Home » Technology » Software » 5 security features of Windows Server 2016
With the release of Windows Server 2016 Microsoft has taken a serious look at several key aspects in the security features of the Server 2016 platform. Many of these improvements are not simply refreshes or updates to existing security measures, in many cases these are fundamental changes to Windows Server that are designed to address the continual security challenges of businesses today.
Credential Guard – One of the challenges with Windows Server was the fact that account security information was locally stored within the server. While it was protected, and encrypted it was still accessible because this information was local to the server and it resided in the local server memory. This meant that it is was possible for a rogue program to access that process memory and retrieve the credentials within it. Microsoft has now placed the security authority in its own virtual machine running isolated from the host. This will then protect the credentials in memory in the event that the host machine has had a security breech. The credential security has been a lingering problem for Microsoft and utilizing a micro-virtual machine to solve it is truly an inventive solution.
Windows Defender – One key improvement to mention is the continual enhancement of the Windows Defender application. While this is not a new product, it has undergone several updates to make it a more comprehensive security product for Microsoft. Enhanced real-time virus and malicious program scanning help to put it on par with other third party offerings. While Windows Defender may not replace your current third party packages today, its continual course of improvements, deep integration with the base OS and management abilities does warrant consideration as you make your security refreshes.
Privileged Identity Manager – While a very technical product, it addresses the most non-technical security risk in Windows today, the administrator. For the Windows Server Admin, having the highest level of security permissions was often necessary to doing the daily admin job. However, with administrator level credentials getting stolen and used for data breaches, this needed to change. Privileged Identity Manager does two key things: it can limit the administrator’s rights to just enough access to get the tasks done, and it can limit that access to the defined period of time needed to complete those tasks. This removes the 24×7 “god-level” access most admins have in favor of a balance between access to do the job and security.
Hyper-V Shield – While one of the benefits of virtual machines is portability, it is also one of the security risks. Cloning and removing a virtual machine offsite poses a real risk to any business. With the new Hyper-V Shield, virtual machines can now be encrypted at rest and will only power up if they are verified by the correct trusted platform module from the original secured host.
Device Guard – While anti-virus and malware protection creates a ‘blacklist’ of processes and prevents these unauthorized applications from running, Device Guard takes a slightly different approach. Device Guard creates a ‘whitelist’ of applications and binaries that can run in key parts of the OS. By only allowing certified binaries to run, it helps to overcome the time lag of detecting a new blacklist application and updating protection before it can strike.
With Windows Server 2016 Microsoft has worked to enhance and introduce several key security aspects of its premier data center operating system.