Windows 10 hardening and enterprise security free download

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
This document provides technical guidance on Microsoft security features and tools that can be used to. Windows 10 comes with great security tools for hardening your computer. Here’s our guide to security best practices for Windows
 
 

Windows 10 hardening and enterprise security | CSO Online.Security Best Practices for Your Windows 10 Computer | Carbide

A few months ago, the system administrator for one of my PCI customers asked for help with Windows 7 hardening, given that most of his familiarity was with various Unix flavors. While Windows 10 is not likely to reduce the page hardening document to two pages, it does include some promising features that can make hardening and enterprise management easier, especially important for those in large PCI- or HIPAA-regulated environments.

With the promise of improved hardening and security management, however, comes some inevitable speed bumps. One might say that Redmond giveth, and Redmond taketh away. Under this approach, the Windows 10 upgrade, which occurs in place with little fanfare, is free to most users.

New features and fixes will continue to be rolled out incrementally. This will save Microsoft support dollars in the long run, given that, like Apple, Microsoft will be more likely to have a greater percentage of users on the same major Windows version. That being said, we must expect the company to find some approach to monetizing Windows 10, and it will accomplish this via the Enterprise version, not only requiring its purchase, but ongoing software assurance as well.

One of the more important Enterprise hardening capabilities comes as a byproduct of Microsoft’s incremental approach to new features. For those needing a hardened environment, pushing out frequent new features would spawn an almost continuous effort to test, adjust and approve a each new hardened release. The LTSB will be a stable release, relatively speaking, with only critical fixes being applied. The Windows 10 “free” users, on the other hand, will no longer be able to control which updates they receive.

Windows 10 includes a number of additional features that will be of interest to corporate security officers, including:. The ability to use multifactor authentication for PC access is incorporated into Windows 10 at the OS level. It will support either a biometric device or a PIN sent to a mobile device. This will be useful for corporate environments, particularly in securing lost laptops. As I discussed in “Closing the data floodgates ,” DLP automates the process of monitoring for and masking the transmission or exposure of protected data such as Social Security numbers.

This is normally complicated to implement and manage, but Microsoft is trying to simplify the process by incorporating some DLP features directly into Windows 10, via its Enterprise Data Protection functionality.

This facility includes the ability to recognize and transparently encrypt corporate versus personal data, some remote device wiping capabilities, and audit reports. Prior Windows versions allowed users to install untrusted applications, after a strongly worded warning. Windows 10 has the ability to disallow any untrusted applications, known as Device Guard. This will give security administrators better automated control over users running potentially harmful applications.

Windows 10 provides some inherent protection from certain phishing attacks by placing the user access token , which allows continued user access after initial authentication, in a secure container. This will eliminate certain classes of attacks, such as Pass the Hash and Pass the Ticket. If you are tempted to cede protection of your corporate security to Windows 10 and relax, you may be a bit premature, however.

There are some well-publicized privacy exposures in Windows 10 that will take some work to control. These include Windows 10 sharing your Wi-Fi information automatically with people in your address list, tracking your location, and sending your browsing history to Microsoft so it can “help” you. Security managers will want to make sure these privacy holes are plugged as they deploy new workstations.

Overall, Windows 10 offers much to help the corporate security officers sleep better, but they may be rudely awakened on occasion by nagging privacy issues. Robert C. Covington, the “Go To Guy” for small and medium business security and compliance is the founder and president of togoCIO. Covington has BS in Computer Science from the University of Miami, with over 30 years of experience in the technology sector, much of it at the senior management level.

Here are the latest Insider stories. More Insider Sign Out. Sign In Register. Sign Out Sign In Register. Latest Insider. Check out the latest Insider stories here. More from the IDG Network. How to get the most out of Windows 10 enterprise security features.

Best new Windows 10 security features: Improvements to Intune, Windows Key things to consider before you switch to Windows Old-school anti-virus vendors learn new tricks. Learn how IT leaders are building cyberdefenses.