What email address or phone number would you like to use to sign in to Docs.com?
If you already have an account that you use with Office or other Microsoft services, enter it here.
Or sign in with:
Signing in allows you to download and like content, which the author will be aware of.
Embed code for: Windows 10 in the enterprise
Select a size
Windows 10 in the Enterprise
Surface & Windows
Microsoft Hong Kong Limited
Windows in the enterprise
Employees work on nearly 2x the number of teams than they did five years ago
41% employees say mobile business apps are changing the way they work
Information overload wastes 25% of employee time, costing US business $997B each year
160M customer records leaked
229 days to detect security infiltration
Technology is fast reshaping our world and has the potential to change everything –people, businesses, communities and nations.”
- BT CIO report 2016
Say their top priority is supporting new business needs
Percent of budget spent on business as usual
Source: Deloitte CIO Survey 2014
What we hear from you
Decade-old PC tech, infrastructure, and processes drive up IT costs and slow business agility.
I’m worried about security threats and managing the risk to my business.
Median # of days attackers are present before detection
$146-$188 per device
Cost of keeping user devices up to date and secure
$1,930 per PC
Cost of upgrading Windows XP to Windows 7
Average cost of data breach (15% YoY increase)
80% of workers
spend a portion of their time working outside the office
41% of CEOs
Expect digital revenue to double over the next 5 years
We need to capitalize on new business opportunities quickly.
My employees need to be productive on every device they use.
38% of Millennials
feel outdated collaboration tools hinder innovation
47% of existing revenue
considered to be under threat in the next 5 years
Sources: Gartner, Ponemon Institute, IdeaPaint, MIT Center for IS Research
“Our mission is to empower every person and every organization on the planet to achieve more.”
Deployment is easier
After Windows 10
Deployment IT Resources
Installation IT Time
$403 per user
[New features] help Windows 10 to be probably the most secure out-of-the-box Windows Platform”
IMPACT OF WINDOWS 10
IT Manager, US Professional Auto Racing Team
Security issues &
time to resolve
Windows 10 enables productivity and increased business performance.”
Source: “The Total Economic Impact(TM) Of Windows 10, a commissioned study conducted by Forrester Consulting on behalf of Microsoft, June 2016. Results are for a risk adjusted composite organization based on customer interviews.
Achieve more and transform your business with the most secure Windows ever.
Powerful, modern devices
Safer and more secure
“There are two kinds of big companies, those who’ve been hacked, and those who don’t know they’ve been hacked.”
James Comey, Director FBI
MODERN SECURITY THREATS
“Cyber security is a Ceo issue.”
Impact of lost productivity and growth
Average cost of a data breach (15% YoY increase)
CYBER THREATS ARE A MATERIAL RISK TO YOUR BUSINESS
Source: McKinsey, Ponemon Institute, Verizon
Safer, more Secure
sAFER AND MORE SECURE
Detect compromised devices quickly
Replace passwords, protect identities
Only run software
Protect sensitive corporate
Use behavioral detection, cloud, and human threat intelligence to quickly identify compromised devices
Strengthen auth. with biometrics and hardware-based multi-factor
Eliminate Malware on corporate devices
Automatic encryption with persistent protection
Windows Information Protection
Windows Defender Advanced Threat Protection
Windows Hello for Busineess
Companion Device Framework
New challenges require a new platform
Malware starts before Windows, takes control, and evades detection
Prevents malware from compromising system before OS and defenses can start
Windows Trusted Boot
Passwords are easily stolen, multi-factor authentication hard and complex
Passwords can be replaced with biometrics and easy to use multi-factor authentication
User credentials are easily stolen on companies networks
User credentials are protected using hardware based virtualization/isolation
Next Gen app control and OS hardening gives IT complete control of what runs in their environment
Malware can bypass anti-virus and app control solutions
Users and apps can leak business data without restriction
Data separation and containment capabilities help prevent accidental data leaks
Enterprise Data Protection
3rd party solutions required to detect targeted attacks on devices
Detect and respond to breaches with built in behavioral sensors and cloud based analytics
Windows Defender ATP
You need to have several layers of defenses, and Windows Defender Advanced Threat Protection adds to our defense strategy. The worldwide sampling that only Microsoft can offer helps find questionable behavior on our computers and alerts us in a timely manner, making our computers and network safer.”
Fran De Hann //Senior Security Advisor
Deploying Windows Defender Advanced Threat Protection gave us incredible awareness about several critical security vulnerabilities in our network, which we’ve already taken immediate action to address, along with updating our security policies.”
Henrik Pedersen //IT Manager
TDC Hosting, Denmark
Cyber security is my biggest concern and securing all endpoints in my organization is my current priority. Windows Defender Advanced Threat Protection is unique in that it can see exactly what’s going on across every endpoint, which other solutions are failing to address.”
Greg Petersen //Senior Director, IT Security
Windows 10 – Windows Information Protection
Privilege Escalation with Credential Theft (Typical)
Modern Attack Tools are Easy/etc.
Get in with Phishing Attack (or other)
Compromise more hosts & credentials (searching for Domain Admin)
Get Domain Admin credentials
Execute Attacker Mission (steal data, destroy systems, etc.)
Isolated User Mode (IUM)
Move LSASS function to VSM
Limited function OS
Strict signing - doesn’t host device drivers
Provides strong isolation boundary
Building block for all security promises
High Level OS (HLOS)
High Level Architecture
Move “clear” secrets to IUM “oracle”
Answers questions, but does not divulge secrets
Note: MS-CHAPv2 and NTLMv1 are blocked
Credential Guard Demo:
Mimikatz – a
malware that steals password
What happens to Windows 7?
What happens to Windows 10 Enterprise with Credential Guard?
Device Guard What is Device Guard?
Combination of hardware + software security features
Enables businesses to strongly control what is allowed to run
Brings mobile-like security protections to desktop OS with support for existing line of business apps
Device Guard The Parts to the Solution
Virtualization based security
Protects critical parts of the OS against admin/kernel level malware
Configurable code integrity
Manageability via GP, SCCM, MDM, and PowerShell
Virtualization Based Security
Provides a new trust boundary for system software
Leverage platform virtualization to enhance platform security
Limit access to high-value security assets from supervisor mode (CPL0) code
Provides a secure execution environment to enable:
Protected storage and management of platform security assets
Enhanced OS protection against attacks (including attacks from kernel-mode)
A basis for strengthening protections of guest VM secrets from the host OS
Windows 10 services protected with virtualization based security
LSA Credential Isolation
vTPM (server only)
Kernel Mode Code Integrity
identified in Hong Kong
What happens to Windows 10 Enterprise with Device Guard?
