A guide to Windows 10’s security features

A hand reaching out to touch a holographic padlock, which floats above a phone screen displaying green code

Technology changes quickly and so does the threat landscape surrounding it. It therefore pays to be aware of the newest and greatest challenges to your IT security. Data breaches and thefts, ransomware and phishing are just a few of the malicious scenarios that could harm your business.

The way we work has changed, and employees are as likely to be found working on a laptop from a cafe and using unsecured public Wi-Fi as they are a desktop computer in the office. To prevent a catastrophic breach, it's essential that you put security at the forefront of your IT policy.

A major issue that will affect many organisations is the imminent end of support for Windows 7, which Microsoft will cease updating in January 2020 leaving an already outdated OS vulnerable to any new developments in cyber crime. This will necessitate a switch to Windows 10, but this transition should also be seen as an opportunity to protect your organisation with a whole new suite of the latest security features.

Key security concerns

Cyber threats are myriad. Hackers are always devising new, insidious ways of tricking sensitive data, personal information and passwords out of your employees through phishing attacks that pretend to come from official or reputable sources. Malware has moved on too, and you might not even realise that you are a victim. For instance, the McAfee Labs Threats Report (December 2018) claims that incidences of computers being surreptitiously installed with Bitcoin-mining software increased by 4,000% between 2017 and 2018.

Ransomware hit the headlines in a big way, with attacks like WannaCry bringing the NHS to its knees. It's no coincidence that many of the organisations that fall foul to such attacks are found to be using outdated PCs running unsupported operating systems. Increasingly, even the drastic approach of wiping the hard disk and starting from scratch (or a backup) after an attack is no longer so reliable, as LoJax ransomware can infect the UEFI BIOS, from where it can simply reinstall itself after you've finished diligently creating a clean OS install.

Password theft continues to be a problem thanks not only to weak passwords, but evolving password-hacking techniques mean that even complex, strong' choices can be cracked with little effort. And thanks to the growing trend for agile working, staff members working from home or in public places increases the chance of successful attacks over public Wi-Fi, as well as good, old-fashioned theft and burglary.

It's a grisly list of vulnerabilities, but thankfully Windows 10 can help mitigate these risks.

How Windows 10 can help

Microsoft has baked security into the foundation of Windows 10 and filled it with features that can efficiently and effectively protect your workforce and consequently, your business.

With Windows 10 there's no need to worry about third party security solutions thanks to Windows Defender, a fully integrated security suite. Windows Defender will protect your staff from the most common and arguably worrying threats such as malware and ransomware, while also providing a safe browsing environment and inbuilt firewall protection.

Microsoft SmartScreen is a cloud-based tool for preventing both phishing and malware attacks on your systems. Working through Outlook and your web browser, it flags suspicious websites and emails by comparing them against Microsoft's blacklist. While employees should, of course be trained to recognise phishing scams from 100 paces, SmartScreen offers an extra level of protection and warning against these threats.

Windows 10 offers enhanced protection from ransomware with its Secure Boot Mode, which safeguards against attacks that target the UEFI. This can be further enhanced by investing in the right hardware devices. HP's EliteBook range of business laptops come equipped with Sure Start Gen4 self-healing BIOS, which detects changes to the BIOS and will install a clean, safe BIOS before any malware can execute.

Single-factor logins are a thing of the past. Increasingly, multi-factor authentication is being acknowledged as an essential tool in preventing password theft by adding an extra layer of security whether that's via facial recognition, a security code sent in a text message to your phone, or a dedicated mobile app when logging into computers and applications. Windows 10 features Windows Hello, a multi-factor authentication platform that can use biometric scanning such as fingerprints and facial recognition or be paired with 'companion devices' like mobiles and smart watches, so that only the authorised user can gain access to their computer.

With so many employees working remotely on mobile devices, the risk of those devices being lost or stolen is high. But it's not the devices themselves that hold the most value, rather the data stored on them. To help safeguard the data on your PC, Windows 10 includes BitLocker, which dynamically encrypts all the data on your hard disk. Coupled with a Trusted Platform Module (TPM), BitLocker offers impressive security, thanks to the encryption key being stored, in part, on the TPM rather than the hard disk. This ensures that even if thieves or hackers remove your hard disk from your computer, they won't be able to decrypt and ultimately access your data.

And if you are unfortunate enough to have you laptop stolen, Windows 10 can help you track it down thanks to the Find My Device feature. A stolen device will transmit its location when connected to the internet, as well as allowing you to lock it down to prevent anyone else from gaining access to your sensitive data. Just don't forget to make sure that Find My Device has been activated in the settings.

To get the very best out of Windows 10, you need to couple it with the latest hardware that's been designed to use all of those integrated security features. HP's Elite range of PCs will cover all those bases, from 3D cameras to enable Windows Hello facial recognition, to TPM modules for BitLocker implementation and of course HP's own Sure Start technology to protect against BIOS attacks.

Windows 10 is the most secure OS that Microsoft has ever built, making it the obvious choice for business. Whether you're looking to lock down your devices, or secure the precious data held within them, Windows 10 has the features you need baked into it. And by combining Windows 10 with new, cutting edge hardware like HP's EliteBook X360, you'll be getting the best from Windows 10 in terms of both security and productivity.

Discover more about HP Elite PCs and Windows 7 to Windows 10 migration


ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.

For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.