Protecting governments from modern security threats
By Mandy Tidwell, Windows Technology Solution Professional, State & Local Government, Microsoft on February 9, 2016
Filed under State & Local Government
As the number and intensity of cyberattacks increase, cybersecurity has become a major focus for governments around the world. Over the past few years, governments at all levels have been stepping up their protections, yet the threats continue to mount.
Windows 10 has been designed to address security threats in a world of escalating risks. As we were building Windows 10, security was a prime focus. And we’ve incorporated several innovative technologies into our new operating system to protect governments against both current and future threats. Consider the following:
A modern approach to user identity: Until recently, governments have relied on usernames and passwords to authenticate employees’ identity. Yet employees tend to reuse the same username-password combination in multiple places, meaning that once a user’s password information has been hacked, the attacker potentially has access to multiple login sites. Windows 10 addresses this problem with Microsoft Passport, which combines an enrolled device with face, iris, fingerprint information or a PIN to provide a two-step authentication process. Microsoft Passport makes it harder for attackers to steal an employee’s identity because they must obtain the actual device and impersonate users’ facial gestures or fingerprints, which is far harder than stealing a username and password. In addition, Microsoft Passport eliminates the need for employees to memorize or reset passwords—major reasons for calls to the IT help desk.
Enhanced protection against malware: In today’s world, the majority of computer attacks are automated. Malware is constantly changing, and when it infects a PC, it can be difficult to detect and remove. One of the ways that Windows 10 Enterprise protects against malware is through Credential Guard, a new security virtualization feature that separates credential authentication information from other parts of the operating system. By enabling this feature, IT administrators can protect user credential information from malware that finds its way onto user devices. Because the information is isolated, it’s more difficult to reach. In addition, Microsoft has built Device Guard into Windows 10 Enterprise, a new feature that prevents malware from being installed on devices. If enabled by an agency’s IT department, Device Guard will lock down devices so they can run only applications that have been pre-authorized by the enterprise, thereby eliminating the risk of malware creeping into a government’s network.
Simplified spyware detection and removal: Windows 10 also includes an entire new version of Windows Defender, an application that protects computers against pop-up windows, slow performance, and security threats caused by spyware and other potentially unwanted software. Windows 10 runs in the background, scanning everything users download or run on their PC before a file is opened, and then cleaning up and quarantining malware as it finds it. All of this is done automatically and in real time without involving the user. Antivirus updates are also automatically installed without users having to reboot their systems. In addition to detecting and removing malware, Windows Defender helps to protect users from emerging threats by collecting and analyzing information about new security risks from millions of user devices.
Windows 10 is our best Windows yet, and the security it provides is no exception. As governments work to keep their information safe, Windows 10 is right there beside them, helping to protect them against the most nefarious threats. To learn more about Windows 10 security settings, please see our Windows 10 Enterprise security guides.