Microsoft published a sizable PDF on Tuesday outlining the new security-focused features in Windows 11, with a focus on supporting zero trust.
Microsoft, Google, and Amazon have been collaborating with the US government for a few years on enhancing cybersecurity through zero trust and other methods. Of course, the fact that these are the top three cloud service providers is no coincidence; they are in the best position to put in place safeguards against devastating cyberattacks.
But Microsoft is also bringing security further down the stack, to firmware, where competitors in the cloud can’t follow.
Even while network-level security is required, it is insufficient to thwart attackers that go after firmware and other low-level computer components.
Firmware bugs in computers, printers, and other pieces of hardware can give access to a company network. It is challenging to remove malware that has wormed its way into the silicon, such as TrickBot, MoonBounce, and LoJax.
Microsoft noted in the latest research that “these emerging risks require for computing gear that is safe down to the very core, including hardware chips and processors that store sensitive corporate information.” We can provide powerful mitigation against entire classes of vulnerabilities that are challenging to stop with software alone with hardware-based security, according to the statement.
Microsoft advertises less slowness when employing hardware-based security as opposed to operating it in software, in addition to the increased strength of the protection.
Hardware root-of-trust and silicon-assisted security work together to form the basis of the integrated hardware security.
“With hardware-based isolation security that begins at the chip, Windows 11 stores sensitive data behind additional barriers separated from the operating system,” Microsoft wrote in its new report. “As a result, information including encryption keys and user credentials are protected from unauthorized access and tampering.”
