In Windows 8, Microsoft made some significant security improvements to the platform. At the TechEd North America conference this week in New Orleans, Microsoft explained how it will take security to greater lengths, including widespread use of biometrics, with the release of 8.1.
Chris Hallum, senior product manager for Windows client security, demonstrated several of the new security features in a breakout session on Monday. While the Windows 8 release focused a great deal on beefing up malware resistance, Hallum said that 8.1 will concentrate on "modern access control."
A large part of this initiative will hinge on including native operating system support for biometrics authentication. Windows 8.1 will be optimized for fingerprint-based biometrics using capacitive readers that incorporate "liveness detection" to ensure a living human finger is being scanned. Windows sign-in, remote access sign-in, and all remaining authentication prompts will be enabled for fingerprint scan. Specific applications -- as well as different functions within those applications -- can also be gated for authentication.
A common fingerprint enrollment experience will make using biometrics user-friendly, said Hallum, and the ease of authentication will lead users to prefer using biometrics. He demonstrated a series of tasks requiring fingerprint authentication at several steps, and the process took less than a second each time. "We want to make biometrics completely mainstream," Hallum said.
Pervasive device encryption will be another focus of Windows 8.1. The variant of Bitlocker initially introduced on Windows RT and Windows Phone 8 will be enabled out of the box for all versions of 8.1. Data on any Windows-connected device and any consumer device using a Windows account will be encrypted automatically. IT departments using the Pro and Enterprise editions of the updated OS can also add extra BitLocker protection and manageability.
Other security improvements will include making virtual smartcards easier to use and more effective and implementing better browser protection that can detect stolen certificates.
Will these security enhancements be useful in your environment? Tell us your thoughts in the comments.
Tuscany: I don't think it's going to be the ultimate security enhancement, but could be used as one more additional layer to help keep a device protected. However, biometrics still tends to be expensive and confusing for both manufacturers and users, so things will need to change very quickly.
@ Tuscany, I had a keyboard once that was a password manager with finger print scanner. It worked, but very, very slowly. Slow enough, that i could get up and grab a cup of coffee, and still wait. However, computers are much faster today. There will be a day that a computer can scan the whole body, with out us even noticing.
Like 5 to 6 years ago, there were laptops which were shipped with fingerprint sign in. I thought it will be the standard in all laptops. (Like webcams are in all new laptops). Now, we have laptops that have fingerprint scanner, but it is not 100% present like webcams on laptops. I was expecting retina scan to be standard by 2020. However, it looks like it is going to be bit late.
Tuscany, the folks at Microsoft think they have made huge security improvements so that the OS is pretty locked up at this point. I can't really evaluate that, since I'm not a security expert, but they are really turning their focus outward and lookng at strengthening the PKI infrastructure and validating certificates because they feel that's where the security holes are now.
In the vein of devils advocate - As I mention earlier I do like biometrics in general, I just think it will be potentially easy for hackers to invade. It will just become part of what is worked on once the general OS has been compromised.
I would feel much better about it if MS had a better security history. Sure they do relatively well for their size but they are market leader after all.
While I am initially optimistic about the use Biometrics in general, I am no fan of it's use an security enhancement. While MS seeks to incorporate many of the new ideas possible in todays world of tech, I am not sure integrating biometrics into an OS which traditionally in it's history is known to be buggy and apt to security holes is the answer.
Needlessly extending itself into an area which will make this situation exponentially worse.
Trek: Not only are biometrics helpful – and even better if Windows 8.1 supports them – but many new ultrabooks and laptops have biometrics features, so paired with a functional OS, I think this is a great step towards the future.
Susan all this sounds exciting. I am glad MS is putting some good features in 8.1-they are sorely needed. The new Galaxy S4 phone I believe has a biometric feature that unlocks the phone by sensing facial expressions. In fact there are quite a few biometric features in the S4 that might become more mainstream.
The blogs and comments posted on EnterpriseEfficiency.com do not reflect the views of TechWeb, EnterpriseEfficiency.com, or its sponsors. EnterpriseEfficiency.com, TechWeb, and its sponsors do not assume responsibility for any comments, claims, or opinions made by authors and bloggers. They are no substitute for your own research and should not be relied upon for trading or any other purpose.