass-the-ticket to steal credentials. Additionally, even when the process is operating with administrative rights, it aids in preventing malware from obtaining system secrets. Credential Guard will eventually be turned on by default for businesses running Windows 11 Enterprise.
Config Lock
Users are essentially protected from themselves by Config Lock since it prevents them from changing settings that they shouldn’t. To maintain compliance with rules and safeguard the OS by prohibiting users from altering settings and causing config drift, IT managers in business organisations enforce these policies on corporate devices. Users with local admin privileges can alter settings, which causes the device to go out of compliance with security standards. IT managers may avoid config drift and maintain the appropriate OS configuration with Windows 11’s config lock feature. With config lock, the OS keeps track of the registry keys that each feature uses to be configured, and when it notices a drift, it quickly returns to the IT-desired state.
If your business has moved to a hybrid work model recently and you are concerned for your business cybersecurity needs, feel free to speak to our team of IT security specialists today. At Otto IT we can evaluate, upgrade and monitor your data protection to prevent your business from becoming a victim of malware, stolen passwords, and a plethora of dangerous spam.