Cracking Open Windows 10: Can Windows 10 Serve and Protect Government Users?

The Windows 10 start screen

The Windows 10 start screen Microsoft

Moving from Windows 7, the last “traditional” operating system from Microsoft, to Windows 10 is not going to be as traumatic as previous Windows updates.

John Breeden II is an award-winning journalist and reviewer with over 20 years of experience covering technology and government. He is currently the CEO of the Tech Writers Bureau, a group that creates technological thought leadership content for organizations of all sizes. Twitter: @LabGuys

New operating systems are always a cause for concern among government users, especially because with most agencies, fancy new features and usability improvements take a back seat to simply getting the job done. This is especially true when those new features -- often embraced by consumers -- end up making government’s job more difficult or less secure. Such was the case with Windows 8 at a lot of agencies, and why Windows 10 has so many people worried.

I’ve been working with Windows 10 in my test lab as it developed, and am using it every day on a variety of platforms from a desktop to a notebook to a tablet. So I can tell you that moving from Windows 7, the last “traditional” operating system from Microsoft, to Windows 10 is not going to be as traumatic as when jumping from 7 to 8. Not by a long shot. And current Windows 8 users might not even notice most of the changes with 10, other than it’s a lot easier to use without a touchscreen. And no, there is no Windows 9. It was all together skipped.

Windows 10 is available right now to consumers as a free upgrade from either Windows 7 or 8, though in talking with Microsoft officials, they don’t anticipate many government agencies are volume licensing their operating systems through the Volume Licensing Service Center will make the jump just yet. In the fall, Microsoft plans to add quite a few additional enterprise features to Windows 10, which they think should make it a good fit for government.

I’ll go into the planned additions to Windows 10 that should be available this fall, but for now, I want to talk about what is currently available and what to expect from the new OS.

The interface for Windows 10 is almost like a hybrid between 7 and 8. Along the left side, you will see the homage paid to Windows 7 users, with a long column listing your most-used applications. If you click on the All Apps button, you are given a list in alphabetical order of everything installed on the PC, just like when clicking the Start button and selecting All Programs with 7. The Start button is back as well, though you don’t need to click on it to do much other than to shut down your system.

To the right of that “old school” area is where 10 looks more like 8. All those colored blocks that represent either programs on your system or living widgets that can display information or even videos about certain topics live there. They act just like they did in 8, and function very well in a touchscreen environment. But they can also be completely removed if you like, so you are only working with the classic interface on the left side.

Security has been upgraded with Windows Hello and Passport, programs that help to bring all of a device’s peripherals to bear to make it more secure, and to add the two-factor authentication most agencies require.

How it works is that authorized users can record their pictures with a webcam or their fingerprints if the device has a reader using Hello. Then, when logging in, the system will use Passport to check that whoever is using that password is who they claim. Once you sign up, it’s all automatic.

In the case of the camera, your PC will simply scan your face each time you log in. In a government setting, an administrator can control who can access and register with Hello and rescind permissions in Passport.

Windows 10 also goes a step beyond the Secure Boot features found in 7 and 8 that tapped into the Trusted Platform Module crypto-processor. The older operating systems wouldn’t boot if components inside the machine had changed or been tampered with.

Windows 10 adds a new feature to that protection called Device Guard, which only allows signed applications and code to execute on protected devices. This would enable federal agencies to designate what programs could be installed on their systems and prevent anything else, including malware, from getting a foothold.

Device Guard is not yet government certified, but Microsoft officials say they should expect to receive FIPS 140-2, NIAP/Common Criteria and DISA STIGs in the next couple months.

The much-maligned and often-attacked Internet Explorer browser is finally being put to rest with 10. In its place is a much more streamlined browser program called Edge. Edge is a bit like a lightweight browser that has many of those dangerous functions that can compromise a system disabled. It still has a lot of functionality, however, like the ability to bring text you are reading to the front of the screen, pushing everything else like graphics or advertising to the back and out of the way. It works well with highly cluttered pages, though its security features compared to Explorer are yet to be really tested.

The biggest feature in terms of security, Enterprise Data Protection, is still on hold. But in the fall, it should be added to Windows 10. It will allow for data to be separated into work and personal containers so government documents can be held to a higher standard of encryption and protection – protection that is supposed to follow that data whenever it moves and wherever it comes to rest.

It should also prevent designated government data from ever being copied into a personal folder, or onto an insecure medium like a key drive. If it works as billed, it might allow government to become friendlier towards BYOD programs where Windows 10 is the core operating system.

A few of the new features won’t play well in government. Cortana is the new personal assistant that allows for voice control of your PC as well as assistance to whatever questions you want to ask of it. Named after the helmet-mounted artificial intelligence from the Halo videogame, it seems much better suited for Windows phones than desktops. And the fact that you can soon play games from the Xbox One videogame console on your Windows 10 PC won’t win any accolades in the halls of government, though I would guess there will probably be an option to disable feature for enterprise PCs.

For a home user, especially someone using Windows 8, there is no reason not to take the free upgrade. Windows 7 users might want to hold out if they like how that OS works, though settling into 10 shouldn’t be too difficult.

For government, the best move is likely to wait until the fall to see how some of those features like Enterprise Data Protection will actually work. But in any case, installing Windows 10 will -- if nothing else -- give agencies a path to skip over the hodgepodge that is Windows 8, and that alone might be worth the price of admission.