Neil MacDonald

A member of the Gartner Blog Network

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Coverage Areas:

Windows 8 Raises the Bar for Security

by Neil MacDonald  |  September 28, 2011  |  1 Comment

I’ve been out the past two weeks visiting with clients and have been meaning to summarize my impression of the upcoming Windows 8 (expected mid 2012) from a security point of view. I attended Microsoft’s recent BUILD conference for developers where Windows 8 made its first official appearance. You can see my real-time tweets and observations from the conference on twitter under @nmacdona.

Like Windows 7, Windows 8 will continue to raise the bar in terms of security capabilities of the base OS. Here’s a list I compiled of the new capabilities:

  • Antimalware protection built into the OS – basically Microsoft’ Security Essentials (beyond just Windows Defender included with Windows 7)
  • Earlier loading of security protection in the boot process to thwart rootkits and other boot-level malware
  • File reputation services (SmartScreen) – was included with IE9, now expanded to protect the entire OS.
  • Root of trust measurements of the OS based on UEFI – if we need this for hypervisors, why not all OSs? Microsoft has had something similar with BitLocker using TXT and has now extended this to all versions.
  • Windows Refresh – to restore Windows back to a known good state, while preserving end user personalization, enabling Systematic Workload Reprovisioning.
  • Windows now supports boot from USB – quite useful in specific scenarios. Combined with BitLocker and root of trust measurements, this becomes a way to place an unknown terminal device into a high assurance state.

For the new “Metro Style” side of Windows 8 (the WinRT side), it is clear that the security model of Apple and the iPhone/iPad has had an impact:

  • Reduced rights and strengthening of mandatory integrity controls of the OS.
  • Metro-style applications can only be delivered through the Microsoft application store which now includes security testing (a form of implicit whitelisting).
  • Sensitive API access is proxied through a security policy enforcement mechanism which validates the application’s right to use them
  • “Picture Password” as a touch-native way of authenticating yourself to Windows 8

Overall, Windows 8 provides evolutionary – not revolutionary — improvement in security capabilities and raise the bar in terms of what an OS should deliver in terms of security protection.

1 Comment »

Category: Beyond Anti-Virus Information Security Microsoft Security Windows 7     Tags: , , , , , , ,

1 response so far ↓