Windows Security, the inbuilt security and antivirus app in Windows 10, can be disabled by third-party service without consent. The user can be tricked by third-party malware, which could be posing for something else. To make sure nobody else but an admin can change the settings of Windows Security, Microsoft had made available Tamper Protection for all. Here is how you can enable or disable Tamper Protection or make sure it is enabled on your computer.
Tamper Protection in Windows 10
This new feature is designed to protect end-users from any malicious and unauthorized changes to security features. While third party antiviruses do it with consent, so they don’t get into conflict, but if you see threat protection or real-time protection turned off, then it is possible somebody or something has changed it.
How to enable Tamper Protection for Home Users
Tamper Protection feature is enabled by default for Home users, but make sure to double-check if it’s enabled. Open the Windows Security App > Virus and threat protection > Advanced Settings. Scroll to end to find Tamper Protection and then enable it.
Enable it via InTunes
If you are an IT admin using InTunes, you can deploy and manage this feature centrally. The feature can be enabled for the entire organization, or through device and user groups.
End users will not be able to change the settings from their end, making sure nothing else can change it too. However, if anything changes it, an alert will be raised in Microsoft Defender Security Center. IT Admins can then use the rich endpoint and detection response capabilities to investigate and resolve these attempts.
Microsoft lists the following features should now be turned down by anyone but administrators.
- Real-time protection— The core antimalware scanning feature of Microsoft Defender ATP.
- Cloud Protection—Useful to detect and prevent never-before-seen malware.
- IOAV (IE Downloads and Outlook Express Attachments initiated), which handles the detection of suspicious files from the Internet
- Behavior monitoring— Works with real-time protection to analyze and determine whether active processes are behaving in a suspicious or malicious way, and then blocks them
- Security intelligence updates
Its good to see that Microsoft has rolled out this feature for everyone, and not kept it for premium users. It is important that all can avail features like this.