Security feature that provides greater functionality than Windows (R) 10 Pro and protects your system from evolving cyberattacks and targeted threats
Office 365 provides a convenient and secure way for you to share your emails, schedules, and files with your colleagues.
Security feature that provides greater functionality than Windows (R) 10 Pro and protects your system from evolving cyberattacks and targeted threats
Important authentication information is stored in a secure environment independent of the environment in which Windows (R) OS operates, which denies access to malware that has infiltrated Windows (R) OS.
Even if a device is infected by malware and local administrator access has been stolen, you can prevent the damage from spreading.
※ | This feature can be set and managed using group policies, the command prompt, and PowerShell. |
With respect to targeted threats, which are one of the issues we must address these days, people tend to focus only on measures that address the gateways to the attack, as seen in targeted email and zero-day attacks.
If you analyze attack techniques, however, you will come to realize it is important to protect authentication information and account information as well. Credential Guard protects your authentication information from attackers, preventing Pass the Hash attacks and thus protecting the company's overall administrator authority as well as preventing theft of data.
Execution of malware, such as targeted email attacks and applications unauthorized by the administrator, is blocked.
Unlike measures that rely on a conventional blacklist (in which known malware must be registered in advance), this feature can also protect against zero-day attacks.
Because the device is started by secure boot, it is possible to prevent operation of malware transmitted to master boot upon starting the device.
The methods employed by targeted email attacks evolve continuously. Attackers use a variety of spoofing techniques to deceive receivers. It is not enough to tell users not to open suspicious emails.
In addition, new viruses and variants as well as zero-day attacks cannot be prevented by traditional anti-virus software. Device Guard protects your devices from becoming infected with malware.
A behavior sensor built into the OS enables you to record the details of various behaviors in the form of logs.
There is no need to expand and manage agents on devices.
This enables you to attain extremely high performance.
Based on enormous amounts of data collected, stored, and analyzed by Microsoft, detection is carried out according to a knowledge base that employs the results of machine learning and security analyses.
The data is always kept up-to-date, allowing you to recognize signs of attacks as well.
Obvious threats will be removed automatically upon detection. Moreover, it is possible for the administrator to select the desired action flexibly for the target client device from the console.
Collected data is analyzed using up-to-date information. The administrator does not have to do anything. This feature can recognize not only new threats but also signs of an attack.
You can take the necessary actions for the target client device from the management console, including stopping a specific suspicious program or disconnecting from the network.
You can investigate through which channels an incident spread and what kind of impacts an incident has had as far back as 180 days ago.
By linking your system with the Microsoft Defender series, you can perform comprehensive security monitoring and management.
What is the best solution for your problem?
Please consult a KDDI consultant.