Last week Microsoft released Windows 10 1809( and paused). You will see an overview of Windows 10 1809 security enhancements in this post. Also, you would be able to learn more details about security survey and also need for automation efforts in security operations world.
I think the security survey results will give you more details on what the industry is thinking about modern security threats and how they are planning to handle it for their environment.
Pillars of Microsoft Threat Protection
Microsoft has a threat protection architecture which is explained in many Ignite sessions this year. Microsoft threat protection includes Identities, Endpoints, User Data, Cloud Apps, and Infrastructure. We have to cover all these entry points to protect and be safe.
As per Microsoft, the following are the practices which you want to implement in your environment to secure your environment end to end.
Attack surface Reduction – Resist Attacks and exploitations
Next Generation Protection – Protect against all types of engineering threats
Endpoint Detection & Response – Detect, investigate, and respond to advanced attacks
Auto Investigation & Remediation – From alerts to remediation in minutes at a scale
Security Posture – Track and improve your organization security posture
Hunting – Active hunting for breach activity
Windows 10 1809 Security Enhancements
There are essential security invests that Microsoft puts in for Windows 10 1809. Some of those security enhancements are explained in the below section.
- When you click Virus & threat protection screen, all display in one window, and you don’t have to go through different windows to analyze. You can quickly take action on threats from this screen.
- Now you can enable a new protection setting, Block suspicious behaviors from Virus & threat protection section and click Manage settings. More details about Windows 10 1809 Security Enhancements below.
- Microsoft added a new assessment for the Windows time service to the Device performance & health section.
- You can see all your Security apps installed in the Windows Security app – Security providers.
- You can see all the firewall apps that are running on your device under each firewall type (domain, private, and public networks) under Firewall & network protection section.
- Standard AAD joined users can enable automatic BitLocker encryption via MDM policy. This will for modern (that passed the Hardware Security Test Interface (HSTI)) and old hardware.
I would recommend reading Microsoft documentation to get more details about Windows 10 1809 Security Enhancements.
Challenges – Windows 10 Security Survey
Most of the IT Pros like me wanted to Secure Endpoints, but we don’t have enough bandwidth and time. Some of the case we may not have access to the right tools. Adaptiva had conducted an industry-wide security survey to know more about the security operations challenges within the industry.
Following are some of the questions answered in the security survey conducted by Adpativa. I think this survey results will give you an overview of what the industry is thinking about modern security threats and how they are planning to remediate it.
- How important is maintaining current, compliant security configuration across all endpoints in your organization?
- Which aspects of security configuration management are the most difficult to maintain across all endpoints?
- Which is the endpoint security configuration management tasks takes the most of your time?
- How often should every endpoint be inspected to see if all software is up to date?
- Do you have enough security operation team to handle all security threats?
- What are the preventing factors from completely automating detection and remediation of health issues?
Microsoft has put in loads of efforts concerning Windows 10 1809 Security Enhancements. It’s now our time as IT Pro to get into the act and close the gaps if there is any.