By Eric Vanderburg, Information security executive
Microsoft officially launched its successor to Windows 8.1, Windows 10, on July 29, 2015 and millions have already downloaded this free upgrade or utilized Microsoft’s queued digital delivery system. Windows 10 offers users many new features, including a new browser and integrated Cortana search, which essentially means that your operating system is integrated with the cloud. However, don’t let all these features and launch celebrations distract you from its security, which is somewhat in the fine print.
By default, Windows 10 collects information from your microphone, location, camera, handwriting and searches. According to Microsoft’s privacy statement, this information is used to provide services.
For example, Cortana uses location, speech, handwriting and searches to provide intelligent information to you. The information is also used to send product and service information, distribute security notices and display advertisements. Information is shared with Microsoft affiliates, subsidiaries and vendors. This is a common practice for many companies, and Microsoft explicitly states that it does not collect information from email, chat, video calls, voice mails, and personal files for advertisement targeting. However, unlike the Web, your operating system is resident on your machine, potentially collecting information even when you are not actively using the computer.
The good news is that the default tracking can be disabled by editing Windows 10 and the Edge browser privacy settings.
Microphone, location, and camera settings can be managed by clicking start and then going to settings and finally privacy. This will open the privacy menu. Search privacy is managed by opening the Edge browser, then going to advanced settings under settings. After viewing advanced settings, you will see a privacy section where you can turn off the Cortana search assistance called “Have Cortana Assist Me in Microsoft Edge.” You can also manage some settings online by opting out of ads based on browsing history and interests here.
As a side note, Windows 8 integrated Microsoft online accounts with local accounts, which allows Microsoft to combine data gathered from multiple computers linked to a Microsoft account and online activities together. This is also present in Windows 10, but you still have the option to use a local account rather than a Microsoft account.
Using a local account will disable some application downloads and synchronization features, but it will limit the data collected to that machine so it is not integrated with usage on other platforms or the Microsoft online community. This also prevents someone who compromises your online account from remotely accessing your computer using that account or vice versa.
“In the end, I think Windows 10 is a good step forward in both features and security, but it can be enhanced by turning off a few features.” – ERIC VANDERBURG
Windows 10 includes a feature called Wi-Fi Sense. This feature allows your contacts to connect to your wireless network, and it has received a lot of negative press after its release. However, initial concerns raised were premature or exaggerated.
Wi-Fi sense is not turned on for all your contacts automatically. Contacts are not granted access to your network unless access has been assigned, and this is only available after you make a wireless network available for sharing. This feature makes it easier to allow friends to connect to your network without providing the wireless password to them, and the feature can be disabled if and when it is not needed.
New Windows 10 security features
Windows 10 also comes packed with new computer security features. It has Device Guard to protect against unsigned applications, support for biometric authentication through Windows Hello, new security features in Microsoft’s Edge browser and a suite of parental controls.
Device Guard blocks unsigned applications from running on the machine. This helps prevent malicious programs and infected program files from executing malicious code on your computer. In order for a program to run, the software company must sign the installer file with a key that only it has. Windows checks this key to verify that the file originated from the software company and not some other third party such as a hacker and allows the installation if the key is verified.
Second, Windows 10 now supports multiple ways to log into your computer including face, eye and fingerprint authentication through a feature called Windows Hello. The software is built into the operating system, and users just need to attach biometric devices that are Windows Biometric Framework-supported in order to use the feature. Third-party support has existed for biometric authentication for quite some time, but Microsoft’s adoption allows enterprises to integrate biometrics into their identity management systems through native Microsoft technologies.
Microsoft’s built-in browser, Edge, helps prevent websites from tampering with your machine or stealing credentials through new security controls. Edge is equipped with an even better version of SmartScreen phishing detection that checks the reputation of sites you visit while Passport encrypts saved passwords. The browser also supports W3C content security policy and strict transport security standards. Furthermore, the browser is remarkably fast with all these controls under the hood.
Lastly, Windows levels the parental controls playing field with Mac OS and even adds a few new features through Family Features. They enables parents to better control the programs their children run and the content they view online. This includes time limits on logins, blocking or allowing rules for applications and games, Web filtering and activity logging.
In the end, I think Windows 10 is a good step forward in both features and security, but it can be enhanced by turning off a few features, especially if you are not using them. Remember that Windows 10 is still new so there will most likely be many updates as these features are put under the strain of attacks and normal workloads.
This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.
From October 20-22, Dell is bringing together technology and business professionals who are crafting a vision for the future of their enterprise. Register now for Dell World 2015 in Austin, Texas.