This article explores the needs of computer users migrating to a Windows 11 operating system in a home or small business environment.  To stay secure, pay close attention to network traffic, email traffic, authentication mechanisms, system, and security updates.  In Windows 10, Microsoft introduced the Windows Security app, which consolidates security settings and status information into a single location easily accessed from the Settings app. Windows 11 has added some new features and should be a regular part of your security monitoring.  This feature allows you to monitor and customize settings for antivirus and antimalware software, device security, firewall and network protection, and other security options.  As in the Windows 10 Security app, a green checkmark indicates there are no issues that need immediate attention.  Yellow and red icons indicate security issues that need to be addressed promptly.  The 
most important security setting on any Windows 11 PC is to ensure that updates are being automatically installed on a regular schedule.  Also, you should make sure that updates for Windows applications, including Microsoft Office and Adobe applications, are installed automatically.  

Another security relevant change from Windows 10 to Windows 11 is that a Microsoft account is now required when setting up a PC with Windows 11 Home edition.  Although controversial, there is a justifiable security benefit supporting that design decision.  When you sign in with a Microsoft account, the system drive is encrypted by default, and the recovery key is backed up to a secure location, accessible by signing in to that Microsoft account.  This minimizes the risk of a forgotten password leading to significant data loss.  If you currently don't use Microsoft services, you can create a new Microsoft account as part of the setup process and use that new account exclusively for signing in to Windows 11.  This way, you'll get the benefits of full system disk encryption, multifactor authentication, and 5 GB of OneDrive storage at no additional cost.  

 

One can argue that Microsoft's hardware compatibility rules for Windows 11 have improved security for Windows PCs, although not without controversy.  Previously, the governing principle for each new Windows OS version involved maintaining optimal backward compatibility, in many cases with decades old PCs capable of installing the latest operating system.  In Windows 11, however, the official hardware specifications were dramatically increased from Windows 10 and apply not only to new hardware from PC makers, but also to those wishing to upgrade.  The most noticeable changes are the requirement for a Trusted Platform Module (TPM) version 2.0 along with the requirement to enable Secure Boot.  Every installation of Windows 11 includes native antivirus and antimalware software i.e. Microsoft Defender, which updates itself using the same mechanism as Windows Update.  Microsoft Defender Antivirus is a powerful security tool that still requires minimal manual configuration to provide this layer of protection.  If you install third-party security software such as Norton or McAfee, Windows 11 will disable Microsoft Defender and allow that software to detect and remove potential threats.  To check the status of 
Microsoft Defender Antivirus in both Windows 10 and 11, you can click on Virus & Threat Protection in the Windows Security app.  

 

For smaller businesses, a primary challenge is preventing malicious code from reaching your PC in the first place.  Microsoft's SmartScreen technology is another native feature that scans downloads and blocks the execution of those that are known to be malicious.  The SmartScreen technology also blocks unrecognized programs, but allows the user to override those settings if necessary.  SmartScreen technology in Windows 11 works independently of browser-based technology such as Google's Safe Browsing service and the SmartScreen Filter service in Microsoft Edge.  SmartScreen also requires no manual configuration.  However, you can customize its configuration using the App & Browser Control settings in the Windows Security app.  

 

In Windows 11, there have been no noteworthy changes to Microsoft's native firewall technology.  It is, of course, enabled by default and quite effective out of the box. Similar to Windows 10, the Windows 11 firewall supports three network configurations of domain, public, and private.  You can customize the native Windows 11 firewall settings by clicking on the Firewall & Network Protection tab in the Windows Security app.

 

Although there are many other security mechanisms and services built into the Windows 11 operating system, overall it is debatable whether this latest version of Windows has added any security technology that is significantly different or better than Windows 10.  Therefore, an upgrade to Windows 11 is not a game changer from a security perspective.   The Windows 11 operating systems remains pretty consistent with Windows 10 native security offerings and how to access them.

WINDOWS 11 SECURITY:  IS IT BETTER THAN WINDOWS 10?

Image by Ruijia Wang