ADVANCED THREAT PROTECTION
DETECT ADVANCED ATTACKS AND REMEDIATE BREACHES
Built in to Windows
No additional deployment & infrastructure. Continuously
up-to-date, lower costs.
Behavior-based, cloud-powered breach detection Actionable, correlated alerts for known and unknown adversaries. Real-time and historical data.
Rich timeline for investigation
Easily understand scope of breach. Data pivoting across endpoints. Deep file and URL analysis.
Unique threat intelligence knowledge base Unparalleled threat optics provide detailed actor profiles
1st and 3rd party threat intelligence data.
helps enterprise customers detect and remediate Advanced Attacks and data breaches
Client side dynamic endpoint behavioral sensors and loggers, works side by side with any existing endpoint security technology
Powered by cloud Machine Learning Analytics over the largest sensor array in the world
Enhanced by the community of our Hunters, researchers and threat intelligence
Client side dynamic endpoint behavioral sensors and loggers work side by side with any existing endpoint security technology
Post breach detection for active attacks actionable, correlated, real-time and historical for known and unknown adversaries
Easily investigate & explore enterprise endpoints to understand scope of breach through rich machine timeline and data pivoting
Self hunting across protected assets
search current and historical observables – machines, files, URLs or IPs across all protected endpoints. Deep file analysis for files retrieved from endpoints or from Microsoft’s global sample store
Built in threat intelligence knowledge base provides actor and intent context for every threat intelligence-based detection – combining 1st and 3rd party intelligence sources
Indicators Of Compromise (IOCs)
Monitoring “What (who) we know”
Threat Intelligence database of known adversary and campaign IOCs
Strontium IOCs – files and spoofed domains
Indications Of Attack (IOAs)
Monitoring “What (whom) we don’t recognize – yet”
Generic IOA Dictionary of attack-stage behaviors, tools, and techniques
FOR END USERS
Interact the way you want
Always have what you need
Use the cloud to drive IT transformation
Reduce disruptive deployments
Do more with digital ink
Access your apps and data from any Windows device
Streamline IT process by harnessing the power of the cloud on your terms
End wipe-and-reload deployments, enable managed, phased rollouts
Azure AD user state roaming
OneDrive for Business and Office 365
Cross device MDM support
Azure Active Directory
Windows Store for Business
Windows as a Service
Speed of change drives need for increased agility
Not all users and devices are the same. Some need to be current and up to date, others need to stay static, sometimes for years.
Addressing modern security threats requires rapidly deploying updates and new functionality.
Historically, technology adoption is dragged down by compatibility, complexity and cost.
Managing the tension between staying up to date and the historic complexity of migration.
Ongoing engineering development
Windows Insider Preview Branch
Current Branch for Business
Feedback and asks
Specific feature and performance feedback
Application compatibility validation
Deploy to appropriate audiences via WU for Business
Test and prepare for broad deployment
Stage broad deployment via WU for Business
Long Term Servicing Branch
Deploy for mission critical systems via WSUS
Flexible Enterprise Adoption Options
Long Term Servicing Branch (LTSB)
Current Branch for Business (CBB)
Enterprise use scenario
General information worker systems; salesforce, etc.
Special systems: Air Traffic Control; Hospital ER, etc.
Features released to the marketplace on an ongoing basis
Value of the latest features as they are released
Customers will consume these feature updates after they’ve been tested in the market for at least x days
Several months to consume feature updates
Modern and compatibility web browsing choices
IE11 and/or “Spartan” available for CBB;
IE11 will be available for LTSB customers
Support for Universal Office
and 1st party Universal apps
LTSB customers will be able to acquire universal apps separately, but MSFT makes no commitment to support them as part of OS
Support for Win 32 Office
Mainstream and extended support for a total of 10 years during which no features will be delivered but security and critical fixes will be
Ongoing security updates for the lifetime of the branch
Upgrade to Config Manager vNext
Config. Manager 2012 support
CBB customers have to take feature updates after deferral period in order to continue receiving security updates – move 90 days and 5+ 5 years up
No feature upgrade required to stay supported
Windows as a service
12 – 22 months
4 - 8 months
Windows as a service CADENCE
TWO RELEASES SUPPORTED IN MARKET
Windows 10 July 2015
November Update November 2015
Example 2017 Release
MORE PRODUCTIVE FOR IT
Compared with previous Windows versions, the [COMPOSITe] organization estimates it has reduced desktop management resource time by 15% for devices that have been upgraded to Windows 10.”
Windows 10 ISV App Compatibility
Windows 10 is a familiar interface, so little or no end user training or extra support is required [FOR THE COMPOSITE ORGANIZATION].”
Get the best experience
Put your digital assistant to work
The best screen is always the one you’re on
Get proactive help and business intelligence from a true assistant
Continuum for Phone
Universal Windows Apps
Cortana, with Azure AD
Cortana Analytics and Power BI
powerful, Modern DEVICES
Bring innovation to your current PCs
Achieve more with modern devices
Vertical industry and IoT solutions
Devices that redefine productivity
Windows 10 works great on Windows 7 PCs
Get the best experience with Windows 10 on modern hardware with a range of innovative devices across 2-in-1s, tablets, and phones
Find the right device for your Line of Business andIoT scenarios
Revolutionary new devices
3rd party devices
Windows 10 IoT
Managed user experience
Vertical specific devices
Secure Productive Enterprise
Delivered through enterprise cloud services
Enterprise Mobility + Security
Windows 10 Enterprise
Windows 10 Enterprise Do great things. The best Windows ever keeps getting better
Azure Active Directory Join
Mobile Device Management
Managed User Experience
User Experience Virtualization (UX-V)
Windows 10 for Industry Devices
Best in class performance
The most trusted platform
Always up to date
The most versatile devices
Commercial offers feature placemat
Security and identity
Management and deployment
Domain Join and Azure AD Join
Windows Store for Business, Private Catalog
Microsoft Application Virtualization (App-V)
Microsoft User Environment Virtualization (UE-V)
Advanced Telemetry Controls
For a full list of features and capabilities please visit the
What we have today vs. what is coming!
