News Categories

Microsoft has burnished its security credentials and garnered NSA's endorsement too!

By Wong Chung Wee - on 15 Feb 2017, 11:52am

Microsoft has burnished its security credentials and garnered NSA's endorsement too!

The Microsoft Surface Pro 4

Microsoft has announced a number of security initiatives on both its hardware and software services. In fact, some of them have even garnered the endorsement of the National Security Agency (NSA). For a start, Windows 10 and Surface tablets have been added by the agency to its Commercial Solutions for Classified Programs (CSfC) list. This means that Windows 10, and its Surface devices, i.e., Surface Pro 3, Surface Pro 4 and Surface Book, can be used in a classified computing environment as demanded by NSA; however, these devices need to have additional layers of security solutions.

Microsoft Surface UEFI Configurator, the primary workspace of SEMM. (Image source: Microsoft)

One such layered solution is the introduction of Surface Enterprise Management Model (SEMM). This hardware security functionality can be deployed to any Surface Pro 4, Surface Book and Surface Studio. This management tool will allow the organization to administer and control the devices within their respective firmware. For example, with SEMM, an IT administrator is able to disable USB ports and cameras on the Surface devices; he is also able to modify OS behaviors at firmware level.

(Image source: Microsoft)

At the software service level, the Windows Defender Advanced Threat Protection (WDATP) will be updated to allow enterprise customers to add heuristics detection rules. At the same time, customers will be able to analyze past data, up to 6 months, in order to uncover any possible security breaches that weren’t detected earlier. The company plans to extend the availability of WDATP support to other platforms, beginning with Windows Server.

(Image source: Microsoft)

There are some security enhancements made to Windows 10, in particular, Windows Hello, which aims to eliminate the need for passwords. Corporate customers have been able to use Windows Hello within Active Directory environments. In addition, Windows Hello will feature Dynamic Lock to automatically lock a device when the user is away from the device. It makes use of Bluetooth connectivity between the user’s mobile phone and the computing device.

As the Fortune report has observed, manufacturers that wish to get on the CSfC list of the NSA would have to comply with the agency's stringent security requirements. At a glance, with the exception of some iOS devices, Apple's notebooks operating on macOS aren't on the list. You may wish to take a look at the full list.

(Source: Microsoft, NSA via Fortune)

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.