How secure is Windows 8?

The latest addition to the Windows operating system family has been out for a while now, but is it secure enough for business users? Davey Winder investigates...

Windows 8 has been around long enough now for any small business considering the upgrade to know if it's a good fit for them.

However, there's one question that should always be at the forefront of any IT pro's mind when planning a move to the new operating system (OS) that, unfortunately, often isn't. And, that question is, just how secure is Windows 8?

Security assessment

Sarah Shields, executive director of consumer and small Business at Microsoft OEM partner Dell UK & Ireland, said Windows 8's new features should make the product more secure than previous versions of the OS.

Advertisement - Article continues below
Advertisement - Article continues below

A number of internal features in Windows 8 security have been improved.

The new Refresh' application that restores Windows in minutes, but will keep all personal data and vital setting secure is one of the new security features that Shields rates.

She also told IT Pro that Windows 8 should "automatically improve" network connectivity for users.

"It will give employees enhanced mobile broadband when working away from a PC with the benefit of the system checking across the available Wi-Fi connections and automatically connect the user to the one providing the best bandwidth," she claimed.

Mark Austin, chief technology officer of Windows security software firm Avecto, said he is a fan of the new Trusted Boot' feature on Windows 8, which protects a PC's booting up process from malware attacks.

"As malware gets more sophisticated, rootkits have become more prevalent, as they can bury themselves deep in the operating system and cloak themselves from detection, often hijacking the boot process itself by overwriting the master boot record," Austin explained.

Advertisement - Article continues below
The hardware view

Joseph Souren, vice president of hardware security vendor Wave Systems, is a self-confessed fan of Windows 8 security.

"Windows 8 represents a powerful endorsement of open industry standard for hardware embedded security," he said.

"It comes in response to a constantly evolving cyber landscape, epitomised by the threat of sophisticated boot sector viruses, compliance with data protection laws, an increasingly mobile workforce and porous network perimeters.

"The new OS also brings fresh capability for the management of virtual smart cards and DirectAccess, allowing enterprise users to establish their identity using the machine as a token-for-network logon, negating the need for tens of passwords which fail to live up to the current threats we face," he added.

The Trusted Boot technology comprises three components UEFI Secured Boot, Early-launch Anti-Malware (ELAM) and Measured Boot that ensure that Windows only boots up if it is free from rootkits and other malware, Austin explained.

"It does this by only allowing trusted software to execute during the boot process and ensuring that anti-malware software loads much earlier [and] before other components and drivers," he said.

"The boot process is also validated through measurements, which are stored on the TPM chip."

Advertisement - Article continues below

Wolfgang Kandek, chief technical officer at IT security vendor Qualys, also flagged up the changes Microsoft has made to Windows Defender.

"Defender is now more comprehensive and the formerly separate Microsoft product, Security Essentials, an anti-virus package, has been integrated," he said.

Advertisement - Article continues below

"This package is included on Windows 8 by default, offering a more secure solution out of the box for end-users and SMB organisations."

However, firms that need management capabilities, such as reports on machine update statuses and alerts about neutralised malware will need to procure an enterprise malware solution, advised Kandek.

"A number of internal features in Windows 8 security have been improved. Its memory management has added randomisation, making the writing of exploit code harder," he added.

"There are also the new Windows Runtime (RT) applications that will benefit from a default Sandboxing technology, providing another layer of security against exploits by attackers."

And the downsides?

Avecto's Austin contradicts Kandek by citing the inclusion of the enhanced version of Windows Defender as a potential downside.

Advertisement - Article continues below

"Although [it] is a positive step in some respects, it has the danger of giving organisations a false sense of security, as it shouldn't be relied upon to protect against malware threats," he said.

"The nature of malware attacks has changed and more sophisticated security technology and proactive measures are required to protect against these threats.

Advertisement - Article continues below

"It is important to always take a defence-in-depth strategy to security, and to not rely solely on the built-in features of the operating system," he warned.

Kandek also sounded a cautious note about how the newness of Windows 8 could leave users exposed to security risks, as businesses tend to opt for products that are mature, stable and well-supported.

"The radical change that Windows has undergone means that small businesses will be taking more of a plunge if they move to Windows 8," he said

"The architecture of Windows RT systems is completely different and will need different processes and tools to be secured."

Advertisement - Article continues below

He also claimed some of the new security capabilities that Windows 8 offers will require certified hardware, which means older units may be unable to support improvements.

Featured Resources

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

6 ways your business could suffer if you don’t backup Office 365

Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for good

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now

8 digital best practices for IT professionals

Don't leave anything to chance when going digital

Download now

Most Popular


How to use Chromecast without Wi-Fi

5 Feb 2020
cyber security

McAfee researchers trick Tesla autopilot with a strip of tape

21 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020

The top ten password-cracking techniques used by hackers

10 Feb 2020