Windows 10 - Build 16232 - The Defender Build
On June 28, MS released Windows 10 Build 16232 to fast Ring Insiders.
I call this the Defender build due to focus on Windows Defender Application Guard and Security Center features. Along with about 15 fixes - that was the 16232 update.
The update installed across all platforms okay however I am still having to perform post install remove/reinstall of Cisco AnyConnect and then waiting for Conexant drivers to update and force another reboot on my laptop.
With the focus on security for this build - I'll make some comments on my attitude and approach to security.
My general approach with security is to strike a balance between usability and security. There's the old adage the most secure computer is one that is not connected to the network and powered off. And while this is very secure it's not very usable.
To me the first and most important step in maintaining a good security profile is to keep current with patches / updates and the OS in general. This is true for both compute and network components.
Many of the well known virus attacks over the years targeted vulnerabilities that were actually addressed by previous patches - that were not applied. So you need to have the discipline to regularly check and apply updates.
Next is maintaining a good data backup strategy and the ability to re-image a machine quickly and easily and recover. This most recent wave of encryption based "ransom ware" attacks in fact weren't focused on ransom at all but simply causing damage.
If you maintain good backups and have an OS image that will allow you to blow away your machine at anytime and then restore data - then you can minimize the risk of "loosing everything". And you don't need all kinds of 3rd part fancy backup software to do it. I use an MS utility known as RoboCopy and simply copy my entire data content to a another drive. You can also use cloud services from OneDrive to Box to whatever. But do something. The risk comes from having only one copy of your data.
Next turn off non essential services - especially remote access and remote support. Most network based attacks probe systems looking for IP ports that are listening to the outside world and then allow a connection when addressed. If you don't need or use them on a daily basis - turn them off.
Next a word on virus protection & security software. Over the years I've used many from Symantec, McAfee, Cisco, BitDefender as well as MS Defender and others. The challenge I have with most is the performance hit and app compatibility issues versus the level of protection. And while there are all these rankings on the effectiveness of one brand or another. I've used Defender for several years now and have not had any problems.
Finally a word on passwords. Pick a complex one - 10 - 12 characters or more than has nothing to do with you personally or family. Attackers look for easy targets - the harder you make it for an algorithm based attack to try and guess a password - they'll move on.
Many years ago when Bill Gates was still at the helm of MS - he drafted a letter known as "trusted computing". That mindset has been at the forefront of MS's approach security since. And while MS is not perfect in this space - they continually improve their security. And for me the current combination of Windows 10 and Defender with Cloud based security works.
I call this the Defender build due to focus on Windows Defender Application Guard and Security Center features. Along with about 15 fixes - that was the 16232 update.
The update installed across all platforms okay however I am still having to perform post install remove/reinstall of Cisco AnyConnect and then waiting for Conexant drivers to update and force another reboot on my laptop.
With the focus on security for this build - I'll make some comments on my attitude and approach to security.
My general approach with security is to strike a balance between usability and security. There's the old adage the most secure computer is one that is not connected to the network and powered off. And while this is very secure it's not very usable.
To me the first and most important step in maintaining a good security profile is to keep current with patches / updates and the OS in general. This is true for both compute and network components.
Many of the well known virus attacks over the years targeted vulnerabilities that were actually addressed by previous patches - that were not applied. So you need to have the discipline to regularly check and apply updates.
Next is maintaining a good data backup strategy and the ability to re-image a machine quickly and easily and recover. This most recent wave of encryption based "ransom ware" attacks in fact weren't focused on ransom at all but simply causing damage.
If you maintain good backups and have an OS image that will allow you to blow away your machine at anytime and then restore data - then you can minimize the risk of "loosing everything". And you don't need all kinds of 3rd part fancy backup software to do it. I use an MS utility known as RoboCopy and simply copy my entire data content to a another drive. You can also use cloud services from OneDrive to Box to whatever. But do something. The risk comes from having only one copy of your data.
Next turn off non essential services - especially remote access and remote support. Most network based attacks probe systems looking for IP ports that are listening to the outside world and then allow a connection when addressed. If you don't need or use them on a daily basis - turn them off.
Next a word on virus protection & security software. Over the years I've used many from Symantec, McAfee, Cisco, BitDefender as well as MS Defender and others. The challenge I have with most is the performance hit and app compatibility issues versus the level of protection. And while there are all these rankings on the effectiveness of one brand or another. I've used Defender for several years now and have not had any problems.
Finally a word on passwords. Pick a complex one - 10 - 12 characters or more than has nothing to do with you personally or family. Attackers look for easy targets - the harder you make it for an algorithm based attack to try and guess a password - they'll move on.
Many years ago when Bill Gates was still at the helm of MS - he drafted a letter known as "trusted computing". That mindset has been at the forefront of MS's approach security since. And while MS is not perfect in this space - they continually improve their security. And for me the current combination of Windows 10 and Defender with Cloud based security works.
Comments
Post a Comment