Enterprise Cloud Suite
Secure Productive Enterprise E3
Office 365 Enterprise E3
Enterprise Mobility + Security E3*
Windows 10 Enterprise E3**
Secure Productive Enterprise E5
Office 365 Enterprise E5
Enterprise Mobility + Security E5
Windows 10 Enterprise E5
* Formerly Enterprise Mobility Suite ** Formerly Windows 10 Enterprise
Secure Productive Enterprise Plan Overview
Secure Productive Enterprise Plans
Word, Excel, PowerPoint, OneNote
Sites & Content management
Mail And Social
Outlook, Exchange, Yammer
Meetings & Voice
Skype for Business, Skype Teams
PSTN Conferencing, Cloud PBX
Apps & Device Management
Microsoft Intune, Azure Active Directory Premium P1
Windows Store for Business, Microsoft Desktop Optimization Package, VDA
Power BI, Delve Analytics, Personal and Org Analytics
Security & Compliance
Office 365: Encryption, Data Loss Protection, Rights Management
Windows: Enterprise Data Protection, Windows Hello, Credential Guard, Device Guard, App Locker
EMS: Microsoft Advanced Threat Analytics, Azure Information Protection P1
Office 365: Advanced Threat Protection, Advanced Security Management, Customer Lockbox, Advanced eDiscovery
Windows: Windows Defender Advanced Threat Protection
EMS: Azure Active Directory Premium P2, Microsoft Cloud App Security, Azure Information Protection P2
Enterprise Plan Add-ons
PSTN Calling** Skype for Business
Getting VALUE from Windows 10
Accelerate your Windows 10 Deployments
Learn more about the Secure Productive Enterprise
Join the Windows Insider program to see the latest innovations in Windows
Handling Different PC environments
Make use of Bitlocker, Windows Information Protection with SCCM to safe guard hard disk and data
Make use of Credential Guard to protect identity from hackers
Bitlocker is crucial for PC carried by traveling executives
Make use of Windows Information Protection to separate Corporate Data from Personal Data
Further enhance security in extending file-based encryption
Make use of Intune to help monitor laptops without Corporate Network
WDATP is encouraged to perform full time security check and forensic purpose
Suggested to make use of UE-V, App-V to deliver required applications and profiles
Public PC (non-domain join)
Suggested to deploy Windows 10 Enterprise LTSB
Capable for delivering IE in Kiosk mode without all other features
Windows 10 Industry Digital Transformation Customer Public References
Microsoft Confidential, Shared under NDA
Our mission is to empower every person and every organization on the planet to achieve more.
US DEPARTMENT OF DEFENSE
Microsoft Receives the Ultimate Windows 10 Security Proof Point from US Department Of Defense
ISV App Compatibility
© 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Hello, I am excited to have the opportunity to speak with you today.
My name is….
A little about me…
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION
Microsoft Envision 2016
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Key points to land
The transformation cuts across all industries and companies big and small. Even the most entrenched industries are being disrupted by digital transformation.
Some of the most disruptive companies we have seen arise over the last few years have been riding this trend.
These companies are using technology to meet the demand for more personal experiences for customers.
We have seen a wave of digital transformation happening in business over the last few years. This transformation cuts across all industries and companies big and small.
Some of the most disruptive companies we have seen arise over the last few years have been riding this trend. These companies are using technology to meet the demand for more personal experiences for customers.
Companies like: Uber delivering the type of car when and where you need it making it reliable and seamless – and disrupting the 100+ year old taxi industry.
AirBnB, taking the middle-man out of lodging and really allowing you to find a perfect, and personal location.
Even the most entrenched industries are being disrupted by digital transformation.
Number of teams employees work on has nearly doubled over the last five years.
-2009, 20014 US IW Survey
41% employees say mobile business apps are already changing the way they work
- CCS Insights
Information overload wastes 25% of workers’ time. Cost U.S. businesses $997B/year- get data point
160M customer records leaked – 2015 Ponemon Institute report
229 days to detect , security infiltration - Fireeye
Complete slide talk track below.
Established companies are creating more personal experiences – leading the charge of their digital transformation, in attempts of beating digital disruptors to the punch
But digital transformation is not just on the minds of startups.
We see companies from established travel, hospitality, banking, healthcare, retail, and a host of others working hard to digitally transform themselves. They are not just worried about non-traditional competitors or new business models invading their space—they are using these more personal experiences to succeed.
In a world where digital technology is evolving and often disrupting any industry you can think of, building and maintaining personalized customer relationships has become more important than ever. That’s why CMOs and brand leaders need to look beyond the traditional marketing tactics of yesterday and embrace new, immersive and unexpected ways of delivering powerful experiences for their customers.
Virgin Atlantic did just that with the creation of Ida, an immersive digital adventure which features specially created content that takes viewers on a guided tour through a virtual Upper Class experience, from check-in to boarding — all shown on a compact mobile device that can meet the audience where they are.
Ida allows Virgin Atlantic to seamlessly and flexibly share this experience across multiple devices, while capturing more insightful intelligence about their customers’ wants and needs.
Whether at large trade events or sending field agents for small-scale client meetings, they have a digital experience to share that isn’t the focal point, but rather a way to create curiosity and spark conversations.
** Talk track from here is based on Virgin Atlantic case study. Other case study links are at the end of the slide notes. Feel free to replace with a different case study that is more appropriate for your customer. **
Virgin Atlantic, source: http://blogs.microsoft.com/business-matters/2015/11/10/virgin-atlantic-brings-its-customer-experience-to-life-using-windows-10/
TGIF, source: http://news.microsoft.com/2015/01/12/tgi-fridays-partners-with-microsoft-on-tablets-to-streamline-orders-improve-customers-visits/
Sheraton Hotels and Resorts, https://customers.microsoft.com/Pages/CustomerStory.aspx?recid=6799
University of Pittsburgh Medical Center (UPMC), https://customers.microsoft.com/Pages/CustomerStory.aspx?recid=3094
© 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Windows Blog: https://blogs.windows.com/business/2016/06/16/the-cromwell-pilots-the-connected-room-experience-with-windows-10/
Caesars Entertainment Group pilots the Connected Room at the Las Vegas strip’s only boutique hotel - The Cromwell. The solution controls all aspects of Guests’ stay into a single system experienced through a Windows 10 device
Built on the Universal Windows platform
Personalized offers through the Microsoft Cloud
Launched in all rooms by mid 2017
Built with Microsoft partners iRiS Software Systems and Ireckon
“Technology is the key to revolutionizing our industry and The Connected Room, built on Windows 10 and the Microsoft Cloud, can help us drive that transformation.”
