Pocketables is reviewing a different aspect of Windows 8 each week until the operating system’s public launch on October 26. Having just taken a look at the web browser, it’s time to take a look at security.
First off, let me say that I don’t claim to be a security expert. But with Windows 8, you don’t really need to be one. When combined with common sense, Windows 8’s new security enhancements are more than enough to keep you protected on a day-to-day basis.
The most obvious security enhancements are the new logon options. While you can still log in with your regular password, you now have the option of signing in with a four-digit PIN or a new picture password. Picture passwords are created by drawing a series of three lines, circles, or taps on a picture of your choice. Simply repeat this combination of gestures whenever you want to log in. While this isn’t too useful with a keyboard and mouse (although it is certainly do-able), it’s very handy on a touchscreen device.
Connecting your user profile to your Microsoft account adds an additional layer of security, allowing you to specify Trusted PCs, as well as add contact information and a security question for two-factor authentication. If you forget your password, you can even reset it from another Trusted PC. This, of course, is in addition to the other sync and cloud-based features that I’ll be taking a look at in the coming weeks.
For years, we’ve become accustomed to installing some sort of anti-virus (e.g. malware protection) software the second you get a new PC. But believe it or not, you don’t need to worry about this with Windows 8. That’s right, for the first time ever, a Microsoft OS now provides malware protection out of the box in the form of Windows Defender. Windows Defender has been around in one form or another since 2006, but the version included with Windows 8 is very different from its predecessors. Microsoft Security Essentials, the excellent “anti-annoying, anti-expensive, anti-virus program” has essentially been merged into Windows Defender, giving Windows 8 “real-time detection and protection.” Gone are the days of having to install a third-party AV solution. You can still choose to do so, of course – some offer additional but often unnecessary features – but the basics come included in the box.
Internet Explorer’s SmartScreen feature has also made the jump to Windows 8, lending the OS protection against social engineering attacks with “reputation-based technologies.” Best of all, SmartScreen, like the rest of Windows 8’s security measures, is unobtrusive. “We expect average users to see a SmartScreen prompt less than twice per year,” said Microsoft’s Jason Garms, “and when they do see it, it will signify a higher risk scenario.” This has certainly proved to be the case in my experience. Since installing the final version of Windows 8 over a month ago, I’ve only seen a SmartScreen warning once, and that was when I was attempting to install a relatively obscure piece of software.
Other security features include a new version of BitLocker with support for provisioning, encrypting only used disk space, standard user PIN and password changes, network unlock, and Encrypted Hard Drives; UEFI secure boot; a sandboxed app model; a new “peek” feature for looking at what you’ve typed into a password textbox; the ability to sync passwords for apps, websites, networks, and HomeGroup across devices; and much more. It’ll be interesting to see what the security experts have to say about the new password sync feature, in particular.
In short, Windows 8 is the most secure Microsoft OS to date, and it’s arguably one of the most secure operating systems of all time. This alone is reason enough to upgrade.
Next week: the Windows Desktop. For our full coverage, check out the Windows 8 review portal.