With expanded identity and access controls, advanced Bitlocker encryption and malware protection, Windows 10 is Microsoft's most secure operating system ever.

Rutrell Yasin, Freelance Writer

July 18, 2016

7 Slides

For enterprises the number one reason to upgrade to Windows 10 is improved security, but the critical enhancements that rely on hardware protection will be difficult to adopt until you buy new PCs, says Simon Crosby, co-founder and CTO of Bromium, a Microsoft partner that delivers hardware enforced security to deployed Windows endpoints.

Windows 10 is designed to protect against known and emerging security threats across the spectrum of attack vectors, according to Microsoft. As a result, Microsoft has laid out three broad categories of security work that has been incorporated into Windows 10: identity and access control features, information protection, and malware resistance.

Identity and access control features have been expanded to simplify and enhance user authentication security, and features that utilize virtualization-based security to protect the Windows authentication subsystems and users’ credentials. Information protection focuses on guarding information at rest, in use, and in transit offering advanced encryption. Meanwhile, malware resistance includes architectural changes aimed at isolating critical systems and security components from threats.

“Microsoft has adopted a device-centric view of security now,” Crosby says. Hardware-based security is a fundamental component of all the three categories – identity and access control, information protection and malware resistance.  “Microsoft is increasingly moving down the path using additional hardware features on a device to do security.”  For instance, Microsoft provides hardware-assisted security technologies in the new feature called Device Guard, which ensures devices are booted securely, whitelists kernel code and offers credential protection and biometric authentication, Crosby notes.

“The primary benefit of Windows 10 is security, but few organizations can contemplate the complex and labor-intensive task of upgrading existing PCs or shoulder the cost of a hardware refresh just to protect credentials and benefit from kernel whitelisting,” according to a Bromium whitepaper. This means the adoption of Windows 10 might be stalled pending a hardware refresh with OEM configurations for Secure Boot and Windows 10 with virtualization-based security. 

Here are seven security features that Microsoft says makes Windows 10 the most secure version of Windows ever.

About the Author(s)

Rutrell Yasin

Freelance Writer

Rutrell Yasin has more than 30 years of experience writing about the application of information technology in business and government. He has witnessed all of the major transformations in computing over the last three decades, covering the rise, death, and resurrection of the mainframe; the growing popularity of midrange and Unix-based computers; the advent of the personal computer; client/server computing; the merger of network and systems management; and the growing importance of information security. His stories have appeared in leading trade publications, including MIS Week, The Report on IBM, CommunicationsWeek, InternetWeek, Federal Computer Week, and Government Computer News. His focus in recent years has been on documenting the rise and adoption of cloud computing and big-data analytics. He has a keen interest in writing stories that show how technology can help spur innovation, make city streets and buildings safer, or even save lives.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights