Windows 10 will use Virtualization for Extra Security.
Windows 10 features, security upgrades often miss the spotlight because of additions like Cortana for desktop, Microsoft Edge, and Universal Apps.
Although, we expect that as Microsoft targets a broad consumer audience with its new operating system, and many people don’t care or aren’t even aware of subliminal security details as the return of the Start menu. Security updates and enhancements are not of interest to everyone.
Some users have specific benchmarks on how their devices and data will be protected on Windows 10. This is an age of high-security risk. No one knows when the attack may happen or what is at risk. The attackers these days are not after money but after DATA.
“The threats that we’re seeing are dramatically different from what we saw four years ago,” Chris Hallum, senior product manager for Windows business security, said in an interview with InformationWeek. “Organizations are still getting breached, even when they have the very best security solutions.”
Today’s attacks are more aggressive and targeted. Detection-based models for pinpointing malware are no longer enough. Most hackers use one of two avenues in a security breach: identity theft and increasingly advanced malware.
In Windows 7 and 8, Microsoft implemented security measures that now seem incremental in hindsight, said Hallum. The goals were to build taller and thicker “walls” to enhance security and create more “speed bumps” to prevent attacks.
No one is 100% Safe. But by implementing processes of cybersecurity, we can reduce the risk of being vulnerable.
Hackers began to adopt new capabilities faster than Microsoft was changing its features. As data breaches began to escalate rapidly, the team decided it was time to “fundamentally change the game with attackers,” Hallum explained.
“With Windows 10, we took the time to change the platform to make the interior hard as the exterior,” he continued. One of the biggest security updates in Windows 10 is the use of virtualization to prevent identity theft and the distribution of malware.
The Windows component that facilitates communication, also known as the local security authority (LSA), can give a hacker full authentication is successfully compromised. In Windows 10, the LSA is moved into a separate container that serves as a virtualization-based security (VBS) environment.
This way, even if the OS were compromised, an attacker wouldn’t be able to assume control of the authentication process.
LSA is the same service that interacts with derived credentials, which provide authentication across a network when you use a single sign-on. “Attackers love to steal that content,” said Hallum, because once they’re inside, they can navigate the network without accessing the rest of your information.
With data protected inside the VBS container, Windows 10 marks the first version of Windows to leverage hardware to create an area of high isolation. This makes it impossible for hackers to steal derived credentials, Hallum explained.
Of course, this isn’t the only advanced protection we’ll see in Windows 10, but the hardware component does merit discussion. Microsoft has introduced a range of new security features, including additional authentication safeguards Windows Hello and Passport.
To further enhance enterprise security in Windows 10, Microsoft will administer OS updates through “Long Term Servicing Branches.” This will give businesses greater security and control over how they receive new features and more flexibility in adopting innovation at their own pace.
A “Current Branch for Business” will accommodate enterprise customers who handle end-user devices that aren’t necessarily mission-critical. In addition to security updates, these customers will receive feature upgrades after compatibility has been ensured in the consumer market.