Security: The Next Big Battleground in Computing?
Satya Nadella’s recent “trust in computing” speech highlighted the need for dependable, secure, trustworthy computing. In this article, I’ll look at how Microsoft is slowly building out Windows 10 to provide that trust for enterprises across all types of devices.
As technology invades every part of our lives, the need to provide trustworthy experiences grows more important. Just last week, the Dyn DDoS attack that brought down many of the Internet services we’ve come to rely on, such as Twitter and Amazon Web Services, highlighted the vulnerability of Internet of Things (IoT) devices, allowing attackers to launch a massive assault by leveraging systems with unchanged default usernames and passwords.
This is a simple cost-cutting exercise by manufacturers, as providing unique default credentials for each unit would require unique documentation in each box, or some other means of registering the device so that it can be managed. And as more gadgets and household devices become Internet enabled, these kinds of attacks are likely to become more frequent and damaging.
And although Friday’s attack utilized the IoT, Microsoft has recently pointed out that smartphone security also leaves a lot to be desired, calling out Apple’s inability to protect enterprise data. Microsoft hasn’t been traditionally synonymous with security, but Microsoft corporate vice president Brad Anderson thinks that executives shouldn’t blindly trust iOS because of its controlled and procured ecosystem, as the recent discovery of the Trident malware for iPhones might indicate.
Microsoft appears to be preparing for what might be something of a battle over enterprise security, as more devices are used for storing and processing sensitive data. Although smartphones haven’t been much of a target in the past, with hackers concentrating their efforts on Windows PCs because of their widespread use in the enterprise, that tide is slowly starting to turn.
Google already seems to be recognizing that Android might not be up to the job of keeping data secure going forward, and is developing a new operating system — Andromeda — that will be compatible with Android apps but provide a new security model, amongst other improvements to the core OS so that Google can compete with OS X and Windows. And as for Apple, I’m not sure security has ever been at the top of the priority list.
The long wait for extensions in Edge is one example of how Redmond is slowly growing out Windows 10 to make it a secure enterprise grade solution, because any other end result isn’t going to be acceptable. Other features, such as Windows Information Protection (WIP), which is designed to transparently protect and isolate enterprise data, is an another example of a technology that has been in development over a long period but only came to fruition in the recent Anniversary Update.
Microsoft might have lost the battle in the smartphone market for the time being, but when the next paradigm shift comes, it has a secure and capable mobile OS that could be part of the next big change in mobile computing. It’s also worth remembering that many of the security improvements in Windows over the years originated in Windows Phone, such as Device Guard and the sandboxed UWP app model.
Securing mobile and IoT devices is a challenge that must be met head on if enterprises and consumers alike will be able to utilize technology to its full potential. And Microsoft seems to have understood that and is quietly working to make sure its products are able to meet the security challenges of the future. There’s also a lot of focus on providing security in its Office 365 and Azure cloud platforms. It remains to be seen if Google, Amazon, and Apple will be able to keep us safe in an increasingly wilder west.