Microsoft ramps up Windows 8 security for IT consumerisation

Microsoft is building antivirus and secure, role-based authentication into Windows 8 to make the OS enterprise-ready

Microsoft claims Windows 8 is "a better Windows" than Windows 7. In particular, the company has focused on improving security to ensure users of Windows 8 tablets can securely connect to corporate networks.

It is building antivirus (AV) and secure, role-based authentication into Windows 8 to make the operating system (OS) enterprise-ready.

During the Windows 8 preview day in Amsterdam, Bill Karagournis, group program manager at Microsoft, demonstrated the work Microsoft had done with the UEFI (unified extended firmware interface), a group comprising hardware companies and chip makers, to validate the operating system when it boots up. 

On a PC, the Bios (basic input output software) that runs as soon as it is switched on, loads what is called a boot loader program, that then starts Windows. Hackers can intercept the boot loader to make it run rogue software before Windows starts, circumventing Windows security. To prevent this, the firmware validates that the OS boot loader is clean.

If the boot loader has been corrupted, the firmware on the PC restores it to prevent the rogue software from running.

Doug Ingalls, program manager for security and identity at Microsoft, discussed the Trusted Platform Module (TPM) on Windows RT tablets, that emulates two-factor authentication, by storing a Pin number securely. 

He claimed that through the TPM, Windows 8 can emulate smartcard authentication, avoiding the need for users to carry a security key to access corporate networks.

Active Directory, through the Azure cloud service, will be used to provide role-based access, using the policy management features in the Windows Active Directory.

On top of this, Microsoft has extended its Windows Defender security tool with a built-in AV scanner. Commenting on the improvements, Ovum analyst Richard Edwards said: “Hackers will target employees, so the security improvements add value in the enterprise.”

In the Gartner paper Windows 8 changes Windows, Gartner research director Michael Silver noted that in terms of security, "Applications are protected (isolated) from one another and from the OS through a sandbox arrangement, where applications can only see their own files."

The paper also highlights the Windows store as a boost to security, since applications will only be available from Microsoft's official application store or using a technique within the enterprise called sideloading, to install approved corporate applications. 

The Gartner paper states that using the application store to download apps onto Windows RT tablets will ensure applications are free of malicious software (malware) and the application programming interface (API) used is not different than the developer states.

Read more on Microsoft Windows software

Data Center
Data Management