Take advantage of built-in Windows 10 security features that can help you protect personal data and stay secure and accelerate your path to GDPR compliance.
Today’s threat landscape is wide and varied, full of aggressive and sophisticated attacks. Cybercriminals increasingly focus on large-scale intellectual property theft; targeted system degradation that can result in financial loss; and now even cyberterrorism that threatens the security of individuals, businesses, and national interests worldwide. These attackers are typically highly trained individuals and security experts; some are employed by nation states with large budgets and seemingly unlimited human resources. Threats such as these require an approach that can meet this challenge. Enter Windows 10.
Windows 10 is the most secure version of Windows yet, and includes the following next-generation security features to help keep your information safe from attacks.
BitLocker encrypts data on a device, preventing anyone from accessing the data by bypassing the operating system. If a device is lost, stolen, or inappropriately decommissioned, BitLocker reduces the threat of data theft or exposure.
Windows Information Protection (WIP) reduces the risk of accidental data leaks from employees. WIP categorizes information as either personal or business, determines what information apps can access, and provides the administrator with control over what users can do with business data (for example, Copy and Paste restrictions).
Containers isolate sensitive operating system functions, helping to keep core functions secure and running even when the operating system has been compromised.
Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that’s tied to a device and a biometric or PIN verification.
Windows Defender Credential Guard uses virtualization-based security to isolate sensitive system data so that only privileged system software can access the data. Unauthorized access to this data can lead to credential theft attacks such as Pass-the-Hash or Pass-The-Ticket. Credential Guard helps prevent these attacks by protecting NT LAN Manager (NTLM) password hashes and Kerberos Ticket Granting Tickets.
Windows Defender Antivirus is a state-of-the-art antivirus solution that uses cloud intelligence, machine learning, and behavior analysis to rapidly respond to emerging threats and protect your devices from them.
Windows Defender Advanced Threat Protection is a security service that helps enterprise cybersecurity teams detect and respond to advanced threats on their networks.
Windows Defender SmartScreen helps to protect your employees if they try to visit known phishing or malware sites, or if an employee tries to download potentially malicious files.
UEFI and Secure Boot help prevent firmware malware by verifying the digital signatures of the device’s firmware before running it. Only the PC hardware manufacturer has access to the digital certificate that is required to create a valid firmware signature. UEFI uses the firmware signature to prevent firmware-based bootkits.
Windows Defender Device Guard is a combination of hardware and software security features that—when configured together—lock a device down so that it can only run trusted applications. If the app isn’t trusted, it can’t run, period. It also means that even after managing to get control of the Windows kernel, an attacker will be much less likely to run malicious executable code after the computer restarts because of controls over what can run and when.