The Windows 10 Anniversary Update for IT Pros

Next week Microsoft will release the second major update for Windows 10 and there are some updates in this release to consider if you are an IT Pro and considering a migration to Microsoft’s year old operating system.

During the Microsoft Worldwide Partner Conference a couple of weeks ago, Yusuf Mehdi, the corporate VP for the Windows and Devices Group at the company indicated that 96 percent of its corporate customers are currently trialing Windows 10 and considering their own migrations.

A tremendous amount of testing has gone into the Anniversary Update, previously known as Redstone 1 when its development first began late last year, and that impact shows in the momentum numbers for Windows 10.

• Over 350 million devices are now running Windows 10 as of June 29, 2016.
• More than 135 billion hours have been spent by users on Windows 10 actively using the system.
• We have been tracking Windows Insider builds and there have been a total of 50 builds released since last December for testing. That is split almost evenly at 27 PC builds and 23 for Mobile devices.
• Windows Insiders have spent more than 50,000 years worth of time using these testing builds – that is over 18 million hours if you do the math.
• During that usage by Insiders, they have also submitted 75 million pieces of feedback and more than 5,000 features and fixes have made their way into Windows 10 as a result of that feedback.

I did a full review of the Windows 10 Anniversary Update, which will begin its roll out to current Windows 10 users on August 2, over on the Supersite: Windows and that review highlights the areas that are getting a lot of attention in this release.

Admittedly, the new features covered in my review are heavily consumer focused but may still be worthwhile for enterprise users to check out. However, there are a couple of pieces in the Windows 10 Anniversary Update that should be considered on the enterprise side of the house as well and their focus is on security.

Windows Defender Advanced Threat Protection (WDATP)

This new feature helps IT Pros to detect, investigate and deal with malicious attacks on their networks. It does this by providing comprehensive threat intelligence and attack detection.

WDATP is a post breach feature and is built to help you remediate attacks and prevent them in the future.

There are three key parts to this technology according to Microsoft:

1. The Client – end-point behavioral sensor, built into Windows 10 (Windows 10 Anniversary update, Windows Insider Preview Build number 14332 and later) and activated upon service enrollment. The client logs relevant security events and behaviors from the endpoint.

2. Cloud security analytics service – processing data from endpoints in combination with historical data and Microsoft’s wide data repository to detect anomalous behaviors, adversary techniques and similarity to known attacks. The service runs on the Microsoft scalable big data platform, and uses a combination of Indicators of Attacks (IOAs), generic analytics and machine learning rules, as well as Indicators of Compromises (IOCs) collected from past attacks.

3. Microsoft and community intelligence – our hunters and researchers investigate the data, finding new behavioral patterns and correlating the data with existing knowledge from the security community.

Windows Information Protection (WIP)

The reality of work in a corporate environment is that personal and work related files, emails, etc. are going to become intermingled on users devices. WIP implements a series of features that helps protect that critical corporate information from being shared with individuals that should not receive it.

WIP works on four key information protection fundamentals:

1. Device Protection: Making sure that the device and the information on it are protected if the hardware is stolen/lost.
2. Data Separation: This element makes sure that personal and corporate info is kept separate on any device they are both stored on.
3. Leak Protection: This will keep unauthorized users and apps from accessing or sharing your protected data.
4. Sharing Protection: This step makes sure that data you share outside of your organization and control continues to be protected from unauthorized individuals.

The first two fundamentals above happen on a Windows 10 device by using Bitlocker and WIP. The final two areas are implemented through Azure Information Protection and Office 365 controls.

Is your company/organization testing out Windows 10 right now? What is your biggest concern about making that migration?

But, wait…there’s probably more so be sure to follow me on Twitter and Google+.

This post first appeared at WindowsITPro.