Windows 10 has put Windows back on the business agenda, and while this partly comes down to new features and a revamped interface, Security is a factor. Most organisations now face tougher data security challenges than ever before, and Windows 7 is struggling to cope. Windows 10, however, is built with these challenges in mind and for the challenges we'll all be facing in the next few years to come.
New ways to authenticate
Passwords are always going to be a problem. If users aren't forgetting them, they're sharing them across different services or using passwords that can easily be cracked through social engineering cons, brute force attacks or simple password phishing. It might not even be your security that falls down. A UK survey published last November found that 62% of people re-use the same password across multiple accounts, meaning a hack on an online store or social media network could give cyber criminals the keys to accounts on your network.
Microsoft hasn't been blind to this growing problem. Windows 10 introduces a better way of doing things, combining Microsoft Passport and Windows Hello. Windows Hello is a brand new feature that allows users to unlock their systems using facial recognition, iris recognition or a fingerprint, making biometric security part of Windows for the first time. Instead of relying on weak passwords as a proof of identity, companies can rely on something more concrete: the unique characteristics of the user themselves.
Facial recognition that works
Previous facial recognition and iris recognition systems haven't always been reliable. Some have struggled with lighting or day-to-day differences of appearance, while the weaker implementations we've seen with some smartphones are a little too flexible, unlocking for a picture or even someone with a broadly similar face. The technology in Windows Hello does things differently.
Using Intel's RealSense 3D Cameras, which uses the infrared spectrum to map objects in a 3D space, it can recognise your face in a range of different lighting conditions, and still recognise you if you change your hair, wear make-up or grow or shave a beard. It doesn't matter if you're booting up your Windows laptop outside in bright sunlight or indoors in a darkened conference room. Windows Hello still knows who you are.
What's more, this technology makes Windows Hello more secure. It can't be fooled by a picture of your face or with a retinal scanner a photo of your eye. If the person logging on isn't you, they won't get in. Last year the Australian newspaper, The Australian, tried Windows Hello with six sets of twins, and at no point did the system grant access to a twin trying to log-on using their sibling's account. Add the fact that all the biometric data is stored on the device and not shared on any central server, and Windows Hello is an authentication system that even the most sensitive companies can rely on.
Your face is your passport
That's important, because Windows Hello works hand in hand with Microsoft Passport. Passport is a new approach to authentication that authenticates securely with applications, websites, networks or resources on the user's behalf. Effectively, it uses Windows Hello or a PIN number to check that you are you and verifies that the device you're using is your device. Once that's done, you can use supporting websites, applications and services without entering a password and crucially for business users access Active Directory and Azure Active Directory accounts.
The one downside of Windows Hello is that it requires specific hardware, either a compliant fingerprint scanner or a RealSense 3D camera, and many PCs, laptops and tablets don't qualify on either count. However, the HP Envy 15t laptop and the HP Sprout next-generation desktop both feature RealSense 3D cameras, and it's a feature that should roll out to other models in the coming months. What's more, the majority of HP's current business notebooks already feature built-in, hardened fingerprint readers, compatible with Windows Hello.
Protecting Your Data
Windows 10 also brings in Enterprise Data Protection, a technology designed to reflect and secure a very different IT landscape from the one that met Windows 7 six years ago. Today's workers may use personal devices while in work and company devices while working remotely on the road or at home. Whatever the company policy, they're still happy to email files, copy them to USB memory sticks or store and share them on cloud-based services, putting security at risk.
Windows 10 mitigates against this with an enhanced version of BitLocker, but also adds Enterprise Data Protection (EDP) to secure your data. Working with the management services in Active Directory and Azure Active Directory, it separates corporate and personal data with minimal impact on the user. At the same time, it allows companies to audit, track and manage the movement of data, ensure encryption policies are followed and control which apps have access.
Load up Outlook, and both corporate and personal messages appear side-by-side, but clearly marked to show which is which. Documents are also tagged and controlled, making business documents auditable, trackable and manageable. The experience is seamless, too. If need be, a company can wipe corporate data from devices while leave personal files in-situ, and there's no need for users to switch accounts or sign in and out to find the documents they need. What's more, encryption now works at a file level, meaning that it follows the data wherever it goes. Copy a protected file from a laptop to a tablet or to a USB memory stick and it remains encrypted and protected, just as it would be on the work PC.
You'll find EDP supported by the latest business-ready Windows 10 devices, including desktops, laptops and convertibles from HP.
Find out how HP can make your Windows 10 PC even more secure with HP BIOSphere.
