Now that Microsoft 11 has rolled out, the new version has people talking about the real reason the software giant made the effort. Short of  some new centered taskbar aesthetics and a new task manager protocol, there do not seem to be many customer-centric changes to the platform.  While some versions in the past have been a bit underwhleming, it stands to reason that all the hype about the new rollout should have offered a few more client oriented features. So, was Microsoft 11 designed for user-satisfaction? Or was Microsoft thinking of a larger business client when it unveiled the new software?

Experts suspect that Windows 11 wasn’t designed for the worker sitting at their desk. Instead, it was likely designed for the businesses themselves, as well as schools and governments. They reached the conclusion that Windows 11 was built to guarantee that sensitive data can be more effectively secured.

  • Windows 11 give Microsoft the ability to sever dependence on the 32-bit platform, being the first OS running solely on 64-bit.  Microsoft can now rollout additional virtualization and containerization security features that are not available in the 32-bit platform for business.
  • Virtualization-based security doesn’t indicate running Hyper-V along with a virtual machine; it indicates utilizing virtualization-related technologies in Windows 10 and 11 to distinguish between tasks and enhance the operating system’s isolation processes. The virtualization technologies in Windows 10 and 11 promote staying with Microsoft Defender for Endpoint to handle the operating system changes with the capability to deal with Credential Guard, Application Guard for Office, and Sandbox.
  • The Trusted Platform Module (TPM) 2.0 mandate guarantees that end users have a cryptoprocessor living on the  motherboard or its processors. Using hardware-level encryption safeguards the device and the information kept  on it by protecting the computer-generated encryption keys. It guarantees that the encrypted drives stay encrypted and that no malicious code can access the biometric information on a  laptop. End users typically do not need that level of high-security, but individual businesses need this type of protection.
  • Windows 11 is created for a process called “Zero Trust.” The concept is that if cyber-criminals do access the device, they won’t be able to go far without getting stymied. According to Microsoft, the Defender Application Guard in Windows 11 applies Hyper-V virtualization technology to isolate unknown or suspect websites and Office files into containers, separate from and unable to touch or affect the host operating system and enterprise data.
  • As an added security measure, Windows 11 also offers controls allowing apps and features such as the camera and microphone to amass and utilize data safely.
  • The TPM 2.0 mandate guarantees that more robust crypto algorithms can be deployed and utilize future security capabilities. And Microsoft’s upcoming Pluton security processor (due in 2022) supports TPM 2.0 and includes Secure Hardware Cryptography Key (SHACK) technology, which help to make sure that keys are never exposed outside the protected hardware.

As a typical Windows user, much of the above discussion may be over your head, and that is the point. The new release offers layers of security which may be identifiable and exciting to your IT personnel – but not so much to those using the software every day. If you were a user looking forward to the new release to explore all the new toys, you might be underwhelmed. But for businesses looking to continue to fight the good fight against cyber criminals, malware and security breaches.

Alliance IT provides IT support and managed services to small and medium-sized business in the Sarasota area.