Microsoft give guidelines on securing Windows 10 devices

Microsoft releases standards for highly secure Windows 10 devices
  • Yesterday, Microsoft released new hardware guidelines for securing Windows 10 devices.
  • The hardware standards are broken up into 6 categories, which are processor generation, processor architecture, virtualization, trusted platform modules (TPM), platform boot verification, and RAM.
  • For processor generation, Microsoft recommends that users use Intel & AMD 7th Generation processors, as they contain Mode based execution control (MBEC), which provides further kernel security.
  • For a processor architecture, they recommend a 64-bit processor so that Windows can take advantage of, or Virtualization-based security(VBS), which uses the Windows hypervisor.
  • Support for Intel VT-d, AMD-Vi, or ARM64 SMMUs is advised, in order to take advantage of Input-Output Memory Management Unit (IOMMU) device virtualization.
  • A Trusted Platform Module, or TPM enables the secure generation of cryptographic keys, facilitates their storage, a secure random number generator, and hardware authentication.
  • Microsoft recommends platform boot verification, which is a feature that prevents attackers from deploying malicious or compromised firmware. Intel Boot Guard in Verified Boot mode or AMD Hardware Verified Boot can be used to enable this.
  • Finally, they recommend a minimum of 8GB memory. This seems more like a performance requirement than a security requirement.
  • Meeting these requirements need not be costly. For example, this ASUS P-Series P2540UA-AB51 meets all requirements and costs just USD 499.
  • However, many consumer computers do not have a motherboard with a TPM socket.

So you Think Shes Cheating on You - Put Your Mind at Rest With FlexiSPY (728x90)

Be the first to comment

Leave a Reply

Your email address will not be published.