Microsoft informed tech-media types at its recent Build 2018 conference that close to 700 million devices are now running Windows 10. According to MSPoweruser, Microsoft’s Joe Belfiore, vice president in the Operating Systems Group, also announced, «Right now, there are over 200 million people in corporate accounts using Windows 10.»
SEE: Cybersecurity strategy research: Common tactics, issues with implementation, and effectiveness (Tech Pro Research)
Since the inception of Windows 10, many reasons have been suggested as to why the operating system is not a good fit for the business environment—security is not high on the list, but it is always a concern. People at AV-TEST Institute, an independent provider of security and antivirus research, are aware of the burgeoning number of Windows 10 corporate users and decided to test enterprise security solutions developed with Microsoft’s latest operating system in mind, and see how well they performed.
Overall performance of the security solutions
There is good news. In the AV-TEST report Put to the Test: 16 Client-Server Solutions for Windows 10, Guido Habicht, CEO AV-TEST GmbH, mentions many of the products performed admirably, adding that solutions from Kaspersky Lab, Symantec, Trend Micro, and Bitdefender achieved exceptional scores: 17.5-18.0 (Figure A). The scores are based on a zero to six-point range, with six points being the best in each of the three categories: Protection, performance, and usability.
Products from Avast, McAfee, Microsoft, Ensilo, Seqrite, and Sophos were close behind. Habicht added that most products provided flawless protection with only minor weaknesses in terms of performance and usability.
To test an application’s ability to protect, AV-TEST engineers focused on detection. Two tests were run.
One test used zero-day malware (signatures were likely not available) obtained from malicious websites or email messages—this gave the engineers an idea of how well the security solution’s heuristics work. The second test employed the company’s reference malware data set, which contains nearly 10,000 malware samples, most of which have been in the wild long enough for signatures to be available to those responsible for keeping security products up to date.
After two solid months of testing, the results are encouraging: Nine out of the 16 solutions achieved a perfect score. The report adds that three additional products committed one minor error, small enough so that they were given the maximum six points as well.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
Performance measurements on the client PC
Today’s PCs are hugely more powerful than computers only a few years old; however, today’s computing needs tend to require every bit of that extra power. Understanding this, the people at AV-TEST felt it was critical to determine the effect an active security product has on a workstation’s performance. To establish a baseline, AV-TEST engineers ran two tests: One with security installed and one without. Additionally, the two tests were run using a standard PC and a high-end PC.
Products from Bitdefender, Kaspersky Lab, Seqrite, Symantec, and Trend Micro placed virtually no load on the system, and for that received the maximum six points. As the chart points out, the remaining products also did quite well, with the worst score being five points.
SEE: Windows 10 privacy guide: How to take control (ZDNet)
Usability based on false alarms
False alarms are the bane of security systems—physical and digital. Case in point: False positives were ranked the number one hidden cost of endpoint security in Ponemon’s 2017 State of Endpoint Security Risk report, and important enough for engineers at AV-TEST to use false positives as an indication of a product’s usability.
To test the security suites for false positives, 500 websites were visited, several-dozen programs were installed and launched, and 1.5 million files were scanned. Here are the results.
No false positives were registered during website visits.
There were issues with program installations. «Bitdefender (Elite Version) blocked four applications and F-Secure blocked eight,» explains Habicht. «The programs from Seqrite, Sophos, and Symantec (both versions) committed one mistake each.»
File scanning resulted in minor detection errors. Kaspersky Lab, McAfee, Symantec, Trend Micro, and Sophos indicated zero or one false positive and were awarded six points. Products from Avast, Bitdefender, Ensilo, and Microsoft quarantined between six and eight files. Seqrite, G Data, and Palo Alto Networks wrongly detected 10 to 15 files, whereas F-Secure 23 files.
Good news for corporate IT departments
If a corporate security solution obtained a score of 17.5 to 18, it was awarded the rating of Top Product—that honor was given to six corporate security solutions:
- Kaspersky Endpoint Security;
- Kaspersky Small Office Security;
- Symantec Endpoint Protection Cloud;
- Trend Micro Office Scan;
- Bitdefender Endpoint Security; and
- Symantec Endpoint Protection.
Only three and a half points separated the 16 tested corporate security suites.
In the study’s conclusion, Habicht cautions that the number of malware attacks targeting Windows 10 devices is increasing. Knowing the effectiveness of corporate-level security solutions for Windows 10 should help beleagured cybersecurity professionals in their quest to keep company digital assets safe.