Windows 10: A new operating system for government IT
By Forbes Insights on July 29, 2015
Filed under Federal Government
Today marks a new era as Microsoft launched Windows 10 for consumers and businesses alike. This is significant in the government space as a key challenge for any agency is keeping up with advances in basic software. Owing to constraints such as limited budgets, slow upgrade cycles and dependencies on legacy applications, most government workers are still using older operating systems, like Windows XP or Windows 7.
We’ve seen huge technology advances in operating system (OS), mobility and cloud-based services as well as more sophisticated and aggressive security threats that are taking advantage of unpatched older software and OS solutions. Many agencies are evaluating Windows 10 to address some of these key trends and those preferring to stay more current can opt for a model of faster-paced, ongoing updates.
A quick overview
New options for updating and migration are only the start of the new features in Windows 10. Some of the more noteworthy attributes of this new operating system release include:
A key challenge for government agencies and private enterprises alike is the need to combat evolving cyber threats. Windows 10 provides an array of tools and approaches for enhancing the security of devices and data.
- One of the greatest weaknesses in any security environment is the use of passwords, which can easily be hacked and used to gain access to secure resources and data. Here, Windows 10 allows agencies to identify individuals and restrict access through integrated 2-factor authentication leveraging biometric mechanisms like facial recognition or fingerprints using the Windows Hello and Windows Passport features.
- Enterprise Data Protection, which will be available later this year, is another innovative security feature in Windows 10, which provides personal and corporate data separation and protection using an encryption container that follows corporate data where ever it goes. It also provides a data loss prevention capability to prevent corporate data from being copied out of corporate files to non-corporate files and locations (e.g.: to a public website or social channels). While acknowledging the reality that most devices today serve a dual role, this feature nonetheless reduces the likelihood that corporate data might be shared or accessed by unauthorized parties either accidentally or intentionally.
- Windows 10 also enhances threat resistance and device security through the use of hardware-based security. Working from a crypto-processor, a Trusted Platform Module (TPM) -approved chip, tools include familiar features like Secure Boot, which helps prevent malware from embedding itself within hardware or starting before the OS, and Trusted Boot which helps maintain the integrity of the rest of the operating system. A new feature known as Device Guard ensures that only signed applications and code can run on these devices. Note that Microsoft is also hard at work moving to fast-track government certifications such as FIPS 140-2, NIAP/Common Criteria and DISA STIGs, often a requirement for those working in sensitive defense or intelligence agencies.
The shift from Windows 7 to the new version will be a smooth one for most agencies.
- Windows 10 features a return to familiar navigation and control features, such as the classic start menu. Desktop icons, menus and the taskbar are similarly familiar, although now they are optimized for touch as well as mouse navigation. This should minimize the need for end user training associated with this upgrade.
- The operating system is also standardized across devices including phones, tablets, PCs, Xbox and IoT devices but also drives next-generation hardware such as Surface Hub and Hololens. This enables agencies to deploy on hardware they have today or plan to procure in the future.
- In addition, new Universal Apps are compatible across phones, tablets and PCs, allowing users to choose the device that’s right for the task. Of particular appeal to government agencies, tablets and 2-in-1s running Windows 10 enable touch-optimized, mobile experiences for field workers such as case managers and field inspectors as well as on-the-go information workers.
If the above isn’t enough enticement to begin the migration from older versions of Windows, Windows 10 also presents the option of ongoing feature and security updates.
- To that end, we are introducing a new approach for business customers, which we are referring to as the Current Branch for Business (CBB). By putting devices on the CBB, enterprises will be able to receive feature updates after their quality and application compatibility has been assessed in the consumer market, while continuing to receive security updates on a regular basis. CBB gives IT departments time to start validating updates in their environments the day changes are shipped broadly to consumers, while also having control through management tools over how the updates are distributed in their environments.
- Alternatively, Windows 10 will also be available in a more traditional servicing option known as the Long Term Servicing Branch (LTSB). This will appeal to agencies needing to optimize for control over mission critical environments than agility.
Worth a close look
Overall, Windows 10 introduces a wide array of security and productivity improvements including dynamic provisioning as well as an easing of deployment processes through in-place upgrades. Moreover, its CBB model presents an intriguing opportunity for agency IT teams to eliminate the three- to five-year overhaul cycle in favor of ongoing updates.
Agencies can learn more about Windows 10 at http://www.microsoft.com/en-us/windowsforbusiness/
For a detailed look at key technology issues in government, read From Promise to Reality: How Local, State and Federal Government Agencies Achieve Results in the Cloud ,a report from Forbes Insights sponsored by Microsoft.