Recently Microsoft has announced that Tamper protection is now generally available for Microsoft Defender ATP customers. And this security feature will be enabled by default on Windows 10 devices.[wpinsertshortcodead id=”bzyqm5d3e04029f48f”]
The Tamper Protection security feature was first introduced in Windows 10 May 2019 update ore version 1903. Enabling the Tamper Protection helps to prevent Windows Defender and Windows Security settings such as disabling real-time protection, cloud-based protection, and security intelligence updates from being changed by third-party programs. It is available for those who are running the latest version of the OS.
It’s available for Microsoft Defender ATP customers meaning businesses impose these settings on their employees’ system using Microsoft enterprise management software such as Intune.
An option is added to the Windows Security to manage the Tamper Protection’s status. Consumers perform the following steps to enable or disable Tamper Protection:
- Click on Start and type Windows Security.
- Open Windows Security
- From the left pane click on Virus & threat protection
- Click on Manage Settings under “Virus & threat protection settings” on the right pane
- Scroll down to Tamper Protection and toggle it to switch it on (if it is off).
The above can also be used to enable it on Enterprise workstations, or administrators can make use of the Microsoft Intune management software to enable it for the whole enterprise or some devices or user groups. Enabling it via Intune will show “this setting is managed by your administrator” on end-user workstations.
Here is what Microsoft mentioned:
When an administrator enables the policy in Microsoft Intune, the tamper protection policy is digitally signed in the backend before it’s sent to endpoints. The endpoint verifies the validity and intent, establishing that it is a signed package that only security operations personnel with Microsoft Intune admin rights can control.
When the protection enabled in an enterprise via Intune, the Security Center will monitor the tamper attempts and alerts will be raised in Microsoft Defender ATP’s Security for administrators to investigate and stay on top of security threats.
For now, Tamper Protection is only available on Windows 10 version 1903 or later. We recommend every consumer and Organizations to enable this feature.