When the Covid-19 pandemic upended the workplace beyond the traditional corporate network, many employees had to rely on older personal laptops with outdated technology. With phishing attacks reaching new heights,1 many IT departments could not install endpoint protection quickly enough.
As a Microsoft Cloud Endpoint Technical Specialist, I was fortunate to be able to help many customers strengthen their overall security posture. No matter their size or complexity, I like to start out with a high-level approach:
As attacks have increased in scope and sophistication, so have our security measures. Microsoft has a clear vision for how to help and protect our customers now and in the future. Read on to see how Surface is meeting this challenge.
Every layer of Surface, from chip to cloud, is maintained by Microsoft, giving you ultimate control, proactive protection, and peace of mind wherever and however work gets done.2
Surface products are designed and built with supply chain security in mind. Surface takes an end-to-end approach to supply chain security by incorporating industry-standard security controls and risk management methods when designing, developing, manufacturing, deploying and maintaining Surface products.
The new set of hardware security requirements with Windows 11 is designed to build a foundation that is even stronger and more resilient to attacks.
We want to give commercial organizations the freedom to work anywhere while retaining the control they need to stay secure with streamlined device management and protection from Microsoft.
One advantage that stands out for me is that Microsoft maintains the entire stack — from the hardware, operating system, security, and management layers. Because security is built-in instead of bolted on, you don't need multiple add-ons. With Windows, it's all built right into the OS. And with Endpoint Manager, you can simply activate these built-in agents on the OS.
Finally, it's worth saying that data protection is not just the responsibility of IT admins or security specialists. It's essential that in our hybrid environment, every person is aware of threats and doing their best to protect themselves and others, especially from phishing attacks.
When you're ahead of the game, you can't be gamed.
1. See Windows Experience blog
2. Some features and functionality require paid subscription and/or qualifying volume license
3. Surface Go and Surface Go 2 use a third-party UEFI and do not support DFCI
4. Microsoft Endpoint Manager requires paid subscription or qualifying volume license
5. Microsoft Intune and Microsoft Endpoint Manager require qualifying volume license and/or subscriptions
6. Microsoft 365 Defender requires paid subscription or qualifying volume license
7. Finger Print ID and biometric data available on select models
8. Requires Azure Active Directory Premium for automatic MDM enrollment and custom company branding
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.