Windows 10 Security Features

Windows 10 November update (initially released as version 1511) includes many security features specifically targeted at large organizations. Among other features, this version implements new user identity technologies to reduce dependence on user-chosen passwords, improved credential storage to limit the impact of compromised PCs on other systems, and improved software whitelisting to secure locked-down devices such as point-of-service terminals against malware. However, organizations must select the Enterprise edition of the OS; deploy prerequisite hardware, software, and services; and invest time and money to deploy the improved protection successfully.

Securing User Identity

Windows 10 includes a range of features intended to provide end users with secure authentication options beyond a simple password and to keep credentials secure from attack.

Windows Hello

Windows Hello provides standardized, secure biometric authentication on Windows 10 running on desktops, tablets, or phones. With compatible hardware, Windows Hello can use facial, iris, or fingerprint authentication to control access to the device running the OS, using a PIN and biometric measures configured from within Windows. While the PIN and biometrics only authenticate the user to the local device, they can be used to unlock stored credentials for external systems such as Windows Server, Active Directory, and Azure Active Directory (AD) or Office 365.