A few weeks ago, Microsoft unveiled its Windows 10 Creators Update with a focus on the software’s benefits for end users when it launches next year. On Tuesday, the company showed a different side of the next major patch for its new operating system, showing off features that will help IT professionals.
Next year, IT folks will get new features focused on security, device management, and upgrade improvements. For one, Microsoft’s advanced security suite for Windows 10 is gaining additional remediation, detection and threat intelligence tools. Administrators will also get new analytics to see how their organization is using the new operating system.
It's part of Microsoft’s continuing push to get large organizations to adopt its new operating system. The company has seen an accelerating number of businesses choose to pick up Windows 10, and these new features may drive more organizations to adopt it in the new year.
Windows Defender Advanced Threat Protection will be one of the biggest beneficiaries of the new update. Microsoft's advanced security threat detection and remediation software will get a slew of new features, including the ability to watch for memory and kernel level exploits, which are being used by advanced malware.
Microsoft is also partnering with FireEye iSIGHT Threat Intelligence to bring its information into the WDATP dashboard so that users can get access to that information alongside what Microsoft offers. In addition, IT administrators will be able to create their own list of blocked behaviors, which can then be shared with other administrators.
That could allow IT folks to share best security configurations for WDATP, in the same way that they share Group Policy settings today. Rob Lefferts, the group program manager for Windows Enterprise and Security, said in an interview that he wants the functionality to go further in the future.
"This is something that we really want to foster," he said. "Not just with our partners like FireEye iSIGHT, but also with the SecOps professionals inside these organizations really working together to track this stuff down.”
On top of all that, WDATP will give IT pros the ability to remotely isolate a compromised device from the network that it's on. Using the Windows firewall, admins can block all incoming and outgoing traffic except for WDATP. That means they could potentially remotely stop an attacker's data exfiltration as it's happening, while still retaining the ability to investigate the device from afar.
The Creators Update will also bring support for mobile application management into Windows, so IT departments can allow users to access work documents from their personal Windows 10 devices without being able to do things like wipe a PC's entire drive.
Sign up for Computerworld eNewsletters.