Microsoft Introduced Newer Safety Features In Windows 10
Microsoft is never proud of the security they provide for their operating systems, every IT professional will agree to this. There were many vulnerabilities in the previous versions of Windows including XP, Vista and 7. Some of those flaws led to massive exploits and made worrying headlines. Network and system administrators are always busy, keeping up with the never ending array of Microsoft security updates. Even if you keep up with all the updates, you still might be attacked using the zero day vulnerabilities. Zero day vulnerabilities are difficult to handle because these attacks occur even before the update to handle them is released.
However, Microsoft has used the moment of releasing Windows 10 Enterprise edition as an opportunity to address this embarrassing issue. This new operating system has two new security features which are designed to address the security breaches in organisations.
Device Guard is the first one which enables enterprises to shut down machines so malware can't function. By allowing only the trusted applications to execute, it forms a kind of firewall against the malware. It is not exactly an antivirus or a malware protection system as it doesn't save you from Java script exploits or embedded macros, but it adds another layer of wall in your defence.
Credential Guard is the second one. This new and unique feature of Windows 10 creates a virtual container for the credentials or sensitive information and keep them safe from the other parts of the operating system. Previously, all these informations were hashed and kept in the LSA or Local Security Authority. Malware could easily access these hashed data and use them to access data and other systems. Credential Guard reduces this risk significantly by limiting access to these data.
However, as cool as they might sound, there is a catch. It is not easy to implement these features. It is certainly a lot more complicated than ticking a box. In fact, both of these features are hardware specific and needs configuration. While most modern enterprise laptops and workstations are loaded with these requirements, these features were not utilised before. Some of these features are Virtualisation Extensions, Trusted Platform Module (TPM), Unified Extensible Firmware Interface (UEFI) and Secure Boot.
Making sure that these settings are present and active can be a huge task for system administrators, especially when we consider the huge number of workstations and laptops a big organisation might have. There are certain software and a few companies who specialise in catering to these particular needs. 1e Nomad is very popular solution amongst the administrators for this purpose.