NEW: Microsoft Vulnerabilities Report 2022 - Read the Findings of Our Annual Report Read Now

  • Partners
  • Support
  • Careers
  • English
    • Deutsch
    • français
    • español
    • 한국어
    • português
BeyondTrust
  • Products

    Privileged Password Management

    Discover, manage, audit, and monitor privileged accounts and credentials.

    • Password Safe
    • DevOps Secrets Safe
    • Privileged Access Discovery Application

    Endpoint Privilege Management

    Enforce least privilege across Windows, Mac, Linux, and Unix endpoints.

    • Windows and Mac
    • Unix and Linux
    • Active Directory Bridge

    Secure Remote Access

    Centrally manage remote access for service desks, vendors, and operators.

    • Remote Support
    • Privileged Remote Access
    • Privileged Access Discovery Application

    Cloud Security Management

    Automate the management of identities and assets across your multicloud footprint.

    • Cloud Privilege Broker

    BeyondInsight

    Experience the industry’s most innovative, comprehensive platform for privileged access management.

  • Solutions

    Use Cases

    • Cloud Security
    • Compliance
    • Cyber Insurance
    • Digital Transformation
    • Endpoint Security
    • Operational Technology
    • Ransomware
    • Service Desk Efficiency
    • Zero Trust

    Industry Applications

    • Financial Services
    • Government Agencies
    • Healthcare
    • Law Enforcement
    • Manufacturing
    • Schools & Universities

    Solutions

    The BeyondTrust Privileged Access Management portfolio is an integrated solution that provides visibility and control over all privileged accounts and users.

  • Resources

    Learn

    • Blog
    • Customer Stories
    • Competitor Comparisons
    • Datasheets
    • Demos
    • Glossary
    • Podcast
    • Whitepapers

    Attend

    • Events
    • Go Beyond
    • Training
    • Webinars

    Support

    • Changelog
    • Professional Services
    • Technical Documentation

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

  • Company
    • About
    • Leadership
    • Core Values
    • Partners
    • Careers
  • Watch Demo
  • Contact Sales

Make Security a Centerpiece of Your Windows 10 Migration

May 31, 2019

  • Blog
  • Archive

Last year Microsoft announced that 184 million commercial PCs around the globe run Windows 7. And that’s not including the untold number of Windows 7 systems in the People's Republic of China. Now that we’re closing in on Microsoft’s January 14, 2020 deadline for Windows 7 support, it’s high time for IT pros to prepare for the migration to Windows 10 in their organizations.

But the Windows 10 migration doesn’t have to be just another bothersome IT chore. It can be a great opportunity for organizations to improve the management of their IT infrastructure, while also strengthening endpoint security.

With that in mind, here are some key points that organizations should consider when transitioning to Windows 10.

Maintaining Security Against Evolving Threats

Windows 10 is widely considered the most robust Windows operating system to date. It’s no surprise that countless organizations trust in Microsoft's cloud-based modern management approach to facilitate heightened security and agile IT capabilities.

With mobile device management (MDM) solutions, employees must have admin rights to do their jobs — and that’s potentially a very serious security risk. BeyondTrust’s recent Microsoft Vulnerability Report discovered that 81% of critical vulnerabilities in 2018 could have been mitigated by simply removing administrator user rights from Windows endpoints.

So, while Microsoft is enabling organizations to deploy Windows 10 and adopt more modern systems management capabilities, it's important to understand that the operating system alone cannot protect businesses from evolving cybersecurity threats. To protect their organizations, CISOs and other IT security professionals need to think strategically when migrating to Windows 10.

For example, a survey of 500 global IT and cybersecurity professionals conducted last year found that vulnerable endpoints were the top security concern when migrating from Windows 7 to Windows 10 for 40% of respondents. Meanwhile, in all regions except the United Arab Emirates, the biggest challenge for securing remote workers and employees using their own devices on Windows 10 was ensuring that endpoints are secure.

These concerns are not misplaced. Many breaches occur due to employees working remotely and enjoying access to data from their own devices. To help mitigate this threat, CISOs should remove admin rights wherever possible and implement a training program to ensure that employees understand why this is happening.

The Privilege Problem

In every version of Windows, there have been two main types of account — administrator and standard user. Windows 10 is no exception. The fact that removing admin rights could mitigate more than 80% of all critical Microsoft vulnerabilities reported last year underscores the security threat that overprivileged admin users pose to their businesses.

Fortunately, the removal of admin privileges is relatively simple on Windows 10. However, while this process does result in improved security, it can present some usability challenges. Many day-to-day tasks and applications require admin rights. Revoking these privileges can potentially hamper a workforce's efficiency.

This is a real challenge for modern businesses, which must simultaneously strive for maximum security, while preventing users from being locked out of the systems they need to access. IT and security leaders should weigh this balancing act on a case-by-case basis. When they do remove admin rights, they should determine which of their existing IT practices should be tweaked to avoid the challenges associated with removing these rights.

A Phased in Approach

Although Microsoft frequently rolls out updates to its operating system, it still does not allow for a distributed set of employees to install key applications in a secure, user-friendly way. For instance, when admin rights are removed, IT staff can have difficulties accessing the network and helping users install software. That detracts from the overall user experience, and hurts productivity.

The migration to Windows 10 does not need to be a sprint. By evaluating which devices require an upgrade, IT leaders can use previous operating systems for some areas of the business while simultaneously implementing Windows 10 for others, and then slowly rolling out the migration to the rest of their machines.

Approach the migration to Windows 10 as an opportunity to upgrade your Windows management while also improving your overall cybersecurity posture. It's vital that the flexibility that the new operating system offers is balanced with measures to maintain your organization's security against modern threats. By strategically considering the points outlined here, you will help set yourself up for a smooth, successful transition to Windows 10.

Related Resources

The Microsoft Vulnerabilities Report (research)

10 Steps to Better Windows Privileged Access Management (blog)

Removing Users from the Local Administrators Group (blog)

Endpoint Privilege Management (solutions page)

Why You Should Reboot Your Windows Machine Every 30 Days (blog)

Kevin Franks, Marketing Communications Manager

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

Microsoft Vulnerabilities Report 2022

Whitepapers

Cybersecurity Insurance Checklist

Whitepapers

Privileged Access Management: PAM Checklist

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support
  • Cloud Privilege Broker

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Podcast
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press
BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2022 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.