Hours ago, in moments of exploration, I discovered an important security feature unbeknownst to me. I was doing this while poking around my windows 10 machine in an attempt to manually check for Microsoft updates. While Windows offers settings to determine whether to be notified to automatically download updates or manually do so, I often override the former option which is set by default, to frequently check for relevant updates.
On this occasion, I was scrolling the Microsoft Defender settings page when I noticed the ‘Isolated browsing’ section that shows that the Microsoft Defender Application Guard helps protect oneself from online threats while using Windows’ native browser, Microsoft Edge.
On clicking Install Microsoft defender application guard, the Windows Features pop-up window appeared from where I activated the Microsoft Defender Guard Application. Feature activation required the installation of additional components from the internet.
As I was going through the activation process, I discovered that this is a really powerful feature introduced to help fight against threats in an ever-increasingly dangerous internet ecosystem. By availing of this feature, yet another layer of security has been added to make it harder for attacks to proliferate from the Edge browser to the wider system. This protection model is akin to setting up an air gap between one’s own system and the internet, hence preventing transfer and remote contact.
Not all individuals will have the ability to distinguish between legitimate sites and malicious sites, nor threat vectors such as phishing links and clickjacks. Such vectors ultimately lead to the compromise of a system should the attacker have potent means to gain access. The combined use of this feature and other defense mechanisms at the application level — e.g. the use of security extensions such as VT4Browsers — gives users a much-needed leeway to avoid breaches they may be unaware of.
Microsoft Defender has evolved over the years to become a decent defense solution. The solution is tightly integrated into the Windows environment to provide 24-hour surveillance for malware and other threats. It does so in the background and will occasionally prompt the user for updates and action on notifications. Microsoft Defender offers seven protection areas including virus and threat protection, account protection, firewall & network protection, app & browser protection, device security, device performance & health, and family options. All these options can be overwhelming. Consider going through each of the sections to configure appropriate protection settings (Follow through to step 3 below to access the individual protection areas).
Meanwhile, to turn on the specific isolated browsing feature;
1. Go to Windows settings>update & security
2. Choose Windows Security from the left pane
3. Then choose App & Browser control from the protection areas list
4. You will see the Isolated Browsing section there. Proceed to click on the link to install the application from Windows Features
Security solutions providers should take note of this feature by Microsoft to devise ‘sandboxing’ protection mechanisms for safe browsing. The security landscape requires that solutions are proactively developed to meet even the least known-about or required features. Just because the customer does not recognize the essence of a solution, it doesn’t mean that it is irrelevant.
A lot of times, people don’t know what they want until you show it to them — Steve Jobs.
