fbpx
1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

Protecting Device Storage Using Windows UWF

Published by Mike Solinap
on May 25, 2022

The Unified Write Filter (UWF) is a Windows native feature that ensures a system’s data remains as an unmodified, secure baseline.  Data can be changed by a Windows UWF system user. However, the changes do not persist after a restart. In fact, changes are discarded after a restart. The data always reverts to the original baseline.

What Are The Benefits Of Windows UWF?

In general, the Unified Write Filter works well. It’s reliable. Kiosks, digital signage, and ATMs commonly utilize the UWF feature.

Four key benefits of UWF:

  1. The UWF ensures the system is always reverts back to a pre-determined state. This state is set by the administrator or product manufacturer.
  2. The administrator or product manufacturer can rely on the UWF to ensure system data hasn’t been tampered with, or contains any malware and incorrect files.
  3. The UWF doesn’t require 3rd party software to be utilized. UWF is native to Windows.
  4. Devices subjected to power disconnections or forced shutdowns receive an additional layer of data corruption protection.

What Are The Risks Of Unified Write Filter?

Let’s balance the benefits of Windows UWF, by addressing the product cybersecurity risks.

Knowing these risks means you can take preventative measures and protect impact to your business operations.

  1. Unified Write Filter can increase the complexity or administrative overhead of the system or product.  Moreover, it may increase the difficulty to design a system or product. This is based on having persistent data relying on the Windows UWF.
  2. Vulnerabilities may impact certain Windows systems. This can allows malicious users to modify the protected UWF persistent data.
  3. Administrators or product manufacturers may rely on UWF too heavily. This could lead to ignorance in system aspects contributing to an overall security posture.

Internet of Things (IoT) manufacturers deploying systems for offline operation, or systems lacking regular patching ability are the most vulnerable to product cybersecurity. This includes many medical device manufacturers and other regulated industries.

How Can UWF Risks Be Mitigated?

  1. Fostering a “defense in depth” or “zero trust” security posture. Reviewing current system architecture to understand infrastructure investment and improvement opportunities is key.
  2. Updating legacy systems and products away from XP or Windows 7 based embedded operating systems. These pose higher product cybersecurity risks. Replacing them with more modern Windows 10 / IoT provides better protection.
  3. For offline systems, incorporate a process to have those systems manually patched or updated.

Securing And Protecting Devices With Windows UWF 

Incorporating a solution that leverages connectivity for Internet of Things (IoT) or embedded devices is a good idea. For example, online devices can be monitored for telemetry, receive updates, and mobile device management software can remotely wiped on compromised devices.

By coupling the use of UWF with BitLocker disk encryption, you can leverage BitLocker. A storage device can’t be removed from the device and read on another machine. This adds another layer of valuable data protection.

For systems or devices that are online, consider downloading critical data at runtime from a central repository. Data protected by the UWF can be the minimal amount to bootstrap the device. Then the rest of the data can come from a controlled online source.

Conclusion

Unified Write Filter has a range of benefits. These include providing added data protection against corruption. Windows UWF is successfully used in many systems such as ATMs already, and is generally both safe and reliable.

Understanding the risks for UWF in devices such as offline medical devices, or systems that are not able to be patched regularly can better prevent product cybersecurity risks from becoming issues.

SPK and Associates already successfully support medical device manufacturers who leverage UWF.

Contact us today to discuss how we can support your UWF requirements too.

Latest White Papers

How CloudBees Uses Feature Management to Gain Competitive Advantage

How CloudBees Uses Feature Management to Gain Competitive Advantage

In this whitepaper, you’ll discover how CloudBees Feature Management Flags can help you gain a competitive advantage in the market.  Discover CloudBees Feature Management In this CloudBees Feature flag whitepaper, you’ll learn: How to increase your developer...

Related Resources

Atlassian News Q1 2023 and What To Expect at Atlassian Team 23

Atlassian News Q1 2023 and What To Expect at Atlassian Team 23

In 2023, Atlassian continues to evolve with new product features, target markets and demographics. This is keeping their leader status for collaboration and productivity tools. Atlassian software is used by thousands of companies worldwide to manage projects, track...

STRATTEC Security Corporation’s PTC Windchill PLM ROI Case Study

STRATTEC Security Corporation’s PTC Windchill PLM ROI Case Study

STRATTEC Security Corporation deployed PTC Windchill to replace its existing product lifecycle management (PLM) solution. Additionally, they wanted to improve product design tracking and collaboration. Nucleus found that PTC Windchill PLM enables increased...

SRAM PTC Windchill PLM ROI Case Study

SRAM PTC Windchill PLM ROI Case Study

SRAM deployed PTC Windchill PLM to integrate and unify the engineering processes for all its brands. The company’s rapid growth through acquisition resulted in engineering and development groups that were not able to communicate and share information across...