Is Windows Security (Microsoft Defender) Good Enough?
Do you need a paid Anti-Virus solution?
Is the built in free Windows Security (Microsoft Defender) good enough to protect your devices? It used to be that the protection built into Windows was pretty basic and the recommendation was always to go and buy another solution like Symantec, McAfee and others, but is that still the case?
These days Windows Security, according to many tech review sites receives a pretty high rating, often beating paid solutions in their testing in terms of how many pieces of malicious code it detects and stops as well as having a low number of false positives. Windows Security achieves this by downloading and comparing known malicious signatures against a virus database stored in Microsoft cloud and through the use of Heuristics.
Heuristics is essentially the analysis of program behaviour on your PC, heuristics is particularly helpful in combatting Zero Day exploits. Zero Day exploits are unknown exploits which have not yet been identified and therefore will not be in the virus database. If the security program detects unusual behaviour from a particular application it can take steps to block those harmful actions and alert the user.
One of the weaker points of Windows Security is that it is heavily dependant on Windows cloud services and in testing performed worse than many of the other paid solutions when the computer is offline, as you may be when on a plane for example. However, for most home users the built in and free Windows Security is most likely a sufficient level of protection without having to invest in paid solutions.
Is Microsoft Defender enough for businesses?
For businesses, even relatively small businesses, it’s usually a good idea to consider more comprehensive solutions which allow the business to centrally manage and protect a number of end point devices, whether they are on your network or remote. This is commonly known as End Point Security, which means protecting the user facing end points (laptops, desktops etc) these solutions provide the IT department with the ability to centrally manage the protection across all company devices.
EDR solutions also offer a broad range of useful additional services for businesses such as the ability to auto restore the BIOS in the event of an attack, deep examination of suspect files, sandboxing of suspect applications, remote management and ransomware protection for data. If you are running a business and don’t have one of these solutions we would highly recommend that you speak with your IT department or Managed Service Provider to look at the level of protection you need for your business and data.
If you need help or advice related to this topic please get in touch with us here