by Steve Adams
US Partner Technology Strategist, Windows and Devices
Welcome to this month’s Windows Partner Community blog post
- Register for the October 27 community call (use code MPN)
- Join the Device Guy group on Yammer
- Watch previous calls on demand
In my conversations with partners since the release of Windows 10, identity and security are two of the most asked-about topics. Windows 10 has enterprise-grade security, designed to help businesses protect their data, devices, and identities.
Hasain Alsharkarti is a leading IT security expert, and works closely with Microsoft an MVP in Enterprise Security and as an active member of the Microsoft Extended Experts Team (MEET). I am excited to have Hasain working with my colleagues and me to develop content for our upcoming Windows 10 Masters Series partner training about Identity and Security. This 6-part, level 300 online workshop series begins November 3.
I asked Hasain to share his thoughts about how Windows 10 addresses the concerns businesses have about identity and security. Read on for his take on the topic, which is a good preview for our October 27 community call and the Masters series that starts November 3.
Assume Breach: An Inside Look at Windows 10 Security
There is an often-repeated motto among security experts, that there are two types companies today: those that have been hacked, and those that don’t know they’ve been hacked. Assumption of breach represents an understanding to meet reality, and shifts the mindset from “if” to “when” an attacker gets inside an organization’s network.
Compromised legitimate user accounts are often used to bypass hardened perimeter protection and access unprotected key assets. Based on my experience from numerous penetration testing assignments, credential theft attacks like Pass-the-Hash are most often the major success factors to compromise privileged administrator credentials in an enterprise.
Effective mitigations require a holistic approach that addresses people, processes, and technology. By implementing effective programs on all levels, attackers will be prevented from moving freely and undetected forcing them to trigger detection mechanisms that could help stop the attack.
With Windows 10, we can actively address many modern security threats using features that strengthen identity protection and access control, information protection, and threat resistance. With Windows 10, devices themselves become one of two factors that are required for authentication. The second factor can be a PIN or a biometric, such as a fingerprint. This renders most of the credentials theft attacks ineffective, as the attacker must have the user’s physical device.
Windows 10 also provides the ability to lock down devices, only allowing trusted apps to run. Organizations have the ability to choose what apps are trustworthy. Trusted apps may be signed by the organization itself, be specially signed apps from a partner, or be apps from Windows Store.
Devices running Windows 10 and supported Trusted Platform Module (TPM) technology can benefit the new device health attestation to establish trust based on hardware and software components of a managed device.
What Hasain describes above are some of the most important security technologies that are available in Windows 10. I’m looking forward to having Hasain join me on the next Windows Partner Community call on October 27, as well as for the Identity and Security online workshops starting November 3.