Microsoft is holding its “Windows Powers the Future of Hybrid Work” digital event this morning, where Chief Product Officer Panos Panay announced some new security and management experiences for Windows 11. The company has announced security enhancements such as phishing protection capabilities, Smart App Control, as well as a premium endpoint management solution for helpdesk employees.
Microsoft reiterates its commitment to safeguarding its customers from cyberattacks by bringing the phishing detection and protection capabilities of Microsoft Defender SmartScreen into Windows 11. The new built-in security feature will now warn Windows users while entering their credentials into a malicious website or application.
The Redmond giant has also introduced a new Smart App Control feature to prevent users from running malicious apps or processes on Windows 11 PCs. This new AI-powered capability will now block all “untrusted or unsigned” applications by default.
Smart App Control will come pre-installed with all new devices that launch with Windows 11. However, the feature will not work on devices running previous versions of the OS, which will require a clean installation.
Additionally, Microsoft is bringing a new personal data encryption feature to Windows 11. As the name suggests, it aims to ensure the security of personal data and files for remote workers even when the user is not logged into their system.
“To access the data, the user must first authenticate with Windows Hello for Business, linking data encryption keys with the user’s passwordless credentials so even if a device is lost or stolen, data is more resistant to attack and sensitive data has another layer of protection built in,” explained David Weston, VP, Enterprise & OS Security.
Moreover, Windows 11 is also getting a built-in security feature called “Config lock” that helps IT Admins prevent users from making any configuration changes. Config lock allows the OS to monitor the registry keys of each feature with MBAM policies and automatically restores all changes to the previous state within a few seconds. This new capability is designed to enable IT Admins to assure that all Windows 11 devices in their ecosystem are compliant with the organization’s security policies.
In addition to these security features, Microsoft has unveiled its plans to launch several new premium endpoint management solutions to protect both cloud and on-premises devices. Remote help is the one new premium solution that is launching today in Endpoint Manager. The feature has been available in preview since November 2021, and it lets customers support their remote and hybrid teams.
“Remote help is a cloud-based solution that provides secure, help desk to user connections. It is tightly integrated with Endpoint Manager for enhanced security and allows a helpdesk employee to quickly resolve problems no matter where the user is located,” explained Steve Dispensa, VP, Enterprise Mobility.
Additionally, Microsoft is introducing a new intelligent managed service called “Windows Autopatch” that lets enterprise admins automate Windows, Office, and Microsoft Edge updates. Microsoft noted that the feature is available for all Windows Enterprise E3 subscribers at no additional cost.
Last but not least, IT Admins can now use a new organizational messages feature to send targetted messages directly to employees’ desktops, taskbars, or lock screens. With Application Management for Edge, companies can allow employees to access organizational resources from unmanaged devices.
If you’re looking to learn more about the new security and management updates coming to Windows 11, we invite you to watch the dedicated session about “Windows and Endpoint Management.”