Ignite 2015 Microsoft has shown off some of the new security mechanisms embedded in Windows 10, and revealed a change to its software updates.
Windows supremo Terry Myerson reckons the revised security patch rollout – effectively ditching the monthly Patch Tuesday – will shame Google.
"Google takes no responsibility to update customer devices, and refuses to take responsibility to update their devices, leaving end users and businesses increasingly exposed every day they use an Android device," Myerson said during his Ignite keynote in Chicago today. He was referring to the sometimes tardy rollout of operating system updates for Android gadgets.
"Google ships a big pile of [pause for effect] code, with no commitment to update your device," he added to chuckles from the audience.
Myerson promised that with the new version of Windows, Microsoft will release security updates to PCs, tablets and phones 24/7, as well as pushing other software "innovations," effectively putting an end to the need for a Patch Tuesday once a month.
Windows 10 enterprise customers will stay on the monthly update cycle, which will be reworked as Windows Update for Business: this will allow IT managers to pick and choose updates to deploy, and set when they will be automatically installed.
Meyerson said home users will get patches first, which will allow businesses to hold off and see what breaks before installing – bug patches have bugs from time to time, after all.
He also said that the patching system had been updated to allow much tighter control over branch offices and remote users, who may not have decent bandwidth. Patches can be distributed peer-to-peer, and the timing of the installations can be set to ensure update downloads do not interfere with day-to-day operations.
The goal, he said, was to make users of all stripes more secure by constantly feeding updates down the pipe, across all devices once Windows 10 is launched. Update for Business will be a free service for enterprise and pro Windows customers
On the data protection side, Brad Anderson, veep of enterprise client and mobility, showed off a new feature in preview builds today: Microsoft's Advanced Threat Analytics (ATA). This tries to sense the presence of malware in a network, and locks down apps to prevent sensitive data being copied within a device.
Cut'n'paste is cut
At the heart of ATA is software developed by Israeli startup Aorato, which hit the headlines in July when it claimed to have discovered a major flaw in Active Directory. Microsoft bought the biz, and used its knowhow to toughen up the defenses in Windows 10.
ATA constantly scrutinizes your office network, and uses basic machine learning techniques to identify suspicious behavior by devices and users, and raise the alarm if necessary.
IT administrators can use ATA to also lock down Windows 10 systems to only allow data to be cut and pasted between corporate applications, while personal apps such as Twitter can be blocked from getting the same data from the clipboard. If desired, information can be copied from corporate to personal apps, but with the action recorded in an audit log.
Using Azure, administrators can choose to embed metadata in files so that managers can see who read what document, when, and where from. If a particular user is trying to access files they shouldn't, an alert system will let the IT manager know.
This level of monitoring will cover devices and applications, too. A user's account can be called up to show how many devices they use to get onto the network, and sound an alarm if someone's trying to access data from one location, and then again from the other side of the world a few minutes later.
As a premium service, Microsoft will also offer data from Redmond's security team who monitor black-hat forums, and will alert IT managers if any of their users' identities have been put up for sale.
Other features are going to be added before the launch of Redmond's new operating system, as well as security-related tweaks to Intune and the System Center Configuration Manager, Anderson promised, and will be rolled out to developers over the coming weeks. ®
Sponsored: Ransomware has gone nuclear