Enterprise Grade Security
In the vastness of the Internet there are lurking more dangers for your computer than ever before. But not only in the World Wide Web users are facing fraudsters and thieves who try to get valuable data from you. Also locally you can find a lot of stealing of data and unwanted access by third parties. Windows 10 IoT offers its users completely new and improved ways to protect your operating system from power-on to power-down. You can find out what functions are available for this purpose and what they mean exactly by following our short overview.
Secure your devices
Determine which peripherals, such as USB sticks or external hard drives, are considered trustworthy and ensure that only these ones are recognized by the PC.
- Two-factor-authentication when logging in
- Device Guard:
Thanks to the so-called Advanced Threat Resistance only trustworthy applications run on the system
- Secure Boot:
Ensures that only certified files are loaded during the boot process and that an operating system with a stored security certificate is started
Advanced Lockdown:
Describes mainly the function to customize your Windows operating system to your needs by means of specific restrictions (see also our article about customizing) At the same time this also means an increased safety factor for your operating system. This is because the Advanced Lockdown offers you the possibility to allow only specific programs to perform operations on your computer. In reverse, unwanted malware and/or software will not even get the chance to log into your PC.
The lockdown also includes the following security functions:
- AppLocker:
- Disable unwanted software/programs as already mentioned above
- Keep control of all processes by requiring your approval
- Shell Launcher:
- Automatically start into a custom shell after logging in
- Disable hotkeys and certain key combinations
- Unified Write Filter:
Essential when it comes to the write protection of hard disks. This means that the Unified Write Filter does not allow any changes to the hard disk as well as the stored files and programs. Changes are only stored via RAM for a short time. After restarting the operating system, everything will be set to default again.
- Mobile Device Management (MDM):
Deny USB and other peripherals access to your computer.
Secure your data
- Trusted Platform Modules (TPM):
A TPM is a chip integrated in a lot of systems, which allows hard disks to be encrypted. The TPM also makes it possible to identify any hardware in the system. This allows the chip to detect possible changes within the system.
- BitLocker:
Encrypts your drives/hard disks and allows you to safely erase data. This makes it much more difficult to restore deleted data. This is important if you, for instance, want to discard old computers.
- Enterprise Data Protection:
Protects against data loss caused by leaks in the system (e.g. clouds, e-mail, social media)
Protect your identity
- Windows HELLO:
Registration by fingerprint, facial or iris recognition
- Credential Guard:
Protects your access data from malware and the like