“Our Windows Secure by Design strategy is a comprehensive approach to ensuring that Windows 11 is the most secure operating system we have ever built, from the moment you power on your PC,” says Microsoft.
Tech events spell an exciting time for companies and consumers, as both chart a course together for the future of the organization and the services it aims to provide. While the Copilot AI was an obvious central talking point for the company, safety and security also emerged as a key focus of Microsoft Ignite 2024. Conducted on November 19, the buzz around the event took on a more somber note considering the Crowdstrike failure that occurred earlier this year.
Emphasizing the importance of staying protected from all kinds of digital threats in the modern world, Microsoft Ignite 2024 highlighted security in a very detailed manner. The company announced the Windows Resiliency Initiative to help for a faster recovery cycle in case of another incident, as well as other updates to the security system at Microsoft.
Security Takes Center Stage at Microsoft Ignite 2024
Microsoft has been struggling with the Copilot branding like a teenager trying to settle on the perfect gamertag for the rest of their gaming career, however, this remains a minor concern compared to the other challenges faced by the business.
The Crowdstrike incident back in July affected over 8.5 million Windows PCs and servers, decimating a huge chunk of the confidence that users had in the Microsoft brand. Before we get into talking about its “cutting-edge AI tools” and the wonders of the Copilot+ PCs, it is essential for users to understand the security investments being embraced by Microsoft.
One of Ignite 2024’s primary device security features is the Windows Resiliency Initiative which aims to bring core changes to the system to make it easier to recover Windows machines in case of another Crowdstrike-esque incident.
It focuses on four main areas: strengthening the system based on learnings from the incident, allowing a larger number of apps and users to run without admin permission, improving the controls for the apps that are allowed to run, and delving into identity protection in order to prevent phishing attacks.
The security update at Microsoft Ignite 2024 also mentions a “Quick Machine Recovery” feature that will allow IT administrators to conduct targeted fixes remotely from the Windows updates, even if the machine is incapable of booting up. Alas, this capability is a while away as it will become available to the Windows Insider Program community only in 2025.
Microsoft Discusses Raising the Bar on Security
In addition to the recovery precautions on Windows, Microsoft recently held a summit with its Microsoft Virus Initiative (MVI) partners to discuss what they can do to enhance security. From additional testing to improved incident processes to safe deployment practices, the Redmond-based tech giant explained its attempt to encourage partners to ensure the best practices in all things security.
“With Windows 11, we’ve achieved a remarkable 3x reported reduction in firmware attacks and 2.9x fewer instances of credential theft compared to Windows 10.”
Microsoft also discussed hardware security, bringing up the TPM 2.0 and Secure Boot features in Windows 11 PCs for defense against sophisticated attacks. Copilot+ PCs have a built-in Microsoft Pluton security processor, for ensuring protection at the core of the device.
Giving Users Greater Control and Simplifying Device and Data Protection
We then have the Smart App Control and App Control for Business policies which are designed to help regulate what apps run on your device. These give IT admins a greater amount of control over what apps are able to function on the device and ensure only verified apps filter through to the user.
Another interesting point of note in Microsoft’s security updates is the administration protection feature. This is designed to give employees some amount of control over their PCs and the permissions required to run them.
“With administrator protection enabled, if a system change requires administrator rights, the employee is prompted to authorize the change using Windows Hello. Upon approving the change, Windows creates a temporary isolated admin token that is destroyed once the process is completed,” Pavan Davuluri, Corporate Vice President, Windows + Devices, explains.
Multifactor authentication is all the craze right now and Windows Hello is ready to shine here as well. The feature has passkey support for users to access their data easily, without compromising it by mistake. This extended capability of Windows Hello will also come in handy while accessing specific folders that can be encrypted and locked to prevent access until authentication is provided.
There is also the Hotpatch capability with Windows 11 Enterprise 24H2 and Windows 365, which will allow businesses to apply critical security updates without having to restart the system, giving them a chance to respond to a problem swiftly before any damage is done. Fast action that doesn’t require a reboot is always a welcome change.
These security updates for Windows from Ignite 2024 may not be the most exciting for those who want new, fun features to try out, but they may just be the most important aspect of the announcements made by Microsoft this time.