Not long ago, the news came out that the removable devices, such as USB flash drive can be protected with the Windows Defender Advanced Threat Protection. In this post, I’m going to illustrate how the protection works.

What Is Windows Defender ATP

The full name of Windows Defender ATP is Windows Defender Advanced Threat Protection, which is a platform designed by Microsoft to help enterprise networks do the following things:

  • Prevent threats
  • Detect potential threats
  • Investigate the threats
  • Respond to advanced threats

What if your files are deleted by Windows Defender? How to recover them?

[SOLVED] Windows Defender Deleted Files, How To Get Back Easily
[SOLVED] Windows Defender Deleted Files, How To Get Back Easily

If you find Windows Defender deletes your files, the solutions in this post can help you rescue files and solve the issue.

Read More

You can experience many built-in technologies of Windows 10 and robust cloud service of Microsoft by using the Windows Defender ATP.

  • Threat intelligence
  • Cloud security analytics
  • Endpoint behavioral sensors

Windows 10 Update Debacle Influences Cisco & Morphisec Endpoints.

Windows Defender ATP Provides Protection for Removable Devices

In fact, the Windows Defender Advanced Threat Protection of Microsoft is a useful way to deal with threats and data protection involving removable devices, such as USB flash drive. Microsoft confirmed that you can get comprehensive protection over USB and removable devices so as to prevent threats and data loss thanks to Windows Advanced ATP.

How to secure your flash drive from cyber threats:

It’s Urgent To Secure Flash Drive From Cyber Threats
It’s Urgent To Secure Flash Drive From Cyber Threats

It’s important to secure flash drive from the cyber threats since the USB stick is relatively weak and can be infected with virus easily.

Read More

According to statistics, the malware and virus can be spread easily through removable devices like USB flash drives. Though there are lots of antivirus solutions to scan the drives, it is not enough. Comprehensive protection is a better choice.

How Windows Defender Advanced Threat Protection Works

With the help of Windows Defender ATP, you can get away from threats and data loss effectively. In this part, I will show you how the Windows Defender Advanced Threat Protection protects your data in different ways.

Way one: reduce the possible attack surface area. This is achieved by stop certain individuals/groups of people/machines from using the specified or all removable devices.

Way two: make use of advanced hunting function to detect plug-and-play connected events, so as to do following things:

  • Identify suspicious usage.
  • Conduct internal investigations.
  • Create custom alerts by taking advantage of the custom detection rule feature.

Way three: enable the data loss prevention techniques, including Windows Information Protection and BitLocker.

Click to know more about BitLocker drive encryption recovery.

Way four: enable the threat protection techniques.

  • Windows Defender Antivirus real-time protection (RTP): it is used to scan removable devices for malware
  • Kernel DMA Protection for Thunderbolt to block Direct Memory Access (DMA): it is used until the user logs-on
  • The Exploit Guard Attack surface reduction rule, which is able to block the untrusted & unsigned processes running from the USB drive

Block Unauthorized Data Access to USB Flash Drive

Yes, you are able to prevent your removable devices, such as USB flash drive, from being seen and interacted with without your permission. Besides, you can make it possible to stop certain users to get access to the certain and defined USB drives on certain machines.

What you can do with Windows Information Protection and BitLocker?

  • Windows Information Protection: stop people from copying sensitive information and running files from unknown or untrusted apps. That is to say, it will ruin users’ attention to copy sensitive or confidential-marked data and the notification will be executed according to the level of enforcement.
  • BitLocker: by turning BitLocker on, you’re able to secure your data on the lost or stolen USB flash drive from being accessed by malicious people. All the files that have been stored on the USB flash drive (which has been protected by BitLocker) will be encrypted automatically when people attempt to plug it into computer/other devices.

Though Windows Defender ATP is of great help, it is still sort of complex to know these things:

  • The exact removable devices you should block.
  • The exact time and people that shouldn’t use removable devices.
  • linkedin
  • reddit

About The Author

Sarah

Position: Columnist

Sarah has been working as an editor at MiniTool since she graduated from university. Sarah aims at helping users with their computer problems such as disk errors and data loss. She feels a sense of accomplishment to see that users get their issues fixed relying on her articles. Besides, she likes to make friends and listen to music after work.