Scott Campbell, VP and Chief Architectural Officer, Caesars Entertainment
Video Download: https://microsoft.sharepoint.com/teams/Windows_Commercial_Product_Marketing/Industry/Customer%20Videos/Caesars/Video%20Compressions/110203_Windows_10_Connected_Room_MIXEDAUDIO_10000kbps.mp4
Since its beginning in Reno, Nevada, more than 77 years ago, Caesars has grown through development of new resorts, expansions and acquisitions, and now operates casinos on three continents. The company’s resorts operate primarily under the Harrah’s®, Caesars® and Horseshoe® brand names. Caesars also owns the London Clubs International family of casinos. Caesars Entertainment is focused on building loyalty and value with its guests through a unique combination of great service, excellent products, unsurpassed distribution, operational excellence and technology leadership. Caesars is committed to environmental sustainability and energy conservation and recognizes the importance of being a responsible steward of the environment.
About the Cromwell:
The Cromwell presents the Strip’s first Las Vegas standalone boutique hotel. Each of the 188 rooms features luxurious accommodations in an intimate, Parisian-inspired atmosphere. Whether it’s the hardwood floors, plush furnishings or dim and romantic lighting, each room gives guests a glamorous, VIP experience. The hotel’s blend of modern and vintage design is another unique element. Exclusive amenities include coffee and tea service on the first floor, rain showers and Muk bath products. Bold. Sophisticated. Enticing. Welcome to The Cromwell.
Today, technology ranks as a priority along side growth, labor, materials and more among business?
Although you have the attention of the CEO to transform over half of your budgets are being spend on keeping the lights on
More than ever, CEOs are looking for ways to digitally transform the companies they run—looking to technology as a way to enable growth and differentiation.
And clearly, you understand this too. 71% of you say supporting new business needs is at the top of your list of priorities.
But there is a problem.
Although you have the attention of the CEO and the mandate to transform, (Click) over half of your budgets are being spent on doing what you are doing now.
So what’s holding you back?
Deloitte CIO Survey 2014
Security is, of course, another top concern. The cost of a security breach can have a material impact on your financial performance.
Agility is also a top priority. Older methods for deployment and management are create challenges in the current environment.
Millennials have arrived, and they won’t stand for outdated processes that hinder their out of the box thinking
There is great business opportunity for companies that transform quickly.
Security threats are on everyone’s mind. With the sophisticated attacks we are seeing the stakes are very high and a single breach can have a material impact on a company’s success or failure.
Many of you tell us that agility is a top priority for you and your business, but are struggling with infrastructure and processes that are no longer good enough. What worked a decade ago is no longer enough. You need new options.
At the same time, you have employees and internal customers who want/demand the best. They use the latest technology and devices at home, and they expect the things they use at work to deliver just as well and be just as personal.
“Millennials” are starting to make up a greater and greater percentage of the workforce. Giving them the collaboration tools they expect is important to keeping them productive and staying ahead of the competition.
And, you are looking to capitalize on the new business opportunities that digital transformation offers, and you are looking for technology partners that can help.
-243 days for attacker to be present: http://www.fireeye.com/news-events/press-releases/read/fireeye-releases-annual-mandiant-threat-report-on-advanced-targeted-attacks
-$3.5 million cost: http://www.ponemon.org/blog/ponemon-institute-releases-2014-cost-of-data-breach-global-analysis.
-Gartner: Use TCO to Assess Choices in Devices, Support Policies and Management Approaches, November 4, 2014.
-Ponemon Institute: 2014 Cost of Data Breach Study.
-EOs see technology-related change as a way to achieve growth in 2015 and 2016… CEOs expect digital revenue to double over 5 years, from 22 to 41%. Mark Raskino. 2015 CEO Survey: Committing to Digital. Gartner. April 10, 2015
IdeaPaint source: http://d1jbvhpem1c36a.cloudfront.net/wp-content/uploads/IdeaPaint-2013-Millennial-Survey.pdf
MIT Center for IS Research, September 2015
Companies can transform their business by leveraging today’s opportunities
Business can achieve more in a secured cloud environment
They want to…
Improve customer experience
Deliver disruptive innovation
Empower global workforce
Drive growth & stay competitive
Businesses are looking for new ways to empower employees, better engage their customers, transform their product, and optimize their operations.
How do business leaders deliver a vision & strategy that takes advantage of digital transformation.
[Complete slide talk track below.]
Security is key to a successful digital transformation. We’ve made great investments in Security to protect your company from modern security threats, Windows is THE most trusted platform for businesses
We have designed Windows to help you lower TCO and get rid of a lot of the costly processes that you were using before.
Windows exceeds employee expectations for more personal computing and productivity.
That is delivered on with the versatile devices you already own, AND lighting up the newest and most innovative devices out there.
These needs have guided our investments in Windows 10.
We could talk for hours about security alone, where we are working hard to deliver new ways to protect your company from modern security threats - making Windows THE most trusted platform for businesses.
We have also designed Windows to help you lower TCO by making your IT department more productive. We want to help you reduce the amount you are investing in maintaining the status quo with old infrastructure and processes, so you have more to invest in digital transformation.
And we are focused on the user, meeting and exceeding their productivity needs—and delivering on their expectations for more personal computing.
We are delivering this on with the devices you already own, AND lighting up the newest and most innovative devices out there.
© 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION
Here is the quote you saw a second ago from FBI Directory James Comey.
This is a scary statement from a man on the front lines in this battle.
Let’s talk about the implications of these threats, and how Windows 10 can help.
Security is no longer the problem of simply the security team, security is a CEO issue
Security issues can have a material risk to business
The severity and prevalence of these threats means that, today, cyber security has become a CEO issue, it is no longer confined to the halls of the IT department.
When these attackers have compromised your systems, it takes and average of over 200 days before they are discovered. This is a lot of time to steal information and do damage to your business.
An analyst firm recently calculated that the average cost of a data breach was $3.5 million dollars, and had grown 15% year over year. This is simply the average cost; some breaches are far more than this.
