Why Feds Should Be Happy with Windows 10 Deployments

Microsoft CEO Satya Nadella speaks at an event demonstrating the new features of Windows 10 at the company's headquarters in Redmond, Wash.

Microsoft CEO Satya Nadella speaks at an event demonstrating the new features of Windows 10 at the company's headquarters in Redmond, Wash. Elaine Thompson/AP File Photo

Having advanced defenses available for government as part of its operating system deployment is a huge advantage.

John Breeden II is an award-winning journalist and reviewer with over 20 years of experience covering technology and government. He is currently the CEO of the Tech Writers Bureau, a group that creates technological thought leadership content for organizations of all sizes. Twitter: @LabGuys

Earlier this week, Nextgov reported industry groups were not happy with Defense Department Chief Information Officer Terry Halvorsen’s talk about the Windows 10 transition at DOD. They were upset because many of his comments during a phone conference with reporters, to them, seemed like a commercial endorsement.

But given how well the transition is going for DOD, and all the new security features that Windows 10 is bringing to the table, I’m not sure why anyone would have expected anything else but praise from the CIO.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

With over 4 million clients making the rollover across DOD, the story is newsworthy, hence the interest from reporters. And certainly, if the transition was going badly, Halvorsen would have been expected to explain that. So why get angry because DOD found a product that fits its needs?

I will admit, when I first started to roll over most of the Windows systems in my testbed I use for product reviews, I was a little skeptical. Reading my column from last year, it’s clear I was not endorsing the system, only taking advantage of the expiring free upgrade offer that Microsoft made when it first created Windows 10.

Now that I have had a year of working with the OS, I can see why Halvorsen would be pleased with how things are going in DOD. I have personally upgraded 31 systems to Windows 10 over the past year, and not one of them had any issues. Compared to previous upgrades to Windows 7, Vista, XP and Windows 8, that is a great record.

Moving to Vista had me at a 3-to-1 ratio where every three systems had a problem or snag. Going to Windows 8, it was better at one in five, but when problems did occur, they were very serious. I am sure the rollover to Windows 10 isn’t perfect, but I am personally running at a 31 and 0 record so far, and I couldn’t be more pleased to not be wasting my time with upgrade snags.

Back to government use, there are several key factors Windows 10 brings to the table that seem tailor-made for government agencies. Right off the bat, Windows 10 is compliant with the Federal Information Processing Standard 140-2 and the Defense Information Systems Agency Security Technical Implementation Guides for desktop, mobile and Common Criteria. Neither of those is very easy to obtain and is required for most federal deployments.

Looking at the nuts and bolts of the OS, Windows 10 brings anti-virus standard with Windows Defender on all deployments, for free, as part of the core system. I know that AV isn’t great protection anymore by itself, which is why government is implementing other means of endpoint protection.

But in my testing, Windows 10 works as well as most of the other commercially available AV applications, can run in tandem with other endpoint security solutions like the Malwarebytes scanning tool, disables itself if a competing AV product is present, and catches almost every threat I throw at it from my virus zoo.

In other words, Windows 10 automatically protects itself from the moment it gets installed, so there are no gaps in coverage but will step aside if something else comes along that would cause a conflict. And if you later delete that other AV program, Defender will go active again, so it works as a perfect safety net if nothing else.

Windows 10 is also cutting edge now when it comes to post-breach detection and mitigation, something that has never been done before as a core operating system function. With advanced persistent threats able to remain hidden inside networks for months or longer, it’s nice to have something looking back inside the perimeter just in case a threat slipped through. Windows 10 does that through its Windows Defender Advanced Threat Protection program, Advanced Threat Analytics, and to some extent, Office 365 Advanced Threat Protection—all of which government customers can access.

The advanced protections leverage three areas: endpoint behavioral sensors, cloud security analytics and threat intelligence.

  • Endpoint behavioral sensors: Sensors are tiny programs that get embedded in endpoints running Windows 10 to collect and process behavioral signals from the operating system about things like processes, registry access, file behaviors and lateral communications. If it finds an anomaly, it sends that data to an agency’s private cloud Windows Defender ATP control center. From there, internal government cybersecurity teams can investigate the possible breach and odd endpoint behavior.
  • Cloud security analytics: Microsoft has many sensors out there in the world from programs like the Microsoft Malicious Software Removal Tool and the Office 365 cloud-based office suite, plus company-controlled assets like Bing and SmartScreen URL reputation filtering. Microsoft collects that data and translates it into threat intelligence.
  • Threat intelligence: Generated by Microsoft hunters, security teams, partner companies and the aforementioned cloud security analytics program, threat intelligence enables Windows Defender Enterprise to identify attacker tools, techniques and procedures, and generate alerts when these might constitute an active threat.

I write about these kinds of tools all the time, but never in the context of an enterprise operating system. Having advanced defenses available for government as part of its operating system deployment is a huge advantage. Even if those tools only end up being one weapon in the federal arsenal, it would be crazy not to use them, especially these days when the advantages seem to be so heavily stacked in favor of the attackers.

I suppose all that does not excuse Halvorsen from breaking the government’s probation on commercial endorsements. But I can see why he would be so excited. It looks like Windows 10 is a good fit for government, and we should probably be happy the operating system transition for DOD is going so smoothly.