Why Windows 10? Microsoft stresses security

The new Windows Defender Advanced Threat Protection feature adds more security cred to Microsoft's new OS

Microsoft really, really wants everyone to dump Windows XP, Windows 7, and Windows 8 in favor of Windows 10. It's been aggressively urging users to upgrade to Windows 10, even preinstalling the Windows 10 update on PCs unasked. This week, it provided a new incentive to encourage Windows 10 updates, especially in businesses: enhanced security.

The company announced a new service built into Windows 10 called Windows Defender Advanced Threat Protection that helps IT detect and make suggestions on how respond to attacks that have made it into the network. Windows Defender ATP does not yet actually remediate any breaches that it detects, though Microsoft plans to add such capabilities in the future.

(Don't confuse Windows Defender APT with Exchange Online ATP, a for-pay add-on to Office 365. Windows Defender APT complements Exchange Online ATP, not serves as an alternative to it.)

Windows Defender APT is one of several security features that Microsoft has brought to Windows 10 in hopes of upping the appeal to enterprise IT departments. Others include:

  • Credential Guard: Built into Windows 10 Enterprise and Education editions, this tool stores credentials (NTLM hashes and Kerberos tickets) with the LSASS process that manages them in an isolated Hyper-V virtualized container.
  • Device Guard: This tool prevents untrusted apps from running on Windows 10 Enterprise PCs. Via virtualization, it isolates the Code Integrity services from the Windows kernel. For this to work, you have to go through and sign your apps and determine their trustworthiness. 
  • Windows Hello: This is a biometric authentication feature built into Windows, using fingerprint matching and facial recognition.
  • Enterprise Data Protection: This tool works with Microsoft's Intune and Configuration Manager servers, as well as with third-party mobile management servers, to encrypt enterprise data and remotely wipe enterprise data from devices. Other mobile management tools offer similar capabilities, but Microsoft's stands apart in its integration with Azure Active Directory for access management to cloud and other sevices. 

Windows 10 also provides security tools included in previous Windows versions, such as a software firewall, BitLocker drive encryption, and the Windows Defender antimalware tool.

Copyright © 2016 IDG Communications, Inc.