Windows 10 IoT Enterprise: Security

04.04.2017

Microsoft is also not letting itself down in the area of security and is further expanding its Internet of Things for the benefit of all users. Both device and data security, which impress with a wide range of features, come off particularly well.

Enterprise Grade Security

There are more dangers than ever for your computer lurking in the vastness of the Internet. But it is not only on the World Wide Web that you are exposed to fraudsters and thieves who want to obtain valuable data. Data theft and unwanted access by third parties also occur locally time and again. Windows 10 IoT offers its users completely new and improved options for optimally protecting their operating system from switch-on to switch-off. You can find out which functions are available to you and what exactly they mean in our brief overview below.

Secure your devices

Specify which peripheral devices, such as USB sticks or external hard drives, are considered trustworthy and ensure that only these are recognized by the PC.

  • Two-factor authentication when logging in
  • Device Guard:

    Only allows trusted applications to run thanks to Advanced Threat Resistance

  • Secure Boot:

    Ensures that only certified files are loaded during the boot process and that an operating system with a stored security certificate is started

Advanced Lockdown:

Mainly describes the function of tailoring your Windows operating system to your needs through specific restrictions (see also our article on customizing). At the same time, this also means an increased security factor for your operating system. For example, Advanced Lockdown offers you the option of only allowing certain programs to perform operations on your computer. Conversely, this means that unwanted malware or software is not given the opportunity to nest in your PC in the first place.

The lockdown also includes the following security functions:

  • AppLocker:
    • As mentioned at the beginning, deactivate unwanted software/programs
    • Maintain control over all processes through your necessary consent
  • Shell Launcher:
    • Start automatically in a custom shell after logging in
    • Deactivate hotkeys and certain key combinations
  • Unified Write Filter:

    Indispensable when it comes to write protection of hard disks. This means that the Unified Write Filter does not allow any changes to the hard disk and the files and programs stored there. Changes are only stored temporarily in the RAM memory. After restarting the operating system, everything is back to normal.

  • Mobile Device Management (MDM)

    Deny USB and other peripheral devices access to your computer

Back up your data

  • Trusted Platform Modules (TPM):

    A TPM is a chip integrated into many systems that makes it possible to encrypt the hard disk. The TPM also makes it possible to identify any hardware in the system. This also enables the chip to detect changes in the system.

  • BitLocker:

    Encryption of your drives/hard disks. Also enables the secure deletion of data. This makes it much more difficult to recover deleted data (useful, for example, when discarding old computers).

  • Enterprise Data Protection:

    Protects against data loss caused by leaks in the system (e.g. clouds, emails, social media)

Protect identity

  • Windows HELLO:

    Login via fingerprint, face or iris recognition

  • Credential Guard:

    Protects your access data from malware and the like

Overview page Windows 10 IoT Enterprise

More on the topic

Stay up-to-date with the spo-comm newsletter.

I have read the data protection information.

spo-comm GmbH

Otto-Kraus-StraรŸe 4c
D-90411 Nuremberg
Phone: +49 (0) 911 / 23 98 37 – 0
E-mail: info@spo-comm.de

More spo-comm:

Payment methods:

spo-comm GmbH

Categories

Application fields

Customer service