Microsoft is consistently working on improving the security of its sprawling ecosystem. One of the core products is Microsoft Defender, which is part of the Windows Security suite. Microsoft recently released a new product called Microsoft Defender Application Guard for Office. That’s a long name, to be honest, but what is it?
Microsoft Defender Application Guard was released last year. As useful as the feature is, it received little attention from the press and users alike. This year, Microsoft has gone one step ahead to include an Office suite of apps into the product, which is evident from the name.
We are going to call it Application Guard, just like Microsoft does in its documents, for the sake of sanity. Let’s understand more about this feature and how to enable it.
What Is Application Guard
Microsoft released Application Guard to protect the users from ’emerging threats’ by isolating the hardware in usage. This reminds me of the sandbox tool.
It was developed for Microsoft Edge browser and Windows 10 computers. Clicking on the wrong link or opening a malware or other virus-infected site could wreak havoc on not only the system accessing it but all the other systems connected to the server.
The administrator now gets to whitelist sites and other resources deemed safe, rendering all other sites untrusted.
Here is how it works.
Let’s say you open a site that’s not on the list. Edge will open that site in an Hyper-V container which is isolated from the host OS. No malware or virus leaves the container. That safeguards the data and its integrity.
What Is Application Guard for Office 365
Websites and cloud resources are not the only things that employees access while surfing the wild web. There are also Office docs and other files that you work with on a day to day basis. What about them? Application Guard for Office was released with that thought in mind. Think of it as an add-on.
The Application Guard for Office protects your computer, and the connected enterprise server, from untrusted and infected files. Microsoft calls them ‘new and emerging threats’ oddly. The core concept remains the same where the files are opened in a secure and isolated container using hardware virtualization.
Once the file is open inside the container, you can read, edit, print, and interact with it like a regular file.
There are some system requirements for this to work. They are:
- Intel Core i5 or equivalent
- 64-bit architecture minimum 4 cores with virtualization extensions (Intel VT-x OR AMD-V)
- 8GB RAM
- 10GB space on preferably SSD
- Windows 10 Enterprise edition, build version 2004
How to Enable Application Guard for Office
I hope you have checked the hardware and software system requirements. You will now have to download KB4571756 and install it before viewing the correct options on your computer.
The process to enable or disable this feature is the same as sandbox or virtualization.
Step 1: Search for and open Control Panel from the Start menu.
Step 2: Search for and open Turn Windows features on or off.
Step 3: In the pop-up that follows, find and enable Microsoft Defender Application Guard option.
Don’t forget to save all changes before you exit.
For those who are either unable to find this option in the Control Panel or like working with the command line, you can also enable it from the PowerShell. Make sure you open PowerShell with admin rights and then give this command:
Enable-WindowsOptionalFeature -online -FeatureName Windows-Defender-ApplicationGuard
Step 4: Search for and open Group Policy Editor from the Start menu.
Step 5: Drill down to the folder structure suggested below.
Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Application Guard
Double-click on ‘Turn on Microsoft Defender Application Guard in Managed Mode’ option to open it.
Step 6: You will now select Enabled and set the Options value as 2 as seen in the screenshot below.
Click on Apply and save all changes.
Step 7: Finally, open Settings > Privacy > Diagnostic & feedback. Select Optional diagnostic data if not already done.
How do you know it is working or not. Simple. Open any Word document, not in your whitelist (untrusted), and you should notice this message:
To keep you safe, we’re opening this document in Application Guard.
Also, the Word icon in the Taskbar should have a shield icon on it.
I am impressed with the way Microsoft is taking its security these past few years. I regularly use the Sandbox mode for testing apps, open sites, and try new hacks in a safe environment. Microsoft Defender Application Guard adds more options for enterprise users who have a lot more to lose if their servers or systems are compromised. That is another tool in your arsenal to fight against hackers. While there will never be a permanent solution, the best we can do is stay vigilant and keep them at bay.
Next up: Want to protect yourself even more? Here is a guide with 6 crucial tips on keeping your data safe from viruses and malware.
Last updated on 13 July, 2021
The above article may contain affiliate links which help support Guiding Tech. However, it does not affect our editorial integrity. The content remains unbiased and authentic.