Windows 10: Enabling Your Move to the Cloud

January 24, 2017 | Posted in:

Cloud, IT Strategy, IT Security

Posted by Adrian Wells

Win 10 L&L Header.png
Microsoft's Windows 10 made its debut in July 2015, six years after Windows 7.  During this time, Microsoft’s new security, convenience, and performance developments culminated into Windows 10.  Microsoft’s development continues, with the recent (August 2016) Anniversary Update to Windows 10 which delivers even more features. This is Microsoft’s operating system-as-a-service vision. Windows 10 delivers continual enhancements, cloud enablement, and new security.  It is the future platform and begs the question, should my organization upgrade?

Focusing on security, how is Windows 10 safer and better than Windows 7?

Let's start with the core of the Windows 10's unified and modularized operating system, OneCore; it has been designed from the ground up to be more secure by default.  OneCore must maintain its security since it powers Microsoft Windows 10, Windows Server, Xbox One, Windows 10 Mobile, Internet of Things (IoT), HoloLens, and more. 

Next, Windows 10’s Windows Hello feature delivers biometric authentication to ditch the need of a password to login.  Simply looking at a Windows 10 device unlocks it as it utilizes facial recognition. Another user-centric way to unlock the device is by using a Fingerprint recognition.  These are two steps towards a password-less future.

Windows 10 also integrates with Microsoft’s Intune, delivered from Microsoft’s cloud.  Intune provides mobile device management, mobile application management, and PC management capabilities.  With Windows 10 and Intune, Windows Information Protection (WIP), Conditional Access, and Digital Rights Management (DRM) can protect against potential data leakage without otherwise interfering with a person's experience.  This suite of technologies helps to protect enterprise applications and data against accidental data leak on enterprise-owned devices and personal devices that people use to work (and this is without requiring changes to the organization’s environment or various applications). 

Windows 10’s Secure Boot is a combination of technologies to protect against rootkits and other low-level malware.  Windows 10 leverages TPM and UEFI technologies to detect changes in the startup to detect infections helping to keep data secure.

Like Windows 7, built-in BitLocker data encryption is available, however Windows 10 improves upon it.  Windows 10 supports self-encrypting drives (SEDs) unlike Windows 7.  Encryption speed is improved with Windows 10 as it takes mere seconds to encrypt a new flash drive, whereas with Windows 7, it could take more than 20 minutes. 

Prevention is the best method to addressing security threats.  Once a system is infected it can be difficult to detect and remediate.  Windows 10 provides strong malware resistance because it takes advantage of secure hardware, which secures the startup process, the core operating system architecture, and the desktop.  Web browsers are commonly used to gain unauthorized access to the Windows operating system.  However, Windows 10’s Microsoft Edge and IE include Enhanced Protection Mode, which uses AppContainer-based sandboxing to protect the system from vulnerabilities that may be discovered in the extensions running in the browser (for example, Adobe Flash and Java) or the browser itself.

Windows Defender, the built in anti-malware and anti-virus protection, within Windows 10 is markedly better.  Systems Engineering collaborated with the Maine Cyber Security Cluster this summer to test malicious threats in a controlled environment against various Windows desktop operating systems and anti-malware software.  The collaboration effort found that the Windows 10 built-in Windows Defender detected and eliminated malicious files while Windows 7 did not (only with additional software was it able to perform the same as Windows 10).

To learn more about Windows 10, speak with a Systems Engineering representative by calling 888.624.6737 or by emailing info@syseng.com

awells.jpgAdrian Wells is a Senior Network Engineer with over 20 years of IT experience ranging from network administration, programming, IT management, and system design. Adrian joined Systems Engineering in 2008 and has designed and led projects thoughout New England.