One recent study by McKinsey put the global cost of lost productivity from security incidents at $3 trillion dollars. How does security impact productivity? Some attackers are not looking to simply steal your data, they are looking to hold it hostage, as we saw with the recent attacks on hospitals in California.
Today’s attacks are not launched by script kiddies. Attackers are very advanced, and attacks are targeted and persistent. Modern attackers are well funded, in some cases backed by nation states.
They will research your employee’s online, looking at sites like LinkedIn and using what they learn to send them very well crafted phishing emails. These aren’t the emails you might have seen with spelling and grammar errors claiming to be a prince that wants to give you money. These are tailored based on what they learned about the employee in their research and very well written.
A study by a security group found that if you send 100 phishing emails to employees, on average 23 of those mails will be opened. If those emails have an attachment, the attachment will be opened by 11 of those people, and 6 of them will do it in the first hour! You have very little time to respond.
Once those email attachments are opened or links clicked the attacker is in. Many people feel if they just have an anti-virus or anti-malware program on their computer they are safe but in almost half of the attacks studied there was no malware on the system to be detected by these programs.
This is scary, but Windows 10 was designed to help you defend against these threats.
Source 1 (HEADING): “Cyber security is a CEO issue”: http://www.mckinsey.com/insights/business_technology/why_senior_leaders_are_the_front_line_against_cyberattacks
Source 2: 243 days for attacker to be present: http://www.fireeye.com/news-events/press-releases/read/fireeye-releases-annual-mandiant-threat-report-on-advanced-targeted-attacks
Source 3: 140 countries developing cyber weapons: Infosec Institue, “The Rise of Cyber Weapons and Relative Impact on Cyberspace”
Source 4: $3 trillion in lost productivity: http://www.mckinsey.com/insights/business_technology/why_senior_leaders_are_the_front_line_against_cyberattacks
Source 5: $3.5 million cost: http://www.ponemon.org/blog/ponemon-institute-releases-2014-cost-of-data-breach-global-analysis
Windows has strong defenses to keep your devices and network secure.
Passwords need to be replaced with something more secure, but we don’t stop there, we drive a series of innovations that will both protect identities and delight users.
Running only the software you trust is a key to protecting your devices. Windows does this to help eliminate malware.
Windows Information Protection (formally called EDP) products against accidental data leakage.
Windows Defender ATP provides post breach protection to quickly detect suspicious behavior.
Replace Passwords & Protect corporate identities]
It starts with replacing passwords and protecting corporate identities.
Windows Hello and Microsoft Passport are the most personal and secure way to access Windows devices and services and today. They provide enterprise grade security with fingerprint, facial, and iris recognition.
We make good on the promise to enable you to use you phone to remotely unlock your Windows 10 PC’s, we’ll start with Windows Phone and Android this year and follow up with iOS next year. Adding a second factor of authentication just got a lot easier and cost effective for your organization.
But phones are just one type of device you want to use for authentication. So we’re introducing Windows Hello for Business which includes the companion device framework. This means that hardware vendors can more easily innovate and create devices of all types In addition, this framework allows you to extend multi-factor auth to sites and services on the web!
These devices will range from traditional ID cards or smart cards, to wearables, or even IoT devices. Each of these devices can offer the same enterprise grade security that you’re used to today. This means you can choose the solution right for you—including defense, financial, retail, and health care—just to name a few.
You will see devices from partners like Yubico, HID, and others. One interesting device is the Nymi band. The Nymi band can monitor your heart rate to uniquely identify you, and log you in when you get close to your device.
In addition to authentication, we continue to harden the OS to protect corporate identities (certificates, tokens, tickets, etc.). This includes using hardware based virtualization to isolate and protect logins from attacks, heading off an entire category of attacks.
This means that, if an employee falls victim to an attack, Windows 10 has technologies, such as Credential Guard, to help contain the breach and prevent the attacker from moving beyond that device.
In the past, attackers could spread across your network from one device using a technique known as “Pass the Hash.” With Windows 10, these attacks (in their current form) no longer work.
[Only run software you trust]
We have to rethink our approach to running only software we trust. Today we run anti-malware programs and try to look for malware signatures. While important, we need to do more. In one study almost half of the PCs breached lacked any currently detectable malware on them. Hackers often compile specific code for specific attacks and they go after the weak like, the users, to get them to install it.
Windows protects the applications you run so you can ensure only software your IT department has signed is trusted and runs with a technology called Device Guard. Even if an employee accidently downloads dangerous software your devices can be protected against it.
[Protect enterprise data against leaks, theft, or accidental disclosure.]
We are also making advances to help protect sensitive intellectual property.
With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data disclosure through apps and services that are outside of the enterprise’s control like email, social media, and the public cloud.
Many of the existing solutions try to address this issue by requiring employees to switch between personal and work containers and apps, which can lead to a less than optimal user experience. Windows Information Protection (formerly called EDP) offers a better user experience, while helping to better separate and protect enterprise apps and data against accidental disclosure risks across both company and personal devices, without requiring changes in environments or apps. Additionally, WIP when used with Rights Management Services (RMS), can help to protect your enterprise data by persisting the protection even when your data roams or is shared.
[Detect suspicious behavior quickly]
Even with all of the defenses Windows 10 introduces it’s hard to keep every intruder out. Sometimes they find and exploit vulnerabilities that aren’t known, or more often they find ways around the best defenses with social engineering and attacking the user. Regardless of how they get in, if you don’t know they are there they can do real damage. While we will continue to invest heavily in building stronger defenses you should also use a mindset that assumes breach to provide additional protections.
Everything we have talked about so far is about working to better keep the users out of your devices and network. To help protect our enterprise customers, we are developing Windows Defender Advanced Threat Protection, a new service that will help enterprises to detect, investigate, and respond to advanced attacks on your network and devices.
Let’s talk more about Windows Defender ATP… CLICK…
Windows 7 was great for it’s time but the modern security landscape requires a new platform.
We’ve looked at a lot of the new security technologies built into Windows. You can see that these new challenges your business faces require a new platform to protect your assets.
It’s these new challenges that are leading many companies and organizations to switch to Windows 10.
Company Name: Pella Windows
A leading window and door manufacturer, Pella is committed to using the latest technology to support the emerging needs of the business.
Pella is an early adopter customer of Windows Defender Advanced Threat Protection.
Credential Guard doesn't host any device drivers. Instead, it only hosts a small subset of operating system binaries that are needed for security and nothing else. All of these binaries are signed with a certificate that is trusted by virtualization-based security.
