One of the best things about Microsoft is that they are trying to make a stronger security system for their OS. The new Tamper Protection is set to add more key features in securing our data. Tamper Protection is a new setting available in the Windows Security app which provides additional protections against changes to key security features, including limiting changes that are not made directly through the app.
What is Tamper Protection in Windows 11/10
If you are a home user, you can toggle the setting from the Virus & threat protection settings area in the Windows Security app.
When it comes to simple home users, you can connect the setting in your app right from your Virus and Threat tab. If you are a corporate user, you can use Intune management to manage the security settings centrally. This feature will be enabled by default for all home users. For enterprise customers, it will be opt-in.
The full end-to-end functionality of this security feature is still being worked on. But, you can find a setting on the current Windows 11/10, Windows Defender Anti-Virus.
Enable or disable Tamper Protection in Windows Defender
To enable or disable Tamper Protection, Press Win+I to open Settings. Go to Update & security > Windows Security tab > Virus & Threat Protection > Virus & Threat Protection Settings > Manage Settings. Here you can toggle the Tamper Protection switch On or Off.
You can also use Intune or Registry to enable or disable Tamper Protection.
How does Tamper Protection help
You get real-time protection based on the Microsoft Defender ATP – which is next-generation protection. It prevents others from tampering with important security features. You should not disable it. It offers:
- Cloud-based detection of malware within seconds.
- Get the IOVA which is a detection tool of suspicious files on the web.
- A behavior monitoring tool that detects suspicious behavior in active apps.
- The Tamper Protection also prevents the deleting or disabling of the Windows Defender.
If you are a corporate user, you could have a centralized setting. But, your admin roles will not be able to change those settings.
For enterprise customers (such as those with a Microsoft Defender ATP license), this feature will be opt-in and can only be managed from the Intune management console. Local device admin users will not be able to change the setting. This ensures that even malicious apps – or malicious actors – can’t locally override the setting. Note that enterprise management is not available in current preview versions of Windows 10, but we’ll be bringing it to preview shortly, says Microsoft.
The full functionality of the feature will be released along with the upcoming release of Windows 10 v1903.
Tamper protection builds on other security features like Windows Defender Antivirus Sandboxing capability and expands existing tamper protection strategies across Microsoft Defender Advanced Threat Protection.
Tamper protection is now available for all customers, including Enterprise in Microsoft Defender ATP Threat and Vulnerability.