Microsoft bolsters Windows 11 enterprise Zero Trust security

By on
Microsoft bolsters Windows 11 enterprise Zero Trust security

Hardware features aim to make hybrid work safer.

Microsoft intends to add a slew of new enterprise security features with hardware support to Windows 11, in an effort to make distributed, hybrid workplaces safer.

Among these is the Pluton Security Processor, which is regularly kept fresh through Windows Update.

Microsoft said Pluton is regularly penetration tested, optimised for performance and reliability and offers protection against physical attacks through integration with central processing units (CPUs) in computer systems.

Pluton is built on Microsoft's Zero Trust security model with improved authentication, lowered privileged access levels and other defences like assumed-breach and verified end-to-end encryption.

The security processor will have its firmware automatically updated by Microsoft, with no enterprise administrator intervention required.

Windows 11 will also bring in Smart App Control that prevents users from running malicious and untrusted applications, using code signing along with cloud-based artificial intelligence.

Users will also be "protected from themselves" with the Config Lock in Windows 11 that detects and prevents changes to the system Registry configuration databases and reverts these.

Ransomware and malware attacks will be tackled through Hypervisor-Protected Code Integrity (HVCI) virtualisation enhancements to stop users from running vulnerable drivers, leveraging Microsoft's Windows Defender Application Control blocklist.

Uer account and credentials security in Windows 11 for enterprise customers will get a boost through enhanced phishing detection with the Defender SmartScreen, Microsoft said.

Enterprise editions of Windows 11 will also come with the Credential Guard feature, that protects against common login detail theft techniques such as pass-the-hash and pass-the-ticket, even if malware is running with Administrator privileges.

Microsoft will also ensure that the Local Security Authority (LSA) process, one of several to verify user identities, will be better protected in Windows 11, ensuring it only loads trusted, signed code.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
microsoftoffice 365securitywindows 11zero trust

Sponsored Whitepapers

Responding To Industry Trends And Our 5m+ Users
Responding To Industry Trends And Our 5m+ Users
The Future of Digital Identity in Government
The Future of Digital Identity in Government
Secure Public Services for Every Australian
Secure Public Services for Every Australian
7½ Questions for Aged Care's Digital Decisions
7½ Questions for Aged Care's Digital Decisions
Creating the Sustainable IT Department
Creating the Sustainable IT Department

Most Read Articles

Australia appoints first cyber security coordinator

Australia appoints first cyber security coordinator
Apple rushes out patches for exploited zero day bugs

Apple rushes out patches for exploited zero day bugs
Perpetual 'extended outage' caused by security incident at third-party

Perpetual 'extended outage' caused by security incident at third-party
Exploit emerges for Cisco VPN client vulnerability

Exploit emerges for Cisco VPN client vulnerability

Digital Nation

How eBay uses interaction analytics to improve CX
How eBay uses interaction analytics to improve CX
More than half of loyalty members concerned about their data
More than half of loyalty members concerned about their data
Health tech startup Kismet raises $4m in pre-seed funding
Health tech startup Kismet raises $4m in pre-seed funding
COVER STORY: The opportunities and risks of cybersecurity insurance in Australia
COVER STORY: The opportunities and risks of cybersecurity insurance in Australia
DeepAI founder on the risks of artificial intelligence
DeepAI founder on the risks of artificial intelligence

Log In

  |  Forgot your password?