Credential Guard does not allow insecure NTLM and Kerberos-related authentication protocols when using default credentials, including NTLMv1, MS-CHAPv2, and weaker Kerberos encryption types, such as DES
The LSA process in the operating system talks to the isolated LSA by using remote procedure calls. Data stored by using virtualization-based security is not accessible to the rest of the operating system.
Mimikatz will perform pass the hash attack to the PC. It will obtain all the hashed password (which can try to authenticate itself in different systems). In worst case, clear password can also be obtained like our Demo in Windows 7.
All hashed passwords are revealed and worst case, clear password “p@ssw0rd” is also shown.
There is no useful information can be obtained through Mimikatz. The password is well protected by Isolated User Mode, hidden in a small VM.
80-1 is a Ransome captured by Hong Kong Digital Crime Unit. It will convert all files into another extension while leaving txt file alone. It performs by firstly remove all shadow copy and perform encryption.
Windows 7 is severely attacked by 80-1 and files are encrypted with shadow copy removed.
80-1 cannot be run on Windows 10 Enterprise as it is not an Enterprise Signed Application. In Windows 10 Enterprise Device Guard, we can only run applications that are publicly certified or privately certified by customer (using SignTool / incorporate Certificate in Development. 80-1 is therefore seen as an alien without certificate and it cannot run successfully.
Building on the existing security defenses Windows 10 offers today, Windows Defender Advanced Threat Protection provides a new post-breach layer of protection.
With a combination of client technology built into Windows 10 and a robust cloud service, it will can quickly detect threats that have made it past other defenses. It does this by looking at the behavior of the machine, not just by looking for malware signatures.
For example, if a machine suddenly is firing up PowerShell and connecting to strange IP address while scanning your network – and it’s never done anything remotely similar to this before, it’s very likely been compromised.
Windows Defender ATP spots these behaviors and can take action to both shut them down, and to give you the information you need to quickly understand the extent of the compromise.
But maybe it’s not that simple? Maybe the behaviors are not as blatant. This is where the cloud solution comes in. Microsoft has a unique degree of visibility into the threat landscape. The ATP cloud service is constantly receiving information from over a billion sensors around the world. By finding the patterns in that noise, it can spot new threats very quickly.
This is supported by a team of human hunters that are experts in threat detection. They apply their expertise to extend and constantly improve the system.
Windows Defender ATP uses a combination of client technology built into Windows 10 and our robust cloud service.
Windows Defender ATP is composed of 3 parts:
The Client – an agent built into the OS (Windows 10 Anniversary update and later) responsible to log everything that happens on the client machine and send it over to the cloud
Cloud analytics service– leverage huge dictionary of IOAs and signals collected across it’s eco-system of Windows customers, enterprise cloud products and online assets. It runs on a scalable Big Data, a processing service to draw fast insights, identifying attacks and use many ML algorithms that were created in the last years by AND
Microsoft and community intelligence, our Hunters and researchers that are investigating the data and finding and creating new behavioral patterns and correlating it with existing knowledge from the security community
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
Let me tell you a bit more about what we do with these alerts.
The alerts that we use, are based on two terms if you will. IOAs and IOCs
Indicators of Compromise are really what we know and who it belongs to. This is the known. What we do is, we have a TI database that is compiled out of everything we know and everything our TI partners know.
If we see any of these indicators in an organization, then we know who is there.
We, Microsoft, name our actors after the periodic table, so after elements. Each company has their own names for actors. Here is an example of what the indicators are that we know about the actor group called Strontium. A whole set of the tools and techniques they use for different attacks, credential stealing, backdoors, etc…
In addition we also collect the spoofed domains, if we see any communication from a machine - even going out over a system file - to one of those domains or IP’s, we raise an alert and we have an indicator that this actor group was on your box.
What you know is great, but advanced attackers are really well funded, they are sophisticated, they have Zero Days – a zero day by definition is not contained in what we know. So what we have to do, is expand what we know to what or to whom we don’t know yet. And for this <click>
We decided to depend on behaviors. Windows Defender ATP has an ever growing dictionary of Indications of Attack. These are behaviors that we associate with different attack stages.
We have behaviors that are typical of
command and control
the reverse shell that we saw
recon (reconnaissance) – so we are looking for port scanners
In this way we are not only able to monitor you network for what we know. And if a new IOC or IOA comes out, we also go back in time, over the data that’s been collected from your machines and are able to tell you “we only now know that this is an IOC, but it was here a week ago. “
This is really the underlying way in which Windows Defender ATP is able to monitor actors and new actors, known techniques and unknown techniques.
With Windows 10 we want to help you reduce the amount you spend on doing what you are doing today, so you have more to invest in digital transformation.
Our vision for productivity spans IT and End User productivity.
First I’d like to focus on IT (CLICK to fade out End User side of slide)
Decades old IT processes need to modernize to reduce costs and increase agility. With Windows you can leverage the cloud, at your pace, to drive IT transformation.
Windows rollouts shouldn’t be years long projects with large user disruption.
[Use the Cloud to drive IT transformation]
As the management landscape changes, Windows 10 helps you to become more cloud enabled—on your terms.
We already have support for MDM to help simplify management, as well as Azure Active Directory (AAD) Join to enable you to use the latest in cloud connected security, and the Windows Store for Business for you to be able to create a curated store experience for your employees to quickly get the apps they need in a self-service manner.
But, we heard you, you need more. You want employees to use their personal devices to access work files, yet you need to manage the app and the data, not the device. So, in 2017 we will introduce Mobile Application Management (MAM) to enable you to define security and policy at the app level, not the device level. For example, corporate apps can be blocked from being shared on Facebook or only saved to the corporate cloud service like OneDrive for Business while all other personal apps would be unaffected. You secure and manage the apps, not the entire device.
Soon, with Windows, any app will be able to be managed, on both mobile devices AND PCs. iOS and Android can’t do that—their apps need to be specially designed to be managed or even have two copies installed.
By contrast, MAM doesn’t require your existing apps, both your Win32 (desktop) apps and your Windows Store apps, to change as all types of apps can be managed right out of the box.
