US Department of Defense Commits to Upgrade 4 Million Seats to Windows 10
By Yusuf Mehdi / Corporate Vice President of Microsoft’s Windows and Devices Group as written on blogs.windows.com
One of the largest enterprises anywhere – the US Department of Defense (DoD) – has joined the ranks of enterprise customers planning swift Windows 10 deployments.
With more than 76% of our enterprise and education customers in active pilots of Windows 10 and more than 200 million active devices running Windows 10, we’re seeing accelerated and unprecedented demand for Windows 10 amongst enterprise customers.
The Secretary of Defense has directed all U.S. DoD agencies to begin the rapid deployment of the Microsoft Windows 10 throughout their respective organizations for information systems currently utilizing Microsoft Operating Systems. From laptops to desktops to mobile devices, including Surface devices, the DoD is targeting its Windows 10 upgrade for completion in a year, an unprecedented move for a customer with the size and complexity of the DoD.
The Rising Importance of Security for Government Agencies
Today’s government agencies face new and emerging challenges that range from a constantly shifting threat landscape to managing multiple platforms and devices in the enterprise environment. And the modern threat landscape has never been more challenging – driving tremendous costs and risk to the security of critical information. Security breaches can take 200+ days to detect and industry experts predict there will be over two million new malware apps by the end of the year. Clearly, these are driving factors in President Obama’s action plan announced last week to improve cybersecurity across government systems and devices.
Terry Halvorsen, CIO for the DoD, also shared this fall that more tools were needed for automated cyber defense, highlighting significant security challenges to the DoD networks. Halvorsen singled out software integration as a challenge to his mission and was quoted as saying, “If you have an impending need to survive you will innovate,” adding that DoD networks are “getting shot at” virtually every day. With the DoD spending approximately $44 billion annually on cybersecurity and IT, Halvorsen said the DoD needed to deploy innovation faster to ensure systems are more secure, more efficient and cost-effective, and standardized on one platform.
Because the U.S. Department of Defense is a prime target of cyber criminals and one of the largest and most complex organizations in the world, its leaders know the importance of securing its baseline systems.
Department of Defense Bets on Windows 10
The DoD’s intention to move to Windows 10 began in earnest in November when Halvorsen issued a memo directing all Combatant Commands, Services Agencies and Field Activities to rapidly deploy Windows 10 to improve the Department’s cybersecurity, lower the cost of IT and streamline the IT operating environment.
Further demonstrating a strong vote of confidence for the platform, Windows 10 has been certified as meeting specific government criteria and standards. The National Information Assurance Program, the arm of the US government responsible for evaluating commercial IT products for use in National Security Systems has certified Windows 10 against the Mobile Device Fundamentals Common Criteria protection profile. Additionally, Microsoft’s Surface family of devices have been certified and are available through the Defense Information Systems Agency (DISA) Unified Capabilities Approved Products List and can be easily worked into deployment plans. This means that Surface has met the strict security and interoperability requirements required by the DoD.
As the Department upgrades, it may incorporate some of the following Windows 10 security features:
Windows Hello: One of the greatest weaknesses in any security environment is the use of passwords, which can easily be hacked and used to gain access to secure resources and data. With Windows 10, agencies can identify individuals and restrict access through integrated multi-factor authentication using biometric mechanisms like facial recognition or fingerprints using the Windows Hello and Windows Passport features.
Enhanced threat resistance and device security. Working from a crypto-processor, Trusted Platform Module (TPM) -approved chip, tools include familiar features like Secure Boot, which helps prevent malware from embedding itself within hardware or starting before the OS, and Trusted Boot which helps maintain the integrity of the rest of the operating system. Device Guard ensures that only signed applications and code can run on these devices. And Credential Guard safeguards credentials inside a hardware-based virtualized environment and breaks the popular “pass the hash” used in many major breaches.
Windows Defender, provides anti-malware service, which currently protects almost 300 million Windows devices every day.
Enterprise Protection, currently in testing with enterprise customers and available soon, provides separation between both corporate and personal data and prevents corporate data from being copied out of corporate files to non-corporate files and locations, such as public website or social channels. Additionally, when EDP is used with Rights Management Services, it can protect data locally adding another layer of protection even when data roams or is shared.
It is exciting to see adoption of Windows 10 by so many enterprise customers, including those with the highest of security demands, such as the Department of Defense.