Monday, April 15, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

ComputerWorld Independent 

Windows 11 — we haven’t seen anything, yet

admin , ,

Credit to Author: Rob Enderle| Date: Wed, 06 Apr 2022 10:24:00 -0700

Disclosure: Microsoft is a client of the author.

Microsoft this week had an analyst event about Windows 11 and a variety of productivity, management, and security features the company has planned. Over the last couple of years, Microsoft has aggressively improved both Windows and Office 365, but the big change ahead is the potential blend of Windows with Windows 365. We’ll see that start by the end of the year. The end game should be what appears to be a Windows desktop that integrates so well with the cloud that it can, when necessary, seamlessly switch between instances to comply with company policy, assure security, and provide recourse on automatic demand from Azure Cloud. 

One of the big improvements to both Windows 10 and 11 involves security. Until the early 2000s, Microsoft didn’t take security seriously and left it up to firms like McAfee and Symantec to fill the gaps.  That was the one lesson Microsoft should have learned from IBM back in the 1980s, though it did learn the lesson eventually. Now, the focus on security at Microsoft is not only serious but has impressively advanced year-over-year.

This also means the company is moving far more quickly to address security threats and rearchitecting Windows for those threats. In the past, there was little incentive to do so outside of usability and UI changes (which in Vista and particularly Windows 8 worked against early deployment). Today, the risk of staying on an old version is the increased likelihood that credentials will be compromised, systems will be penetrated, and systems that haven’t been updated become a host for malware, and especially ransomware.

I’m an ex-internal auditor and my team used to penalize folks that made penny-wise but pound-foolish decisions, like delaying an OS upgrade when that decision opened the firm to attack. By penalize, I mean those employees were fired. Today’s risk landscape is so extreme that practices need to favor an approach that focuses more on protect against malware and worries less about limiting upgrade pain.

Companies might also want to favor Secure Core PCs in their specifications for much the same reason:  they offer the strongest protections for hardware, software, firmware, access, and credentials without adversely impacting productivity. It has simply become far too risky to put off changes that maximize your security profile. Being current on the OS, up to date on patching and having the most secure hardware can go a long way to assuring that the next breach will happen to some other company. Microsoft has even created a unique security processor called Pluton, which should be in your PC spec as a requirement from now on. 

As soon as Satya Nadella took over as Microsoft CEO, the company began its pivot from a desktop software OS and platform company to a cloud software and platform company. It should be no surprise that Microsoft is now beginning to integrate the two offerings. Initially, this will allow companies to maintain cloud instances of Windows that are potentially far more secure than desktops — and they can remain secure, even on consumer-grade hardware. Initially, this will allow increasingly seamless movement between both environments, and each environment will be lock-tight secure. So, if one side is compromised, the other won’t be infected. 

Users will be able to move so easily between environments that they’ll automatically pull from cloud services as needed, whether a hybrid or cloud-only environment, never knowing or caring about the difference.

Microsoft talked up a host of other features to better organize files and folders; provide greater flexibility for hybrid work; and improve remote management and provisioning. But it’s the big improvements on security and cloud integration that will make the most difference. The first will push ever more aggressive upgrade cycles to deal with growing threats; the second goes down the path of automating every aspect of desktop management, with artificial intelligence (AI) technology adapting dynamically to how each user works. 

The idea of using AI to uniquely modify the user experience based on how you use the tool is the biggest promise of AI — systems that adapt to you rather than the other way around. When that starts rolling out shortly, it will forever change the Windows experience, and could be a bigger advance than Windows 95 represented. 

Microsoft is stepping up with some fascinating advances later this year. I’m eager to try them out.

http://www.computerworld.com/category/security/index.rss