0

Securing Windows 8 Devices

Introduction

As Windows operating systems improve their functionality and usability, security is still at the forefront of many organisations minds. It is imperative in todays environment to ensure that Windows devices are locked down to prevent cyber criminals from attacking, and compromising, devices that process and store sensitive material. This article looks at how to secure Windows 8 devices using controls contained within the operating system. We will look at multiple controls to result in a secure device to use in many environments.

Encryption

The device needs to have the capability to encrypt data in transit as well as data at rest on the device. This is achievable on Windows 8 devices through the built in VPN’s present on the OS. Three types of VPN exist on Windows 8 devices, namely IPSEC, L2TP and Direct Access. While IPSEC VPN’s do provide a level of assurance for data in transit, the strength of this encryption should be independently tested to ensure that it is sufficient for the needs, and threats to, organisations information assets. Data at rest is easily achieved via BitLocker, this should be utilised to ensure that data on the device is encrypted by default and only accessible via unlocking the device with strong authentication mechanisms.

It is recommended that the native IPSEC VPN is configured on the device to encrypt data in transit. BitLocker should be implemented securely to ensure that any data residing on the device is encrypted and only accessible via authentication from the user.

Authentication

Strong authentication mechanisms should be implemented as with any device. This can be gained by setting strong password policies including at least 9 characters with alphanumeric and special characters included. For organisations wishing to add further protection, two factor authentication can be implemented via tokens, ensuring that the user authenticates to the device with their credentials and holds a token on their person.

Windows 8 allows picture authentication, however, security holes have been found in the strength in this mechanism

Windows 8 allows picture authentication, however, security holes have been found in the strength of this mechanism

Application Whitelisting

Windows 8 devices provide the ability to configure application whitelisting. The organisation can specify what applications are expected to run on the device and any other applications are blocked by default. This should be implemented by the organisation to prevent malware execution on the end user device.

Secure Boot

Secure boot is a feature that is native to Windows 8 devices and allows organisations to ensure that the authenticate boot process is adhered to. This will prevent malware executing on boot and any change to the regular boot process will be alerted and prevented by the operating system. This feature should be enabled to prevent attacks to the device.

Monitoring

Windows 8 features the ability to collect event logs for further analysis. Windows Event Forwarding enables the device to forward events on to the enterprise monitoring services, if applicable. For example, devices can be configured to regularly forward events to a central monitoring system – the monitoring system can then analyse and alert critical events to identify malicious activity.

Conclusion

By implementing these controls, organisations and individuals can significantly reduce the chances of attack to their systems. By locking down the operating system and removing unnecessary services on the end user device, the attack surface is significantly reduced. Controls to encrypt data on the device and in transit reduces the risk of attackers sniffing traffic or accessing data on the device. Finally, effective monitoring ensures that any attackers that are able to access the device are identified quickly and responded to effectively.

Filed in: Articles, News Tags: , , , , , , , ,

Get Updates

Share This Post

Related Posts

Leave a Reply

Submit Comment

© 2017 Cyber Security News. All rights reserved.