Windows 10 Security Boost Targets Business PCs - InformationWeek
Software // Operating Systems
08:06 AM
Connect Directly

Windows 10 Security Boost Targets Business PCs

Microsoft launches a new Windows 10 security feature designed to give IT leaders more insight into recognizing and addressing cyber-attacks.

9 Windows 10 Apps For A Productivity Edge
9 Windows 10 Apps For A Productivity Edge
(Click image for larger view and slideshow.)

Microsoft has announced a new Windows 10 security feature specifically intended for business devices.

Windows Defender Advanced Threat Protection builds on protection already integrated into the OS. Safeguards such as Device Guard, Credential Guard, Passport, and Windows Hello are some of its measures.

"The ability for [hackers] to compromise networks is incredible," said Yusuf Mehdi, CVP of Microsoft's Windows and Devices Group, in a briefing with InformationWeek. It takes an average of about 200 days for a business to detect a security breach, he explained, and another 80 days to contain it.

[Get ready: Microsoft HoloLens is available for pre-order.]

Advanced Threat Protection is intended to shorten that dangerous time frame by providing a layer of post-breach protection in Windows 10. It's a solution in high demand -- 90% of surveyed IT directors expressed need for a tool to identify and respond to cyber-attacks, Microsoft EVP Terry Myerson wrote in a blog post.

When a breach occurs, ATP provides key information, including who conducted the attack, which PCs were affected, and how the attacks are linked. The feature relies on a combination of cloud-based security analytics, Windows behavioral sensors, and threat intelligence.

The tool accesses data from Microsoft intelligent security graph, which identifies problems based on information from 2.5 trillion indexed URLs on the Web and one billion Windows devices submitting anonymous information.

A built-in dashboard lets administrators explore their entire network for signs of a breach and determine how attackers targeted particular machines. They can also access detailed file footprints across the business to inform attack responses.

This does not only apply to current cyber-attacks, but those that occur over time. ATP lets admins view the state of any given machine over a six-month time frame so they can pinpoint when something went wrong and how it happened.

Admins can also investigate files and URLs by submitting them to isolated virtual machines through a cloud-based detonation service.

The ATP tool will be natively built into Windows 10, though you'll need the Enterprise edition to access the feature, said Mehdi. Machines will be continuously updated via cloud and work with the rest of the Microsoft security suite.

(Image: Pete_Flyer/iStockphoto)

(Image: Pete_Flyer/iStockphoto)

Windows Insiders will start to see code associated with ATP in upcoming builds of Windows 10, likely within the next month, but the exact timing is to be announced. However, the code won't directly affect them unless they are participating in Microsoft's limited testing group.

News of the Advanced Threat Protection arrives shortly after Microsoft published an update on a few initiatives it's taking to improve cloud security in the enterprise.

One of these was the general availability of Microsoft Cloud App Security, which is based on technology Redmond acquired when it bought Adallom last year. The security offering, which is intended to bring IT more visibility and control to Azure and Office 365, will roll out in April 2016.

The built-in security features of Windows 10 were strong enough to receive approval from the US Department of Defense (DoD). Over a one-year time frame, the DoD will upgrade 4 million devices to the new OS. It's a massive project and significant endorsement for a system that Microsoft wants on one billion devices by July 2018.

Rising stars wanted. Are you an IT professional under age 30 who's making a major contribution to the field? Do you know someone who fits that description? Submit your entry now for InformationWeek's Pearl Award. Full details and a submission form can be found here.

Kelly is an associate editor for InformationWeek. She most recently reported on financial tech for Insurance & Technology, before which she was a staff writer for InformationWeek and InformationWeek Education. When she's not catching up on the latest in tech, Kelly enjoys ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll