Lets talk Windows 10 security
Check out more posts at:
http://turnerlabblog.azurewebsites.net/?p=1471
Basic Security in Windows 10
Windows Hello
Windows Hello uses biometric authentication to give you instant access to your windows 10 device. Windows hello requires specialized hardware, including fingerprint reader, illuminated IR sensor or other biometric sensors to preform its tasks. The illuminated IR prevents hackers from picture spoofing your login because it gives the computer the able to detect depth in the model.
SmartScreen
SmartScreen blocks known phishing sites that may attempt to steal your identity or personal data. The screener also defends your system from malicious applications and Social engineered attacks by evaluating the website’s content and download integrity against Microsoft’s cloud-based Application Reputation Service.
Windows Defender
Windows Defender is Microsoft’s Anti-Virus. SmartScreen is your first line of defense, defender is your second line of defense which attacks advanced malicious content that makes it past your SmartScreen. Windows Defender is a global cloud service that leverages data from millions of devices to give insights on emerging malware. These insights allow Windows Defender the ability to attack malware quickly, and protect you from future infections.
Consistent Automatic Updates
Windows no longer has a traditional “Patch/Update Tuesday”. Who remembers Service Pack updates? Well, for those who don’t know what those are, they were large critical software update packs that helped with the vitality of your machine repairing glitches and security leaks. You may recall the symptoms; slow networks, downtime because your machine failed the update, and consistent glitches disrupting your workflow. Windows 10 introduces Automatic Updates as they become available so you are always secure and update to date. Good news for IT professionals also, these updates can be controlled by your system administrator so no more downtime! you can test it before you deploy it.
What’s new for Families in Windows 10
Family features are included with windows and help you keep your family safer. Windows devices are connected by a Microsoft account. Microsoft accounts all your settings to roam with the user to all there devices which means you set your settings once and all your devices are secure.
Here are some features that families can enjoy:
- You can block adult websites and set age-appropriate content for apps and games.
- You can view activity reports to ensure safe browsing habits.
- Set computer usage habits for your kits for time frames that work for you.
What’s new for Business in Windows 10
The Basics
Bitlocker, Domain Join, Remote Desktop, active directory support, group policy editor, and the usual Pro package applications.
Biometric capabilities:
mentioned earlier are compatible for enterprise level security.
Azure Support:
Microsoft Azure is an open, flexible, enterprise-grade cloud computing platform. Popular solutions include Web Apps, Virtual Machines, SQL Databases, Machine Learning to provide prospective and analytics, Mobile Backends, and RemoteApps. More Information at:
http://azure.microsoft.com/en-us/overview/what-is-azure/
Deployment
Traditional Management
Group Policy, System Center, and related components, like master data management
Update Provisioning:
IT administrators are now able to configure provisional-package rules on what should be deployed to there companies computers.
Universal Apps
Windows 10 introduced Universal apps which means developers are able to release an app that will work on all your favorite devices that supports a Windows OS.
What’s new for developers in Windows 10
( Information provided from Window Developer Network)
ECC encryption
New APIs in the Windows.Security.Cryptography namespace provide support for Elliptical Curve Cryptography (ECC), a public-key cryptography implementation based on elliptical curves over finite fields. ECC is mathematically more complex than RSA, provides smaller key sizes, reduces memory consumption, and improves performance. It offers Microsoft services and customers an alternative to RSA keys and NIST-approved curve parameters.
Microsoft Passport
Microsoft Passport is an alternative method of authentication that replaces passwords with asymmetric cryptography and a gesture. Classes in the Credentials namespace, such as KeyCredentialManger, make it easy for developers to create application using Microsoft Passport without the complexity of cryptography or biometrics.
Microsoft Passport for Work
Microsoft Passport for Work is an alternative method for signing in Windows using your Azure Active Directory account that does not use passwords, smart card, and Virtual Smart Cards. You can choose whether to disable or enable this policy setting.
Token Broker
Token Broker is a new authentication framework that makes it easier for apps to connect to online identity providers (like Facebook). Features such as account username and password management and a streamlined UI provide a greatly improved authentication experience for users.
Useful Resources to get started with your Safety and Security:
Microsoft Safety & Security Center: http://www.microsoft.com/security
Windows Website: http://windows.com
Windows Blog: http://blogs.windows.com
Windows Help: http://windows.com/help
Security in Windows 10 blog post
Forgive me if im being dumb but if these are securiy requirements then i should know what they are? when i see things like tokenbroker with no description whatosoever in my sytem then it is presumed an ememy and destroyed. so why is it like this? I simply got an unnamed non recognised 'logo' then the named file with no description
I like how Windows Defender and SmartScreen work back to back. Provides greater security.
Great article, very informative!