IT Security Battle: Is Microsoft All You Need?
The battle for IT security has been nearly three decades in the making. IT professionals from every industry face the challenges of security every day. As technology continues to evolve and hackers become more clever, companies are left to wonder if anyone will be able to solve the security problem. Microsoft believes they have the solution today.
Recently, Microsoft added more security features into the Windows OS. These new security measures have caused Microsoft officials to tell customers they don’t need third-party endpoint protection tools anymore. The following is a summation of an article from Redmond magazine which goes into the issue in greater detail. You can read the original article via the link at the bottom of the page.
This year will mark the 15th anniversary of the infamous Trustworthy Computing manifesto by Microsoft Founder and then-Chairman Bill Gates. In an e-mail to all Microsoft employees on Jan. 15, 2002, Gates issued his “call-to-action” that everyone needed to make, improving the security of the company’s products. Gates’ message, published by Wired magazine, introduced Trustworthy Computing.
At the time, Microsoft’s reputation for delivering secure software was abysmal and it was the company’s reputation in a big way. Gates decided to make it a key priority to fix, aware it was an ambitious undertaking.
“Our new design approaches need to dramatically reduce the number of such issues that come up in the software that Microsoft, its partners and its customers create. We need to make it automatic for customers to get the benefits of these fixes,” Gates told employees. “Eventually, our software should be so fundamentally secure that customers never even worry about it.” By all accounts, Microsoft has made groundbreaking improvements in its software.
The company published its Trustworthy Computing framework six months later, which in summary focused on what would become the Software Development Lifecycle where all developers would have the tools and methodologies to “make an-order-of-magnitude improvements” in the building of secure software, the policy of distributing regular updates — including the introduction of Windows Update and Software Update Services — and in early recovery capabilities to restore systems prior to an incident.
Widening Security Portfolio
To those who weren’t around at the time, it may seem incongruous that such basic functions didn’t exist prior to this. Marked advances in security oddly enough debuted in the otherwise-panned Windows Vista release in 2006 with significant improvements in every new release since. The release of Windows 10 in 2015 followed by last year’s “Anniversary Update” offered a doubling-down of security in a number of areas, including such features as Virtual-Based Security (VBS), Windows Information Protection, Credential Guard and Device Guard, Windows Defender Threat Analytics and, this year, the Windows Security Center that will add a management and reporting capability to the client OS, among many new and extended features.
The most controversial of new features came with Windows 8 and the release of Windows Defender, an antivirus tool bundled into the OS. By all accounts, including a recent public proclamation by Microsoft, Windows Defender was no match for the key antivirus and anti-malware solutions, for which there are many from the likes of AVG Technologies, BitTitan Inc., Kaspersky Lab, Sophos Ltd., Trend Micro Inc. and Intel Security Group, which will soon revert back to its McAfee Inc. brand when the CPU giant spins off its controlling interest in the company it acquired several years ago.
Microsoft: Kick Out Endpoint Software
In the most recent releases of Windows, Microsoft has made no bones about the fact that it intends to obviate the need for those third-party wares. In a session at the fall Ignite conference in Atlanta, Chris Hallum, senior product manager for Windows client security, said Windows Defender has improved to the point where customers don’t need additional antivirus and anti-malware software. Acknowledging it’s not the best, Hallum said it’s good enough and getting better.
“… start kicking out third-party antivirus because we have a great solution right now, and it’s going to be even better in the months to come.”
Chris Hallum, Senior Product Manager, Windows Client Security, Microsoft
“We are committed to be No. 1. I can’t promise we will be No. 1, but I can promise you we will be within one-tenth of a point, meaning we have gracefully comparable protection,” said Hallum. “This is something you should put on the roadmap, I want you to evaluate it, and I want you to start kicking out third-party antivirus because we have a great solution right now, and it’s going to be even better in the months to come.”
It wasn’t an idle remark. Microsoft consistently has made that point. At a recent briefing for customers and prospects, a security architect at the company made that same point and other officials have made similar pitches. Not surprisingly, Microsoft’s view on the matter has raised the ire of antivirus suppliers. Most are keeping their dissatisfaction close to the vest, but one who has spoken out is Eugene Kaspersky, founder of the antivirus supplier that bears his name, Kaspersky Lab.
Kaspersky has gone so far as to accuse Microsoft of anticompetitive practices, filing a claim with the EU’s European Commission and the Federal Antimonopoly Service in Russia, where the company is headquartered. “We think that Microsoft has been using its dominating position in the market of operating systems to create competitive advantages for its own product,” he wrote in a recent blog post. “The company is foisting its Defender on the user, which isn’t beneficial from the point of view of protection of a computer against cyberattacks. The company is also creating obstacles for companies to access the market, and infringes upon the interests of independent developers of security products.”
Microsoft has declined to comment on the claim but days before Kaspersky’s announcement, Rob Lefferts, the company’s director of program management for Windows Enterprise and Security, pointed to improvements to Windows Defender that were added to the recent Anniversary Update, particularly as it related to added detection capabilities.
“Windows Defender, which is enabled by default, can respond to new threats faster using improved cloud protection and automatic sample submission features to block malware at first sight,” Lefferts said in a blog post. “We’ve also improved Windows Defender’s behavioral heuristics to help determine if a file is performing ransomware-related activities, and then detect and take action more quickly.”
Also, new in the Windows 10 Anniversary Update is Windows Information Protection, which brings separation technology to address data leakage and is designed to work with the Azure Rights Management feature in the Enterprise Mobility Service.
Disputing Windows Defender “Hype”
Most providers of antivirus software haven’t complained about Microsoft’s increased emphasis on Windows Defender, though most scoff at the idea. “To some degree, it may sound harsh, but there’s a little bit of arrogance in their claims and I think it’s a little bit of living in an echo chamber,” says Dan Schiappa, senior VP and general manager of end user and network security business at Sophos. “They get in their bold little worlds and start to believe their own hype.”
While the security battle is a hot topic right now and has been for the past 15 years, Microsoft continues to make strides in updating their systems and securing their products. The new security features in the latest Windows OS appear to be another step in the right direction. While the security battle has no end in sight, Microsoft’s efforts to continually wage war against hackers and protect its customer’s bode well for the future of security.
Today there is no be-all-end-all system that is 100% secure. That being said, Microsoft continues its 15 year journey to one day see the infamous Trustworthy Computing manifesto come to fruition.
Read the full article from Redmond Magazine here.