Windows 11 began rolling out to supported PCs earlier this month. Microsoft has now explained some of the security features of Windows 11, including improved hardware security, privacy controls, and application isolation and controls, among others.
The security requirements also drew criticism as it meant the end of Windows 11 support for many older machines. Either way, Microsoft has stood firm that security is at the heart of all machines running Windows 11. Here are the main additions that make Windows 11 more secure.
Improved system security at the hardware level
Windows 11 security begins at the hardware level, underscored by the company-recommended TPM 2.0 requirement to be able to install the update. Using chip-level security, “Windows 11 stores sensitive data behind additional security barriers, separate from the operating system,” Microsoft says.
This means that important information such as encryption keys and user credentials are stored securely and protected against tampering and unauthorized access.
Robust application security and privacy controls
Microsoft also adds that Windows 11 offers several layers of application security to protect “the integrity of critical data and code.”
“Application isolation and controls, code integrity, privacy controls, and least privilege principles allow developers to build security and privacy from scratch,” Microsoft adds. Built-in security also protects Windows 11 against breaches and malware while maintaining the privacy and security of user data. This built-in security also allows IT administrators to have more control over multiple machines.
Support for authentication without password
Windows 11 also goes hand in hand with Microsoft’s vision for a password-free future. Eliminating the need for passwords when signing in to Windows 11 and possibly other layers of security later, and instead providing alternative authentication methods that cannot be replicated keeps users safe and secure. of their data.
Connect to cloud services
“Windows 11 security enables policies, controls, procedures and technologies that work together to protect your devices, data, applications and identities from anywhere,” Microsoft writes in the post. The company also offers cloud services for “identity, storage and access management” in addition to other tools.
The company also says that users can enforce their own compliance and conditional access through modern device management (MDM) services such as Microsoft Intune which works with the company’s Azure Active Directory to control access to applications and data. via the cloud.