Following the launch of Surface Pro in 2012, Microsoft released another version of the Surface recently. The Surface Pro 8 comes with an attractive package, and there’s barely a shortfall on security perks. Popularly dubbed as the most powerful pro, the advanced security features that come with it will leave a long-lasting impression.
This article explores the security features that Surface Pro features. Of course, this is an advancement from the previous version. However, most users are concerned if it’s effective enough to keep out malware; the short answer is yes it does. Read on to find out more…
What are the Security features in the latest Surface Pro?
Managing a device’s firmware has become more difficult now than ever. Recent attacks being launched at the device’s software create burdens for Microsoft engineers to keep packages like Surface safe.
This has created a need for constant updates and modifications to the existing security packages. Microsoft has been running a unified approach to device protection since 2015. Some of the security features of its surface pro are highlighted below:
Advanced security for windows
Hackers exploit vulnerabilities to stage an attack at any given time. Their favorite attack vector is an information depository such as memory. These kinds of attacks can cause your device to be completely taken over by bad actors, compromising your OS entirely. Microsoft designed Virtualization Based Security (VBS) to defend against attacks like this.
Hypervisor-protected code integrity (HVCI) was also designed to combat security situations like this as well. VBS employs the power of virtualization to offer users better protection against several kinds of malware. This is achieved when sensitive security operations are executed in sandboxed environments.
For VBS to work, hardware virtualization features build and isolate a certain part of the system’s memory. This part is usually different from the normal operating system. Windows can then use this secure virtual mode to initiate multiple solutions to security threats.
As a user, this feature solves some vulnerabilities in the OS, thereby protecting the memory from malicious users initiating suspicious processes and tasks.
HVCI, on the other hand, uses VBI to make sure code integrity policy is adhered to. Features like kernel-mode code integrity inspect every kernel-mode driver before their run time. This is done to prevent unsigned system files from loading into the memory.
An example of an unsigned file would be a file that was downloaded from an untrusted source that contains a trojan or other virus. Unsigned files aren’t verified by a trusted authority from third-parties like Microsoft or Adobe. A file that is unsigned basically means it hasn’t been audited or marked as safe, making it possibly dangerous.
Surface devices supporting VBS and HVCI include Surface Pro 8, Surface laptop studio, Surface Go 3. Others like Surface Laptop 4, Surface Pro 7+, and Surface Pro X use this security feature as well.
Malware Protection
To keep your device from attacks, the surface enables a secure boot. This way, a credible version of Windows is booting, and the firmware is verified and safe. Secure boot is used to authenticate that the components of the boot process like OS and drivers are validated through known signatures. This is important in preventing attacks from a malicious system, running malicious codes.
Once the OS has been certified as originating from Microsoft, the executable code is run. The goal of secure boot is to keep the OS as locked down as possible. Surface security features identify the code signature of all executables.
Codes that pass this scrutiny are loaded into the runtime. This method allows OS authors to verify by OS before running on the device.
DRTM protection
Surface devices that run on AMD processors also implement Secure Boot. Dynamic Root of Trust Measurement protects software from the initial power-on. What do DRTMs do? They control all CPUs, thereby verifying the authenticity of the system’s software.
If the CPU transitions into this safe state early enough, it confers an extra support layer against potential attacks when booting.
DRTM encryption is executed using Total System Memory Encryption (TSME). Once TSME is set up, only a system reset can clear it. New encryption requires the use of a new encryption key. The idea is to have encryption executed using the encryption key only once.
System management mode executes at the highest level. System management mode (SMM) execution uses hardware to restrict system properties that can be accessed, preventing malicious attacks.
Remote Device Management Control
This feature enables IT admins to manage surface devices without being in physical contact remotely. With Microsoft Endpoint Manager, an admin can remotely manage surface devices from the Azure cloud, providing users with fully configured devices. The wipe and retire features allow an admin to reprogram a stolen device for a new user.
This way, a fast response is initiated in theft cases. This allows you to remotely wipe all company data and reset Surface as a new device.
Do I need an Antivirus for My Surface Pro?
Surface Pro runs as a Windows built-in package. This means they come with the factory of the Windows defender. Many users maintain that the security package of Surface pro is not effective enough to keep out malware. Some others insist it is all you need to stay protected from attacks.
The truth, however, is, if you want to be protected optimally, you need an antivirus. This doesn’t mean Windows Surface Pro security is inefficient or invalid. Rather, it suggests that you may need to fortify your software with an antivirus to keep out a diverse kind of software attack.
This is because windows don’t update as often as it should to keep out threats. Also, its detection technology is not as sophisticated as that of most antiviruses. Nonetheless, the recent version features cloud-based malware detection. This makes real-time threat detection easier.
Even though Windows can handle certain kinds of malware. It is inefficient in detecting malware types like spyware and ransomware. Also, relying on its protection will only slow down your PC when trying to combat a threat. These are more reasons why you need an antivirus for your surface pro:
- Malware detection rate is unreliable without using third-party software
- Microsoft Defender database updates less periodical than third-party antivirus
- Their user interface isn’t easy to work with and offers few settings/configurations
- Provides minimal report on safety situation of your system
Conclusion
The security features present in the latest version of Surface Pro can’t effectively shield you from all kinds of malware. Relying on Defender alone, you’re also at risk of missing a piece of sneaky malware lurking on your system.
It is highly advised that you implement the service of a good antivirus tool today to compliment the security features that come with the Surface Pro. There are a lot of free options like Avira, F-Secure, and Malwarebytes. This is the most reliable way of staying safe from dangerous kinds of malware.