[Reduce disruptive deployments]
Most organizations today buy a new computer and then send it off to IT to “flatten” it and reload a new image. The process of creating and maintaining those images is expensive. With Dynamic Provisioning in Windows now you can take a brand new machine, straight out of the box, and when the user logs in for the first time with their Azure AD credentials you can automatically enroll that device in MDM management, push down any policies IT wants to set, change the editions of Windows from Pro to Enterprise, push down corporate apps, and soon even remove preinstalled apps. All of this can happen without IT involvement for the user and without deleting any of the drivers or critical machine setup parameters.
We have heard your feedback around ongoing upgrades.
[Note to presenter: It’s important here to be empathic with the customer. We have heard the feedback on time, package size, etc. and are focused on updates that will make this less impactful for the end user but you most set customer expectations properly that 2016 will not see a “silver bullet” answer to these concerns. We will make some minor changes in 2016 but this is a long lead item and will show up more noticeably in 2017]
We are focused on making the process as friction-free as possible and minimizing its impact. You will see some improvements in the upgrade process in 2016, and even more noticeable improvements coming in 2017.
We continue to address concerns, like package size, in the short term we aim to provide better deployment guidance around network and peer to peer technologies (like BranchCache) - to help you reduce the impact of upgrades immediately.
We will also provide IT increased control over update rollout through deployment rings and ability to control update delivery optimizations to suit the bandwidth needs, through Windows Update for Business.
When we talk about “stay up to date on a proven platform” a big part of that story is Windows as a Service.
[This is meant to tee up a discussion on WaaS and uncover deployment concerns, or blockers, that might exist. There are deeper dive decks you should use for a more complete conversation. For more information see the video and deck at https://microsoft.sharepoint.com/sites/infopedia/Media/details/aevd-3-104915.]
Not all devices and users are the same.
We have options both for special systems (LTSB) and business users to keep devices current and still maintain stability.
Why Windows as a Service?
We’ve heard from you that now all of your devices are the same. You have business users that want and need to have the latest features and functionality. You also have to have devices, like on a factory floor, that run the same OS for years.
When you attempt to consume years of change and new technology with upgrade projects that happen every 3 to 5 years it leads to challenges with capability and complexity integrating it into your environment. These factors leads to increased cost and delays.
With the modern security landscape its not just about deploying patches, you also often need to deploy new functionality, such as Credential Guard or Project “Barcelona” to stay ahead of the attackers. The attackers don’t work on 3 to 5 year cycle and neither can your defenses.
There is a tension that must be managed between staying up to date and the historic complexity of migrations. With Windows as a Service we work to address this.
You have the option to use the Long Term Service Branch (LTSB) for your special systems that need to remain static for specific reasons for years. For most of your systems and business users we work to balance this tension to help you innovate faster in your organization.
© 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
[This is meant to tee up a discussion on WaaS and uncover deployment concerns, or blockers, that might exist. There are deeper dive decks you should use for a more complete conversation. For more information see the video and deck at https://microsoft.sharepoint.com/sites/infopedia/Media/details/aevd-3-104915.]
You have on average 4 to 8 months to provide use feedback before release and do early evaluation.
Your pilot phase should be about the first 4 months after release
Broad production and deployment is the next phase and is about 12 to 22 month
With Windows as a Service we shorten the timeframe between releases from the historic 3-5 years but work to make it at a pace consumable by your organization. Let’s start by looking at the lifecycle of a single release.
Each individual release lifecycle starts with a Feedback period. Here you have time to evaluate the product for 4-8 months before release and let us know what you think, what works, and what doesn’t. You can get early looks at the product to give us this feedback by signing up for the Windows Insider program or the Windows TAP program. This is your chance to impact and influence the product as well as do some early, preliminary evaluation.
After release, there is a 4 months period for Piloting time for you to run broader pilots in your organization and test on a wider scale than you might have during the Feedback phase. It’s during this phase you should be reviewing the performance of any mission critical apps you have.
After 4 months we move into broad deployment and the Production phase begins. This is when you should look to start moving beyond your pilot users and scaling across your organization in a phased rollout.
We will support TWO production releases at any time so the end of a production phase is based on that n+2 release date. This is an important point, and we will talk more about how it works and what it means the next slide. Since we support two releases at a time, there are times you might want to skip a release. We don’t recommend you skip a release, but there are some cases when this is the right answer.
We heard feedback about the 4 month pilot phase; many see it as too short to make the jump to the newest release if you opted to skip a release. As a result, we added 60 days to give you a full 6 months after the new release comes out to complete deployment.
We also heard that the cadence of releases was too fast as we collectively start this new process. So we are adjusting our pace in 2016 and into 2017. Now, there will only be a one release in 2016 and potentially two releases in 2017
That’s the model of an individual release. Let’s look at what this means in the real world….
We have adjusted the cadence based on feedback, you don’t have to update three times a year.
Here we see:
…the initial release of Windows 10,
…the November Update
…the Anniversary Update.
…and a hypothetical example of how the first 2017 release might look.
Remember that we now support two production releases in market at a time. This means that if you have deployed the November Update, you have until late 2017 to move to the 2016 Summer release.
Some customers have told us that they have concerns about the cadence of releases, because they are worried new releases will arrive before they are able to deploy the last release, they would fall behind. Now that each release has a longer lifespan, you have more time to deploy, and more time to optimize your processes and infrastructure for this new model.
So far, the response to these changes has been largely positive, but our priority here today is to hear your thoughts.
Windows 10 is familiar, and every user is a first class citizen. Whether the situation calls for using mouse and keyboard, touch, pen & ink or voice.
One area we have worked hard to improve is the ink experience with Windows to make it as natural and fluid as pen and paper.
Employees are on the go and using multiple devices.
They should expect the best experience no matter what screen they’re using by running in desktop or tablet mode, using typing or touch inputs, or use your phone like a desktop.
[Interact the way you want]
Working with Windows 10 feels familiar, whether the situation calls for using mouse and keyboard, touch, pen & ink or voice. Employees are instantly productive without the need for training.
And, more and more people are seeing the benefits to using a pen. When you use a pen, so many subtle changes happen. You appear more open and engaged in meetings since you are not separated by a laptop screen, and many people say that using the pen for certain tasks helps them even think differently.
In schools, researchers have found that when trying to solve really challenging science problems, students that started by organizing their ideas using a pen scored 25-36% higher than those who just used a keyboard. So why would we limit ourselves to just one approach?
And in the coming update to Windows 10, it gets even better.
From the moment you touch the pen to the screen to the moment you take it away, it does everything you would expect it to do in Windows—even when you are at the lockscreen.
