Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

What BeyondTrust Has to Say about Windows 10

April 28, 2015

  • Blog
  • Archive

Microsoft is on the verge of releasing its latest operating system, Windows 10. It has taken several nontraditional strides for this release including being free Microsoft 10 for one year for all Windows 7 and Windows 8 users (a play from Apple’s OS X playbook). Additionally, Windows 10 will allow upgrades for unlicensed copies of previous versions (this will not provide a valid license, just allow for the upgrade). Based on our understanding of the beta releases and what is currently published, several key components will be worth watching as we near the imminent release:Windows-10-LogoMicrosoft Windows Hello – The concept of Hello is based on Microsoft Kinect and Passport technology. Hello provides a credential to a system that can’t be stolen or copied by another user (theoretically). Since it is based on advanced biometrics, and not simply face recognition from a photo, it would be difficult or near impossible to impersonate a user. Since the various methods (facial, iris, fingerprint, etc.) require special hardware (and not a common camera built into a laptop or tablet today), it is yet to be seen how this equipment will be adopted and the cost it will add to systems.

Providing a unique credential to a user that can only be associated with them is a great way to ensure passwords are not shared and are unique per individual. There is one potential draw back that could circumvent this system – the password can never be changed. You cannot change your face, infrared heat patterns of your skin, iris blood vessels, or even your fingerprint. If a database was stolen that keeps this PII, it is just a matter of time before someone could technically own your likeness forever.

Project Spartan – Whatever the final name will be, I am certain it will be a safer browser than Internet Explorer. Microsoft has completely rewritten the rendering engine and certainly had security in mind when doing so. In order to keep up with the other players, Spartan will have to adopt features found in Safari, Chrome, and Firefox and do them better – like iCloud Password KeyChains and Session passing. It is yet to be seen how it will support Active X controls and other plug-ins like browser bars that have traditionally caused security holes.

Windows 10 will improve on the concepts of least privilege. Modern applications should be designed and complied to fully operate as standard user and Microsoft has embraced the need to change the OS in order to do so. New programs will be able to launch processes for auto update, etc. without the need for administrator credentials. While this is a huge improvement, it does not dissolve the need for tools that support legacy applications, all operating system functions, and vendors that truly need administrator access like VMware workstation. In addition, application allow listing with a focus on least privilege is still void in this latest release. This means, that there are little provisions to “absolutely” control what executes, is installed, and what permissions are used when a user interacts with a system.

For all of these solutions, BeyondTrust tests beta builds from Microsoft to determine scope, effort, and timelines for support of these new solutions. Whether this is just basic compatibility or support with new features, BeyondTrust strives to meet compatibility within 3 months of GA by Microsoft. We are looking forward to supporting Microsoft with our upcoming Privilege Account Management and Vulnerability Management releases.

Will you be at Microsoft Ignite next week in Chicago? Stop by booth #308 to learn more about how BeyondTrust proactively eliminates data breaches from insider privilege abuse and external hacking attacks.

Morey J. Haber, Chief Technology Officer and Chief Information Security Officer at BeyondTrust

Morey J. Haber is Chief Technology Officer and Chief Information Security Officer at BeyondTrust. He has more than 25 years of IT industry experience and has authored four Apress books: Privileged Attack Vectors (2 Editions), Asset Attack Vectors, and Identity Attack Vectors. In 2018, Bomgar acquired BeyondTrust and retained the BeyondTrust name. He originally joined BeyondTrust in 2012 as a part of the eEye Digital Security acquisition. Morey currently oversees BeyondTrust strategy for privileged access management and remote access solutions. In 2004, he joined eEye as Director of Security Engineering and was responsible for strategic business discussions and vulnerability management architectures in Fortune 500 clients. Prior to eEye, he was Development Manager for Computer Associates, Inc. (CA), responsible for new product beta cycles and named customer accounts. He began his career as Reliability and Maintainability Engineer for a government contractor building flight and training simulators. He earned a Bachelor of Science degree in Electrical Engineering from the State University of New York at Stony Brook.

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Whitepapers

A Zero Trust Approach to Secure Access

Webcasts

Rising CISOs: Ransomware, Cyber Extortion, Cloud Compromise, oh my!

Whitepapers

A Zero Trust Approach to Windows & Mac Endpoint Security

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.