NSA Adds Windows 10 and Surface to Classified List, New Enterprise Security Innovations

NSA adds both Windows 10 and Surface devices to list for classified government use. Microsoft intro big list of enhanced security capabilities: SEMM, WDATP, Windows Hello, Windows Analytics.

Share online:

On Friday, further strengthening its security portfolio offering to customers, Microsoft announced several new security technologies, services and collaborations.

"Microsoft is building a security platform that looks holistically across all of the critical endpoints of today's cloud-first, mobile-first world," writes Microsoft's Bret Arsenault. "Our platform integrates security products and features across Azure, Windows, Office 365, SQL Server and more to better protect identities, apps, data, devices and infrastructure," Arsenault said.

The new technologies and services introduced on 02/10 are part of the RSA conference in San Francisco include:

  • NSA adds Windows 10 and Surface to list for classified use
  • Enhanced security capabilities with Surface Enterprise Management Mode
  • Extending device management in Windows 10
  • New enhancements to Windows Defender Advanced Threat Protection
  • The quest for No More Passwords with Windows Hello
  • Turbo-charging your deployments with Windows Analytics

Windows 10, Surface Pro 3, Surface Pro 4 and Surface Book have been added to the NSA's Commercial Solutions for Classified Programs (CSfC) list.

"While Surface is enabling enterprises to take ownership, modify, lock out and otherwise control hardware configuration, security and OS behaviors via Surface Enterprise Management Mode (SEMM)," he said.

SEMM can be deployed on any Surface Pro 4, Surface Book and Surface Studio—and allows an organization to take ownership, modify, lock down, and otherwise control hardware configuration, security, and OS behaviors within the device firmware.

"Hardware configuration rules can be applied to Wi-Fi networks, Bluetooth, Ethernet, time of day, application access and certificates that can be included in initial deployments or dynamically pushed via the cloud."

"SEMM is easy to use and allows IT managers to deploy their Surface devices in custom configurations to help protect against evolving attacks. It also requires both physical possession of the device and unique certificate signatures to make any changes, helping to prevent modifications in the event of device loss or theft and providing additional security authentication beyond simply trusting local administrator or BIOS passwords."

See how SEMM works in the following video:

Extending device management in Windows 10

Microsoft also bringing many security settings and configurations from the Security Baseline Policies, (previously available through Group Policy), to MDM solutions with Creators Update.

Additionally, MDM Migration Analytics Tool (MMAT) allowing simple symmetric policy configuration for Windows 10 MDM managed devices is shipped as well. It help analyze and report on Group Policy settings configured within the organization and list those supported by MDM.

New enhancements to Windows Defender Advanced Threat Protection (WDATP) now detecting high-profile security cases such as zero-day attacks, ransomware and other advanced attacks published by research team.

With Creators Update, customers can add customized detection rules as well as perform 'time travel' detections running every new detection added across six months of historical data.

Also, in addition to already available Office ATP and WDATP insights, customers now in single place can view malware reports and other security events from across the Windows security stack, starting with Windows Defender Antivirus.

Microsoft notes, WDATP support will also add to additional platforms starting with Windows Server.

Windows Hello support for on-premises Active Directory only environments and introducing Dynamic Lock in Windows 10 Creators Update to automatically lock a device when the customer is no longer within proximity.

Windows Hello is designed to eliminate the use of passwords, and with Creators Update, all organizations (particularly public sector0 with on premise Active Directory-only environments will be able to use Windows Hello.

"Dynamic Lock to Windows Hello using Bluetooth signals automatically lock a device when the customer is no longer within proximity."

"With Intel as part of Project EVO, Windows Hello will be integrated within Intel's Authenticate hardware-based authentication technology" to help protect from even most advanced attacks.

Public Preview of Update Compliance, the second release from a suite of solutions called "Windows Analytics," announced today, is a free service that provides enterprise customers and IT professionals with a holistic view of Windows 10 update compliance for the devices in their organizations.

Update Compliance is built using Operation Management Suite – Logs and Analytics. It uses telemetry data including installation progress, Windows Update configuration, and other information to provide the following mentioned insights at no extra cost and without additional infrastructure requirements.

  • Information on the installation status of both monthly quality updates and new feature updates

  • Information on the deployment progress of existing updates with a preview of which updates are scheduled to be deployed next
  • Per-device information that may need attention to resolve issues
Windows Analytics Update Compliance in Public Preview
Windows Analytics Update Compliance in Public Preview: Quality Update status in Update Compliance

Those new to OMS, can sign up and add Windows Analytics bundle, which includes Update Compliance and Upgrade Readiness (formerly known as Upgrade Analytics). While, existing customers can simply add Windows Analytics bundle.

"Usage of Update Compliance (Preview) is free and not counted towards any of your existing OMS subscription/quota or the Azure subscription/pay-as-you-go model," writes Microsoft.

To view data in Update Compliance, follow these steps:"New customers create an OMS workspace and link the workspace to an Azure subscription. (get pay-as-you-go model recommended.)"

"Existing OMS customers simply add Windows Analytics bundle (which includes both Update Compliance and Upgrade Readiness)"

All customers:

  • Subscribe to Windows Analytics solutions. (Go to OMS settings > Connected Sources > Windows Telemetry, and click Subscribe.)
  • Copy the Commercial ID Key from Windows Telemetry tab in OMS and configure devices with the key you copied. (You can use Group Policy or MDM to configure.)
  • Ensure minimum telemetry configuration on your devices is set to Basic.
  • Ensure your network configuration allows devices to send telemetry data to Microsoft telemetry service endpoints.
  • Once the data is sent, it will typically show up in Update Compliance within 24 hours, the team explained.

General available now "Enterprise Threat Detection", is a managed security service that provides enterprises with state-of-the-art cyberattack detection and consulting capabilities. "Using a combination of machine analytics, proprietary telemetry sources and dedicated human analysis, the service is uniquely positioned to continually monitor for advanced attacks in the rapidly evolving modern cyberthreat landscape," writes Microsoft.

A new learning path called "Cybersecurity Administration" introduced today, for cornerstone program Microsoft Software & Systems Academy (MSSA), which is part of the company's commitment to help service members gain the critical technology skills required for today's high-paying IT STEM careers prior to transitioning to civilian life.

The new learning path is in coordination with curriculum from (ISC)² and Embry-Riddle Aeronautical University (ERAU), both leaders in cybersecurity.

Microsoft today published a new Enterprise Mobility + Security Playbook, which helps partners to keep customers secure on their favorite apps and devices – and to keep their company data protected.

Retail businesses can today download a free white paper on harnessing the power of data, and check out a free webinar on advanced analytics. "Cloud-based data analytics can help retailers anticipate product trends, forecast consumer demand, and create individualized experiences that build greater customer loyalty and boost sales."

With Microsoft Advanced Analytics, "retailers can use all available data to get a deeper understanding of their targeting strategy, optimize lead generation tactics and improve customer experience."

"To help your retail business make more informed decisions, you can now download a free white paper," says the team, "Retail Insights: Harnessing the power of data" HERE.