I have a confession to make. I haven’t run security software on my Windows PCs in years.
Don’t look at me like that. I’m not some kind of wild, leather-jacket-wearing, helmet-free, motorcycle-riding risk taker. In fact, I’m the opposite.
My systems are protected, but only with what Microsoft gave me and the hundreds of millions of other people around the world running Windows 10: Windows Defender.
Defender started in 2004 as a Microsoft downloadable anti-spyware app called Windows Security Essentials. Over the years, Microsoft upgraded it — and messed with the name more than once — to a security suite that Windows users could download and install on, among others, Windows XP and Windows 7 machines.
In 2012, Microsoft integrated Windows Defender with the ill-fated Windows 8. It was the first time Microsoft included security software with its popular OS, beyond the basic firewall and Security Center introduced with Windows XP Service Pack 2. Doing so made sense. As the world’s most popular OS installed in countless homes and businesses, Windows is a favorite target of hackers and criminals.
Those who run older versions of Windows, especially those that Microsoft is no longer patching (unless forced to by a major attack) are at even greater risk.
The third-party security industry thrived around this petri-dish of potential cyber-infections. After early viruses like the Love Bug, consumers got on board with the idea of installing third-party protection, but were generally dissatisfied to the impact those early utilities had on system performance.
Over time, most security software vendors like Symantec (Norton), McAfee, Trend Micro and others rewrote their applications to minimize system impact. I used Norton for years in the early oughts and was generally satisfied, but in discussions with other consumers I found that many avoided these protections because they either didn’t believe that the vendors had optimized the apps or they thought that buying the protection once and not paying for yearly subscription fees, which brought regular updates, was sufficient.
To make matters worse, these consumers avoided Windows updates because they thought these software updates would break other apps or make the OS unusable.
To be fair, Microsoft’s track record for smart updates that improved the platform hit a major speed bump with Windows 8. It was such a left turn and so confusing for most consumers that many stopped at Windows 7 and haven’t upgraded since (let’s not talk about the maniacs still running Windows XP and Vista).
As I mentioned above, though, the otherwise poorly received Windows 8, included one very smart decision: an on-board security system, and while early versions of Windows Defender looked like they were designed by the Windows 95 interface team, it generally did the job.
I continued, however to run third-party security software from Norton through Wndows 8.1, especially for the protection it provided on browser links.
When Microsoft shipped Windows 10 in 2015, though, it began pouring Windows Defenders core security operations inside the Windows platform. The result is Windows Defender Security Center in Windows 10 Creators Update (the current version of Windows is the Fall Creators Update), which integrates virus and malware protection (including cloud-based protection), as well as firewall, apps and browser protection.
I can’t say that I actively made the decision to drop third-party coverage. It happened gradually. I started updating all our systems to Windows 10 and I didn’t bother to renew my third-party security software.
Microsoft’s security solution is what I always wanted from my third-party solutions: worry-free, hands-off protection (plus, it’s free). Granted, I know that the weakest link in any security protection scheme is always people. Most attacks target your very human emotional vulnerabilities (it’s called social engineering): an email telling you to check your bank account, a text from “Apple” telling you to follow this link to log into your account. I’ve trained every member of my family to never act on these emails or texts.
Over the last few years, we’ve had zero infections and never been successfully phished.
I get that not everyone is as careful and the baseline protection offered by Microsoft might not be enough. That’s why Microsoft introduced Windows 10 S, a locked-down version of Windows 10 that forces you to use Microsoft Edge, Microsoft’s relatively new Web browser, and prevents the installation of any app outside Microsoft’s curated Microsoft Store.
There are rumors that Microsoft will make Windows 10 S the default installation (as Windows S), with an option to upgrade to a more open version for an additional $49. Considering how effective Windows 10’s built in security is, this draconian measure seems unnecessary.
So, yes, I’m third-party security software-free, and I feel fine. Totally fine. I think.