Avoid Windows 8.1 Security "Trap"

People are still worried about Windows 8. Initially, the user's negative reaction to the operating system focused on the start screen and the touch interface, which users typically rely on third-party tools. So, is it safe enough to upgrade to Windows 8.1? Is the benefit greater than the potential user bounce? Can the upgrade really achieve enterprise desktop risk management? When it comes to Windows 8.1 security, here are some security that you need to pay attention to (avoid) Assumption.
It is best to install the latest security updates for the latest version. We live and work in an expedient society. It is human nature to ask for the latest and the best. Sometimes this is a wise move, but sometimes it is unnecessary. If you upgrade to Windows 8.1, you definitely have the latest and greatest technology and updates, but that doesn't mean desktop security will improve. In theory, you can create a well-managed Windows XP environment that is more secure than the Windows 8.1 environment.
Improved BitLocker ensures that my information is safe. As early as Windows Vista and Windows 7, I didn't like BitLocker. However, starting with Windows 8, Microsoft has improved its full disk encryption technology several times, such as preventing data from being written to BitLocker-protected drives, enhancing user management of their PINs and passwords, and deploying pre-boot identity for unattended patches. verification.
However, I found that although you can have all the encryption in the world, it is at most a system that uses a weak password to save the screen saver timeout, which is not enough to match the full disk encryption.
The malware protection of Windows 8.1 is undoubtedly a means to ensure endpoint security. The integrated Windows Defender and SmartScreen technologies protect the operating system from targeted attacks. However, they do not protect the desktop from the huge threats of third-party software such as Java, Adobe Reader, and so on.
In fact, a recent study found that 76% of vulnerabilities are not Microsoft issues, but related to applications and data running on the OS. I can hardly imagine that this unbalanced desktop vulnerability can change very quickly.
Group Policy Objects (GPOs) now provide the required desktop monitoring and other features for Windows 8.1 management. Microsoft's Windows 8 and Windows Server 2012 have made tremendous progress in this area. But GPOs are not omnipotent. Because there is no one-to-one relationship between strategy and risk.
Windows 8.1 has many other potential "traps" —— really, any version of Windows—— security risks include data leaks, careless user behavior, fragile network sharing, and more.
If you want to keep Windows 8.1 secure, you need to lower your expectations because you know that executives, auditors, compliance staff, and even security managers can't solve all the vulnerabilities in the organization. Of course, it can help, but the main responsibility is that desktop administrators and everyone using Windows 8.1 should understand desktop security and take it seriously.