Windows 10: Should my business upgrade?
There is much to consider before making the switch
Microsoft's Windows 10 made its debut in July 2015, six years after the introduction of Windows 7 and today it is increasingly becoming the platform of choice for many small to mid-sized businesses. The reason is that Microsoft dedicated those six years to enhancing the operating systems’ security, convenience and performance while adding new features. They then took it another step further, bringing to life its operating system-as-a-service vision as witnessed in the recent anniversary update released in August of 2016. Today, Windows 10 delivers continual enhancements, cloud enablement, and even greater security than its predecessor. Because of these advancements, many businesses are now considering if it's the right time to upgrade.
Before making the transition however, most businesses want to understand if Windows 10 is safer than Windows 7 because protecting key data and information is the number one concern for most organizations. To help businesses as they make decisions, we outline the Windows 10 security benefits below:
One Operating System for Everything: OneCore is Windows 10's unified and modularized operating system now responsible for powering Microsoft Windows 10, Windows Server, Xbox One, Windows 10 Mobile, Internet of Things (IoT), HoloLens and more. OneCore at its foundational level includes the networking, power management, security, authentication, cryptography, device management, storage, and a handful of other essential components that everything else is built around. Because it has been designed to be the system that rules them all, it is more secure by default.
Biometric Authentication: Windows Hello is a feature that delivers biometric authentication and allows users to eliminate the need for a password when logging in. Simply looking at a Windows 10 device will unlock it by utilizing facial recognition. Another user-friendly way to unlock devices is with fingerprint recognition. These enhancements represent two mighty steps toward a “passwordless” future, which may make life a little more difficult for hackers and more secure for end users.
Built in BYOD Data Protection: Windows 10 also integrates with Microsoft’s Intune, delivered from Microsoft’s cloud. Intune provides mobile device management, mobile application management, and PC management capabilities. The combination of Windows 10 and Intune with Windows Information Protection (WIP), Conditional Access, and Digital Rights Management (DRM) allows businesses to now protect against potential data leakage without negatively impacting the user experience. Simply put, this suite of technologies helps to protect enterprise applications and data against accidental data leaks on enterprise-owned devices and personal devices and it is all done without requiring changes to the organization’s environment or various applications.
Defense Against Malware: Prevention is the best method to addressing security threats. Once a system is infected it can be difficult to detect and remediate. Windows 10 provides strong malware resistance because it takes advantage of secure hardware, which secures the startup process, the core operating system architecture, and the desktop.
For example, Windows 10 offers Secure Boot, a combination of technologies that protect against rootkits, software tools that enable unauthorized users to gain control of computer systems without detection, and other low-level malware. Windows 10 also leverages technologies such as a Trusted Platform Module (TPM), an international standard for a secure cryptoprocessor, and a Unified Extensible Firmware Interface (UEFI), a specification for a software program that connects a computer's firmware to its operating system, to detect changes in the system startup and viruses in or to help keep data secure.
For cyber thieves, it's a common practice to use web browsers to gain unauthorized access to a business’ operating system. To help shut down that practice, Windows 10’s Microsoft Edge includes an Enhanced Protection Mode and uses App Container-based sandboxing to protect the system from vulnerabilities that may be discovered in the extensions running in the browser (for example, Adobe Flash and Java) or the browser itself.
There is also built-in anti-malware and anti-virus protection in Windows 10 called Windows Defender. Our company was recently asked to collaborate with the Maine Cyber Security Cluster, a national hub for cybersecurity solutions and workforce development at the University of Southern Maine in Portland, to test malicious threats in its controlled environment against various Windows desktop operating systems and anti-malware software. The collaboration found that the Windows 10 built-in Windows Defender detected and eliminated malicious files while Windows 7 did not (only with additional software was it able to perform the same as Windows 10).
Data Encryption: The BitLocker data encryption feature available with Windows 7 still exists but has been greatly improved with Windows 10. Unlike Windows 7, Windows 10 now supports self-encrypting drives (SEDs). And best of all encryption speed has been dramatically increased. With Windows 10; it takes mere seconds to encrypt a new flash drive, whereas with Windows 7, it could take more than 20 minutes.
Keeping End-of-Life/End-of-Support in Mind: In addition to outlining the security benefits of moving to Windows 10, it’s also important to understand the value of making the switch due to upcoming end-of-support (EOS) dates. Allowing a manufacturer’s product or service to go EOS opens businesses to a number of risks and vulnerabilities including:
- Lack of vendor support should something go awry
- Non-compliance due to licensing issues
- Extended downtime – something no business likes/wants to face
For example, Windows XP (EOS 04/2014) and Server 2003 (EOS 07/2015) have already expired – organizations that maintain these products on their desktops are at risk. Like many manufacturers, Microsoft has all support end dates listed on their website so that consumers and businesses alike can ensure product upkeep and maintenance.
So, whether your organization is ready to make the move to Windows 10 or simply at the stage of considering the benefits of doing so, keep in mind that there are many resources and subject matter experts you can rely on to determine if it is the right fit for your business.
Adrian Wells is a senior network engineer at Systems Engineering with over 20 years of IT experience. He can be reached 603-226-0300 or through syseng.com.