You can edit and mark up documents in Office 365. Want to remove a paragraph or block of text? Simply scribble over it like you would on paper and Office 365 will delete it from your document. You can even use the pen to draw and sketch your ideas.
Sometimes the free form nature of ink is nice, but at the same time you miss the linear precision of drawing tools. In those cases, you simply pull up the built in ruler or protractor. You hold the ruler with your fingers, just as you would expect, and you draw crisp lines with the pen. It’s a great example of combing pen and touch input in the same experience to create something natural and powerful.
As you would expect from Windows, you can also use these tools in your own internal apps because Windows ink is not just something that sits on top of an app, it’s part of the app. Maybe you are looking to plan a quick run after work? With Windows you could draw your (non-linear) route right on the map app and it can tell you the distance of the line you draw. The ink is also bound to the map, if you rotate the map, look at it in 3D, or zoom in the ink adjusts with you. What can you do with ink in your business apps?
Of course, there is the to-do list. This is quite possibly the #1 thing people do with pen and paper today. Cortana can read your sticky notes and take action for you. Simply right “Call John tomorrow” and Cortana and set a remind for you for tomorrow to call John. Since Windows is cloud powered you’ll be notified on any device when it’s time to make your call.
I think we all can agree that, as time goes on, we will be asked to do more and more, so we must increase productivity to keep up. But it’s not just about tools to do things faster, we are now at a point where to become more productive you need tools that learn how you work and adjust to your personal style.
[Get the best experience]
You should never be held back by the form-factor of the device you are on. In Windows 10, your 2 in 1 device (such as a Surface Pro) adapts so you get a great mouse and keyboard experience when typing, and then can shift into a touch-optimized “tablet mode” when the keyboard is removed thanks to a feature we call Continuum.
But Continuum is not just a PC feature, on many Windows Phones, you can connect a mouse and keyboard as well as a large monitor. In this mode you see what you would expect on a desktop, you get the start menu and can use productivity apps as you would expect. Then when you are done, you disconnect and walk away with your phone. It’s like having your PC in your pocket when you need it.
The bottom line is, with Windows 10 the best screen to use is the one you are already on.
Computer interfaces and their impact on learning by Sharon Oviatt (Infopedia)
Of course, it takes great devices to truly deliver the full Windows experience.
Windows 10 works great on your existing machines, and with in-place upgrades it’s easy to get them there
While Windows 10 works great on your existing devices to get the best experience you need a modern device.
Windows 10 also supports IoT and other vertical industry solutions
Windows 10 enables the next generation of collaboration with devices like Surface Hub and the next generation of devices like HoloLens.
[Bring innovation to your current PCs]
Windows 10 is designed to work great on your existing devices. It works with what you have and brings the latest features to your existing hardware. You don’t have to wait until your next hardware refresh to start to take advantage of the value of Windows 10.
[Choose the devices that are right for you]
When you are ready for that hardware refresh, Windows 10 is also ready to light up today’s devices. In many cases, getting the most from the latest devices requires strong connections between the operating system and the hardware. The two must work in concert to deliver a seamless and powerful experience. Windows 10 lights up on the latest touch enabled tablets and laptops, phones, and 2 in 1 devices like no other.
[Vertical industry solutions]
Certain industries and scenarios require different types of devices. You might need a rugged device in a manufacturing plant, an embedded scanner in a retail environment, or a device optimized to run in a kiosk and print boarding passes in an airport – whatever the need, Windows devices can fill it.
From IOT solutions, to kiosks, to POS systems, to most other things you can think of, there is a hardware and software solution for you.
As we discussed, Windows 10 lights up on devices with touch and pen support. But Windows 10 is also looking forward and powering the next wave of entirely new, revolutionary, business devices.
Take Surface Hub. Surface Hub unlocks the power of group collaboration in ways that have never been done before. It uses the Windows 10 platform to power amazing large screen apps to create more engaging, productive, meetings – whether the team is in one location or many.
Microsoft HoloLens is truly something revolutionary. By augmenting reality, it opens up ways to create, learn, collaborate, and visualize that we have dreamed up, but was not possible before. You see your creations come to life in the world around you. And, it is powered by Windows 10.
I have talked about more personal computing, and how it is driving digital transformation in every sector of the economy, and how we’ve made investments in Windows to help you better navigate this digital revolution.
Pro, Enterprise E3, and Enterprise E5 are the three commercial offers available through volume licensing.
Windows 10 Pro includes all of the great features of Windows 10 Home edition, along with additional security and management features designed to meet the needs of small and medium size businesses.
Windows 10 Enterprise E3 (formerly Windows 10 Enterprise with Software Assurance) builds on Windows 10 Pro with even more security, management, and control features geared toward larger and mid-size organizations or companies of any size with more complex IT requirements, such as those who process sensitive data, operate in a regulated industry, develop software in-house, and/or are publicly listed or planning to issue an IPO.
Windows 10 Enterprise E5 is a new Windows offering that includes everything in E3, with the addition of Windows Defender Advanced Threat Protection (WDATP), a new service that will help enterprise customers detect, investigate and respond to advanced attacks on their networks. Enterprise E5 provides businesses with the maximum level of security features available in Windows 10.
Learn more about the Secure Productive Environment
SLIDE 4 ON ITS OWN
As you might imagine, the United States Department of Defense is a demanding customer of ours, and they face the same challenges we all do, but at a very different scale.
So we are very proud to say that the DoD has looked at the security in Windows 10 and determined it is what they need to defend themselves in a world where they are “getting shot at every day.”
They have a plan to migrate 4 million devices to Windows 10 in the next year – they place that level of importance on it.
Pentagon to move fast in shift to Windows 10
Seattle Times – February 17, 2016
System Update: Pentagon Upgrading 4 Million Devices to Windows 10
NextGov – February 17, 2016
Microsoft just landed a huge deal to bring Windows 10 to 4 million Defense Department employees
Business Insider – February 17, 2016
Microsoft Receives The Ultimate Windows 10 Security Proof Point From U.S. Department of Defense
Forbes – February 17, 2016
Microsoft Sells U.S. Defense Dept. on Windows 10
The Wall Street Journal – February 17, 2016
Pentagon orders Windows 10 to be installed on all 4 million of its PCs
CNN Money – February 17, 2016
features designed to meet the needs of small and medium size businesses.
© 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN T