New Windows 10 and Office 365 features for the secure productive enterprise
FYI, this story is more than a year old
Today I am pleased to join Scott Guthrie and Satya Nadella at Ignite, the largest IT conference in the industry with more than 20,000 attendees. It’s an exciting time to be in IT, with the modern workplace creating a major shift in the way people work.
Information is abundant, experiences and data must easily move across multiple devices, and collaboration is critical as the workforce becomes more mobile and more global.
At the same time, security has never been more challenging as attacks have become more advanced and targeted, with the average data breach costing $12 million and costing an estimated $3 trillion in lost productivity by 2020.
To help businesses take advantage of the modern workplace while protecting their greatest assets, Microsoft has invested in enabling the digital transformation of business – helping connect employees and optimise operations with enhanced productivity in secure environments.
To aid their digital transformation, starting on October 1 businesses can get the Secure Productive Enterprise (SPE), with Windows 10 Enterprise, Office 365, and Enterprise Mobility + Security (EMS), with the flexibility to deploy either on-premise or in the cloud.
With more than 400 million monthly active devices now running Windows 10, enterprises are moving faster than ever to the most secure Windows.
“Windows 10 is the first operating system to deliver a completely integrated mobile and cloud experience to our entire workforce. It’s the only operating system that can unlock the full potential of our employees, while still providing the security and control we require to operate our company." — Mike Macrie, Land O’Lakes CIO
Combined with the 70 million commercial monthly active users of Office 365 and Azure Active Directory in EMS protecting 1 billion logins each day, customers like Expedia, Goodyear, and Facebook are already taking advantage of these technologies.
Today our security offering gets even stronger, delivering even more value for SPE customers, with the introduction of Windows Defender Application Guard – which makes Microsoft Edge the most secure browser in the enterprise – and the expansion of our Advanced Threat Protection technology across Windows 10 Enterprise and Office 365 for complete protection across endpoints and in the cloud.
“We chose Windows 10 because of the myriad of enhancements; from faster boot & login times, security offerings, and mobile friendly enrichments. Modern technologies such as BitLocker, Credential Guard, and Windows Defender Advanced Threat Protection offer end-to-end security features that promote mobility while reducing worry." — Armand Campo, Director, IT Systems, Expedia
Announcing Windows Defender Application Guard for Microsoft Edge
Since we released Microsoft Edge, we have been making continuous improvements with hundreds of new features and security enhancements to deliver the fastest and safest browser. While Microsoft Edge has the lowest number of vulnerabilities of any major browser on Windows, any vulnerability in the browser is a risk for businesses that must protect their networks and data from increasingly sophisticated and targeted threats.
Today we announced a new addition to the extensive Windows 10 security stack with a revolutionary security improvement to Microsoft Edge. Windows Defender Application Guard uses virtualisation-based security technology to protect against advanced attacks coming from the Internet, helping to protect the enterprise’s devices, employees, data and even their corporate networks. This level of protection has never been more important, as the majority of attacks start in the browser.
Unlike other browsers that use software-based sandboxes, which still provide a pathway for malware and vulnerability exploits, Microsoft Edge’s use of Application Guard isolates the browser and employee activity using a hardware-based container to prevent malicious code from impacting the device and moving across the enterprise network.
This robust security service helps protect enterprises from malware, viruses, vulnerabilities, and even zero-day attacks. Once enabled, enterprise administrators can configure a trusted network site list policy and distribute the group policy to any devices it wishes to protect with Application Guard.
Even if an untrusted site successfully loads malware, the malware is unable to reach beyond the isolated container to steal data or permanently compromise devices or the network. Once the employee exits their Microsoft Edge browsing session, any malware is erased, preventing further attacks.
With Application Guard, Microsoft Edge becomes the browser standard for the enterprise and Windows 10 becomes the first operating system to ship this type of technology alongside a browser. It will become available to Windows Insiders in the coming months and roll out more broadly next year.
Combining Windows 10 Enterprise and Office 365 Advanced Threat Protection Intelligence Graphs
We recently released Windows Defender Advanced Threat Protection (WDATP), a cloud-based service to help enterprises detect, investigate, and respond to advanced attacks on their networks. WDATP is powered by a combination of Windows behavioral sensors, cloud based security analytics, threat intelligence, and by tapping into the Microsoft Security Graph.
WDATP is already protecting hundreds of customers such as Emirates Airlines, Humanitas, Cellcom, Avanade, and Pella across more than 800,000 endpoints.
“The information our team is able to obtain through Windows Defender ATP is nothing short of impressive. When we need easy to read forensic data, it does a perfect job of giving us timelines at impressive speeds. It’s an invaluable tool for greater visibility into our environment." — Daniel Betz, IT Security Engineer, Union Bank & Trust
Today, we’re introducing threat intelligence sharing between WDATP and Office 365 Advanced Threat Protection, enabling IT to investigate and respond to security threats across Windows 10 and Office 365 more efficiently. By combining the intelligence of WDATP and Office ATP, the Microsoft Security Graph, which analyses over 300 billion authentications processed per month, 200 billion emails for malware and phishing, and one billion Windows device updates – gets even more robust.
Now, IT can identify and follow the complete chain of an attack from an email – to across the network -with detailed timelines and analysis. This real-time access and product integration converts the time to investigate an incident from days or weeks to mere hours.
And the comprehensive security intelligence from Microsoft and our industry partners, including FireEye iSight threat intelligence, puts all the information needed to investigate and respond in an easy, simplified interface with clear steps for remediation. It’s the most comprehensive and robust security solution available today.
New Deployment Tools for Windows 10 Releasing Today
We want all of our customers to experience the most secure Windows and deploy today. Not only are Windows 10 customers seeing a 33% reduction in security issues, customer satisfaction is at an all-time high with organisations seeing many benefits – including installation reduced from 1 hour to 5 minutes.
“Windows as a service has reduced our operating system deployment time by 75%.” — Dorothy Stephenson, Director, ITS Kimberly Clark
To help companies move even more quickly to Windows 10, today we’re releasing Windows Upgrade Analytics, a free service that helps IT easily analyse their environment and upgrade to Windows 10.
Upgrade Analytics works by gathering data about installed hardware and software across devices, analysing the data and providing a snapshot that identifies app compatibility, device and driver readiness and suggested remediation so customers can quickly take action for faster deployments. More than 500 customers have been piloting the service, including The Daimler Group and Ryder Systems Inc.
Additional features include Site Discovery, which lists an inventory of web sites used on an organization’s network that are running Internet Explorer 11 on Windows 8.1 and Windows 7 to help prioritise web application testing prior to upgrading.
The Ready for Windows web site lists software solutions that are supported on Windows 10 and by using Upgrade Analytics, IT can see adoption and vendor support status for applications in use across their enterprise.
With advanced security, all new deployment tools, and purchasing options with the Secure Productive Enterprise, it’s a great time for enterprises to deploy Windows 10.
Some of the customers joining us at Ignite include Crystal Group of Companies, a leading garment manufacturer who uses Windows 10 and the Microsoft cloud to improve clothing design concepts for customers like Victoria’s Secret to rapidly increase delivery time to days, compared to months; and Hendrick Motorsports, who uses WDATP to protect their employees while mobile, some as much as 40 weeks per year.
We are excited by the momentum we’re seeing for Windows 10 and look forward to helping more businesses digitally transform.
Article by Yusuf Mehdi, Corporate Vice President, Windows and Devices Group, Microsoft.