Computerworld

Here’s how the Windows 10 Creators Update helps enterprises

New features include enhanced security, analytics and device management

A few weeks ago, Microsoft unveiled its Windows 10 Creators Update with a focus on the software’s benefits for end users when it launches next year.

On Tuesday, the company showed a different side of the next major patch for its new operating system, showing off features that will help IT professionals.

Next year, IT folks will get new features focused on security, device management, and upgrade improvements.

For one, Microsoft’s advanced security suite for Windows 10 is gaining additional remediation, detection and threat intelligence tools. Administrators will also get new analytics to see how their organization is using the new operating system.

It's part of Microsoft’s continuing push to get large organizations to adopt its new operating system. The company has seen an accelerating number of businesses choose to pick up Windows 10, and these new features may drive more organizations to adopt it in the new year.

Windows Defender Advanced Threat Protection will be one of the biggest beneficiaries of the new update.

Microsoft's advanced security threat detection and remediation software will get a slew of new features, including the ability to watch for memory and kernel level exploits, which are being used by advanced malware.

Microsoft is also partnering with FireEye iSIGHT Threat Intelligence to bring its information into the WDATP dashboard so that users can get access to that information alongside what Microsoft offers.

In addition, IT administrators will be able to create their own list of blocked behaviors, which can then be shared with other administrators.

That could allow IT folks to share best security configurations for WDATP, in the same way that they share Group Policy settings today. Rob Lefferts, the group program manager for Windows Enterprise and Security, said in an interview that he wants the functionality to go further in the future.

"This is something that we really want to foster," he said. "Not just with our partners like FireEye iSIGHT, but also with the SecOps professionals inside these organizations really working together to track this stuff down.”

On top of all that, WDATP will give IT pros the ability to remotely isolate a compromised device from the network that it's on. Using the Windows firewall, admins can block all incoming and outgoing traffic except for WDATP.

That means they could potentially remotely stop an attacker's data exfiltration as it's happening, while still retaining the ability to investigate the device from afar.

The Creators Update will also bring support for mobile application management into Windows, so IT departments can allow users to access work documents from their personal Windows 10 devices without being able to do things like wipe a PC's entire drive.

Users will be able to get protected files that can be locked down by IT administrators in the event of any security issues.

For a little extra peace of mind, Lefferts said that admins will be able to dictate basic security policies on a device, like making sure that a password or PIN is set up before allowing users to access company information.

Microsoft will also turn some of the Windows 10 telemetry it collects over to administrators with Windows Analytics. That's designed to give IT admins access to an anonymized profile of their organization’s computer use.

Lefferts said that a lot of effort has gone into making sure that individual users can't be identified with the feature, and Microsoft will be keeping an eye on it to try and prevent abuse, as well.

Organizations will also get access to a new tool that can automate the deployment of a Unified Extensible Firmware Interface (better known as UEFI) with Windows 10 on compatible devices that were previously set up to use legacy BIOS.

Prior to the launch of the tool, IT managers would have had to manually repartition each device's disk and reconfigure each one's firmware.

With this new functionality it will be possible to automate the process in conjunction with tools like System Center Configuration Manager (SCCM).

The update is expected to be out next year, and it seems likely that it will launch in the first half of 2017.