For ordinary PC users, Microsoft worked on a whole new experience with Windows 11, providing a crisp new look as well as numerous accessibility features that make everyday work easier. Windows 11 is available now.
The more significant changes in the next Windows version, on the other hand, have been kept under wraps, and they promise a more secure PC experience than ever before.
It was evident in the recent uproar over the TPM 2.0 requirement for Windows 11 that the substance of it could be observed. From Microsoft’s perspective, it is an essential step in the process of creating baseline security measures for the company. In particular, it is important for its business clients, who operate on a network of computers, each of which needs to be just as safe as the next.
TPMs enable hardware-based security features to be employed both when the computer is first booted up and in a variety of programs that are used while computing. TPM 2.0 is a relatively new product on the market, and it is only available on a small number of PCs, but it adds a slew of security features that TPM 1.2 did not provide.
Security features such as Windows Hello, device encryption, virtualization-based security (VBS), hypervisor-protected code integrity (HVCI), and secure boot are enabled in conjunction with increased CPU requirements on Windows 11.
Microsoft claims that the combination of these technologies has been demonstrated to minimize malware by 60 percent on tested devices, according to the company. The firm describes Windows 11 as “the most secure operating system ever” as a result of these developments.
From the computer’s chip to the cloud, Microsoft claims that the new Windows has built-in security for all components of computing, including viruses and malware.
It does this within the computer by physically separating software from hardware. This separation places a hardware barrier between encryption keys, user credentials, and other sensitive data and the operating system, preventing them from being accessed by the latter. As a result, viruses and attackers are unable to access or tamper with that data while the boot process is in progress.
Once Windows 11 has been installed on your computer, it will utilize numerous levels of program security to protect vital data and the code integrity of the application. Microsoft has also enabled the majority of these security mechanisms by default in Windows 11, ensuring that users have the highest level of protection at all times.
Passwords used on the internet are a popular target for hackers. According to a Microsoft notice, 579 password assaults are carried out per second, for a total of 18 billion attacks each year on the system. Consequently, Windows 11 includes passwordless protection as a more secure alternative to traditional passwords.
User credentials are secured behind many levels of hardware and software protection after they have been authorized in a secure manner. Using the Microsoft Authenticator app, Windows Hello, physical security keys, or SMS codes, they may get access to them or in essence log into their Microsoft accounts, depending on their preference.
When it comes to safeguarding your cloud activities, Windows 11 has a number of features that allow you to create access restrictions for your personal or corporate account. Cloud customers are protected from “99.9 percent of cybersecurity threats,” according to Microsoft, thanks to features such as single sign-on and multi-factor authentication provided by the Azure Active Directory (Azure AD).
Because of this, Microsoft’s comprehensive security strategy is clearly visible in Windows 11, and it appears that cybersecurity businesses are enthusiastic about it. A Microsoft partner in New York City, Marc Menzies, president and chief technology officer of Overview Technology Solutions, said in an interview with CRN that the Windows 11 ecosystem assures that “the endpoints can be readily secured.” By increasing the CPU requirements for Windows 11, he showed his support for Microsoft’s choice to prioritize such security measures above a wider deployment on every PC.