To respond to the increasing sophistication of cyberattacks, Microsoft IT implemented a new cloud-based service, Windows Defender Advanced Threat Protection (ATP). Focusing on the small number of attacks that originate from advanced adversaries, Windows Defender ATP draws on machine learning, big data, and security analytics to help us detect, investigate, and respond to advanced, targeted attacks on our network, without building costly, on-premises solutions.
Windows 10 introduced a new way to streamline operating system updates—Windows as a service. Microsoft IT uses in-place upgrades and agile methodology to promote Windows adoption. We’ve streamlined application compatibility testing, established pilot deployments with early adopters, tracked progress through visual workflows, and made data-driven decisions using Upgrade Analytics. As a result, we were able to quickly deploy Windows 10, Windows 10 November update, and Windows 10 Anniversary Update across the company.
Microsoft relies on Microsoft IT to maintain stable, consistent performance for line-of-business applications. As platforms move from product to service, more frequent product updates require a shift in our application compatibility testing methodology. We centralized processes, rationalized our application portfolio, and leveraged virtualization and automation to rapidly deploy products and updates. Streamlining our processes increased our testing efficacy—reducing the time, cost, and effort of each test cycle.
To provide employees with a choice of work computers, Microsoft IT maintains a list of standard devices that meet our requirements for performance, user authentication, secure connectivity, and information security. Built to support Windows 10, standard configurations of Surface Book and Surface Pro 4 meet our device criteria for deployment. For ease of device management, we use standard tools and utilities that help us manage, configure, and protect Surface devices within the enterprise.
With a faster release cadence for Windows 10 upgrades, it’s important that we quickly identify potential deployment blockers and issues. Microsoft IT implemented Windows Upgrade Analytics to help us gain a better understanding of the Microsoft environment and insights about our upgrade readiness. Upgrade Analytics provides computer, application, and device driver inventory—along with guided workflows we can use from pilot to deployment, and tools to help us make data-driven decisions about our application portfolio.
To help protect against credential theft, such as pass-the-hash attacks, Microsoft IT enabled Credential Guard across our network on all Windows 10 devices. Credential Guard isolates derived domain credentials—and the process for managing them—in a secure container, using Hyper-V and virtualization-based security. It's one more way we reduce our risk profile and secure our network against cyber security threats.
Engage directly with Microsoft IT subject matter experts and get best practices, insights and answers.