Windows 8.1 Provides Better Security for Enterprises

Windows 8.1 security enhancements benefit both domain-joined and personal devices (BYOD) with greater malware resistance, better performance with BitLocker, stronger encryption on personal devices, and improved IT security management features to help administrators and users establish secure access to company resources. New development interfaces also simplify working with built-in security technologies, but are only for Windows Store apps. Although some security features may require new devices, the features make Windows 8.1 a more attractive option for organizations upgrading recent devices from prior Windows versions.

Securing the Boot Process

Windows 8.1 inherits security features introduced with the Windows 8 boot process, which made starting the OS more resistant to attacks from malware (malicious software). Those features include Early Launch Antimalware (ELAM), which enables antimalware software to start before any third-party drivers are initialized in the boot process. Windows 8.1 Measured Boot, a security feature that compares various aspects of startup components to detect compromises, is added to the startup process of devices with ELAM. This change increases malware resistance by strengthening the connection between the physical device and the OS, reducing the likelihood that malware can inject itself into the boot process. However, the device will need specific hardware, including Unified Extensible Firmware Interface (UEFI) firmware and a Trusted Platform Module (TPM).