Share This Post

Windows 10

The Best Ways to Secure Windows 10

Security is becoming a pressing concern for enterprise IT companies in the digital age as threats are constantly evolving and testing their network infrastructure and endpoints. While potential vulnerabilities can be catastrophic, Windows 10 addresses many security scenarios. It’s combination of hardware/firmware security with software security is ushering in a new paradigm of enterprise protection. Windows 10 delivers a potent security arsenal with containerization, identity and access control, information protection, and malware resistance. The new platform provides a solid foundation from which to execute sophisticated cybersecurity strategies.

Adaptiva provides an overview of Windows 10’s host of security and non-security related features in our Top 5 Security Best Practices for Windows 10 in the Enterprise report. This report goes into detail about key features, how they work, and how to take advantage of them. Let’s look at some key topics that will be covered in much more detail in the report.

UEFI with Secure Boot

Windows 10 offers a secure way to protect yourself from bootloader tampering. The Unified Extensible Firmware Interface (UEFI) specification connects the computer’s firmware to its operating system (OS), replacing the old Basic Input Output System (BIOS) traditionally used on PCs. UEFI with Secure Boot ensures that when your PC boots, it only uses trusted software trusted by the PC manufacturer.

Credential Guard

Credentials are clearly a vital part of networks for controlling and gaining access to systems. Credential Guard in Windows 10 leverages Microsoft’s Hyper-V hypervisor technology to strengthen some inherent weaknesses with credential validation. Known as virtualization-based security (VBS), this new standard will isolate and protect system and user secrets so that they cannot be stolen through “pass the hash” and other malicious attacks.

Device Guard

The Device Guard feature in Windows 10 allows users to mitigate the potentially damaging effects of running untrusted, unlicensed, or malicious applications on their system. Device Guard is a combination of hardware and software hardening features that utilize the new virtualization-based security (VBS) environment introduced in Windows 10.

BitLocker

Protecting locally-stored data has always posed a challenge even with modern day encryption methods. Windows 10’s BitLocker is at its most effective when it is used on a machine with a Trusted Platform Module (TPM) chip. The chip works with BitLocker to protect individual files as well as entire hard drives (both system and data). Some encryption information is stored in the chip, and some in Windows, making it easy to access—just log into Windows—and difficult to crack. Windows 10 includes is instrumentation that allows the operating system to fully manage the TPM, simplifying setup and management.

Windows Information Protection

The Windows Information Protection (WIP) feature, formerly known as Enterprise Data Protection, helps to secure data and applications from unauthorized use. With WIP you can’t send corporate documents through personal email or personal Dropbox account, for example. Specifically designed to work with Office 365 ProPlus and Azure Rights Management, WIP can distinguish between corporate and personal data. Then it can restrict what happens to corporate data.

So much to Learn

Windows 10 includes a plethora of other security-related elements that address many potential issues. Is your organization ready to start implementing these security capabilities? Check out Adaptiva’s  Top 5 Security Best Practices for Windows 10 in the Enterprise report to learn more.

Gary Walker, Director of Customer Support, Adaptiva

gary

Share This Post

Founded in 2004 by the lead architect of Microsoft SMS 2003, Adaptiva has grown into one of the premier providers of IT systems management solutions. Adaptiva solutions leverage existing IT resources to enhance the operation of Microsoft System Center Configuration Manager (SCCM) without disrupting service to end-users. Adaptiva has sold over 3,000,000 seats of software deployed in more than 100 countries. A Microsoft Gold Partner, Adaptiva conquers the complexity of IT by streamlining operations, extending the functionality of Microsoft System Center Configuration Manager (SCCM) and rapidly improving ROI on existing systems. Adaptiva provides easy to use software that seamlessly integrates with Microsoft SCCM to help you better manage your IT while reducing the total cost of ownership.

Leave a Reply