The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

What is Device Security and how to hide it in Windows 11/10?

Download Windows Speedup Tool to fix errors and make PC run faster

Windows Defender has now been integrated with Windows Security and it includes a Device Security section in Windows 11/10, which is meant to give you better insights into the security features integrated with your Windows device. In this post, we will explain what is Device Security Protection area in Windows Security is, how to hide or show it & how to fix Device Security error messages.

Device Security in Windows 10

Device Security in Windows 11/10

The ‘Device Security‘ protection area in Windows 11/10, is one of the seven areas that protect your device and let you specify how you want your device protected in Windows Security Center.

The seven areas include-

Generally, Device Security gives you greater insight into the security features integrated into your Windows device. The page provides you with status reporting and management of security features built into your devices – including toggling features on to provide enhanced protections.

What you see in ‘Device Security’ will depend on the security features that come built into your device. On this panel, one of the following messages will be seen, depending on your device’s system configuration:

  • Your device meets the requirements for standard hardware security
  • Your device meets the requirements for enhanced hardware security
  • Your device exceeds the requirements for enhanced hardware security
  • Standard hardware security not supported.

Typically, the features available are-

  1. Core isolation provides added protection against malware and other attacks by isolating computer processes from your operating system and device. You can enable, disable, and change the settings for core isolation features here.
  2. Memory integrity can help prevent malicious code from accessing high-security processes in the event of an attack.
  3. Secure boot prevents rootkit-like sophisticated malware from infecting your system during boot.
  4. Security processor provides additional encryption features.

This is where you’ll also see any relevant error messages about your security processor:

  1. Device health attestation isn’t supported on this device.
  2. TPM storage is not available. Please clear your TPM.
  3. TPM measured boot log is missing. Try restarting your device.
  4. There is a problem with your TPM. Try restarting your device.
  5. A firmware update is needed for your security processor (TPM).
  6. TPM is disabled and requires attention.
  7. Your TPM isn’t compatible with your firmware, and may not be working properly.
  8. Device health attestation isn’t available. Please clear your TPM.

This area can be hidden from users. This can be useful if, as an admin, you don’t want them to see or have access to this area. If you choose to hide the Account protection area, it will no longer appear on the home page of the Windows Security Center, and its icon will not be shown on the navigation bar on the side of the app.

Device Security error messages

Your device meets the requirements for standard hardware security

This means your device supports memory integrity and core isolation and also has:

  • TPM 2.0 (also referred to as your security processor)
  • Secure boot enabled
  • DEP
  • UEFI MAT

Your device meets the requirements for enhanced hardware security

This means that in addition to meeting all the requirements of standard hardware security, your device also has memory integrity turned on.

Your device has all Secured-core PC features enabled

This means that in addition to meeting all the requirements of enhanced hardware security, your device also has System Management Mode (SMM) protection turned on.

Standard hardware security not supported

This means that your device does not meet at least one of the requirements of standard hardware security.

Device Security Page not available: How to Show or Hide Device Security

Show or Hide Device Security via GPEDIT

  1. Run gpedit to open the Group Policy Editor
  2. Navigate to Computer Configuration > Administrative templates > Windows components > Windows Security > Device Security.
  3. Open the Hide the Device security area setting
  4. Set it to Enabled.
  5. Click OK.

Hide Device Security via Registry

  1. Double-click the downloaded Hide-Device-Security.reg file to merge it.
  2. Click Run on the prompt. Click Yes on UAC prompt and OK to allow the merge.
  3. Restart PC to apply.
  4. You can now delete the downloaded .reg file.

Show Device Security via Registry

  1. Double-click the downloaded Show-Device-Security.reg file to merge it.
  2. Click Run on the prompt. Click Yes on UAC prompt, and OK to allow the merge.
  3. Restart PC to apply.
  4. You can now delete the downloaded .reg file.

You can click here to download the zipped Registry files from our servers.

This is how you can show or hide the Device Security area in Windows Security.

AnandK@TWC

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP (2006-16) & a Windows Insider MVP (2016-2022). Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.