Hardware and Platform Security: Mastering the Balancing Act


You want to allow users to be their most productive. So, you introduce manageability measures to easily deploy tools and enforce security standards that prevent threats without disrupting the flow of productivity.

Nonetheless, your users will always  take some steps to improve their own productivity (via apps and cloud services)  that also hampers manageability and leaves your data and services vulnerable to threats.

Respond with too many security features, however, and usability suffers – slowing down machines and interrupting end users with prompts.

This is the “Great Balancing Act” of modern mobile computing. The successful solution strikes a delicate balance between three critical priorities:

  • Security
  • Manageability
  • Productivity

Our recent webinar explores how Windows 10 Pro and Intel 7th Gen Core processors combine platform and hardware features that help you achieve this balance in your environment.


Threats to data security are a critical concern for the modern enterprise. Most intruders gain access unnoticed. Many aren’t discovered until well after they’ve left. Many stick around for a while before leaving. So, what are the implications of the threat?

  • The average time to detect a data breach is 230 days (Gartner)
  • 52% of attacks come from malicious insiders (Break Level Index)
  • Web browser is the most common point-of-attack at 36% (McAfee Labs)
  • The average cost of a breach is $3.5 million. (McKinsey)
  • This cost has risen 15% YoY. (McKinsey)

The threat evolves as hackers find new, more advanced ways to gain unauthorized access to your data. But, in response, enterprises often try to fight present-day threats with tools from the past. In a recent example, the WannaCry ransomware bug affected 230,000 PCs worldwide. Most of these were still running Windows 7 (or another version) and hadn’t received updates via the appropriate patches.

Security with Windows 10 Pro 

Microsoft estimates 85% of enterprises will have begun Windows 10 deployments by the end of 2017. Almost 49% of these cite security improvements to Windows as the deciding factor.  In fact, Microsoft invests over $1 billion per year in cybersecurity research and development (R&D). This makes them the world’s largest cybersecurity firm, although you may not have thought of them this way. A great deal of this investment has gone into the Windows 10 Defense Stack.

The five-pillared security strategy protects Windows 10 devices from before and after a potential breach. The new version’s post-breach detection, investigation and response features are the real flagship security improvements in the release.

Features like Conditional Access enable control over who accesses your environment, when, and for how long. Device Guard “hardens” Windows 10 devices against malware and prevents malicious code from running. Credential Guard virtualizes authentication credentials. This, in turn, neutralizes the “rinse-and-repeat” aspect of common Pass-the-Hash (PTH) attacks.

Meanwhile, Windows Advanced Threat Protection (ATP) plays a role to an airplane’s black box, while adding the intelligence to mitigate or remediate threats. Its design uses machine-learning and cloud-based security analytics to detect and contain the most sophisticated attacks.

Security with Intel 7th Gen Core 

Some measures that boost user productivity don’t help as much in the security department.  When it comes to protecting devices, password authentication is one area where the user sometimes creates problems. Many of us may recycle passwords or PINs, if only to avoid having to remember too many. This leads to unfortunate situations where an intruder deriving one password could access a full range of services or devices.

With its 7th generation of Core processors, Intel re-introduces Intel Authenticate, its solution for “hardened,” or hardware-enhanced, security. Authenticate applies “multi-factor authentication” mechanisms to verify a user’s identity through two or more factors.  The result is a better overall security posture without the need for multiple passwords per user.

Intel Authenticate provides further enhanced security via “hardening” or hardware-based security. This places security factors, credentials, policies and decisions below the operating system (OS) layer and beyond the reach of software-based attacks. Intel’s hardware security offering also includes other intelligent features such as Bluetooth-powered walk-away locking and AMT-based environment detection.

Deployment & Manageability 

The workplace has evolved. The modern employee takes it for granted that they’ll use multiple devices for work each day. At the same time, the ongoing consumerization of IT has put a new emphasis on the user experience design.

The old workplace slowed under the weight of complexity, cost and compatibility issues. But, modern security threats put a new importance on the ability to deploy new functionality fast.

The process of deploying and managing devices in your environment must change to meet these new demands. Decades-old policies need to give way to reduce costs and increase agility. Applications and services must adapt to new expectations.

Deployment & Manageability with Windows 10 Pro

Microsoft has created Windows 10 Pro for the world of “modern IT.” With a focus on simplified deployment and dynamic management, the platform allows organizations to adapt to the cloud as fast or as slow as they need to. Enhanced features like Windows-as-a-Service and Windows Auto Pilot ensure deployments aren’t year-long projects that cause major disruption for users.

Dynamic management functionality for mobile apps and devices reduce the burden on IT departments and device managers. At the same time, proactive insights from Windows Analytics Update Compliance and Windows Analytics Upgrade Readiness lower time spent on validation and deployment efforts.

Deployment & Manageability with  Intel 7th Gen Core 

Intel Active Management Technology enables several key manageability enhancements, including Intel Secure Remote Erase. This feature, exclusive to 7th Gen Core processors, allows your IT department to remote-wipe SSD media and encryption keys in seconds.  This is doable from any location worldwide. And, it frees up valuable time otherwise spent on manual deletion of data from retired or re-purposed computers.

Other enhanced management features supported by Active Management include remote, high-resolution reimaging and desktop diagnosis. Together, these serve to reduce your total cost of ownership (TCO) for an IT service by as much as half (Gardner).


In the modern workplace, what constitutes “the office” is often in flux. Users demand uptime with software and devices wherever they are, whether inside or outside the corporate environment. Sixty-two percent of workers say they’re more productive outside the office.

At the same time, many organizations push their device refresh cycles to three years and beyond. But, workers now expect powerful, flexible and responsive user experiences whether working with desktop or mobile devices.

Productivity with Windows 10 Pro

For end-users, Windows 10 Pro enables software and device uptime in- and out-of-office with solutions like Azure AD user state roaming and Windows One Drive for Business and Office 365. Newer features such as digital ink and intelligent assistants like Cortana support more powerful ways to interact with work devices.

Windows 10 Pro also enhances productivity for IT departments, offering streamlined processes dynamic provisioning, and managed roll-outs that harness the cloud.

Productivity with Intel 7th Gen Core 

Intel’s newest “Kaby Lake” generation of Core processors also offer a productivity boost through sheer performance. Although the difference isn’t as noticeable over 6th generation models, the 7th Gen core processors provide a significant improvement over devices aged three-to-four years or more.

The new line of Intel processors also bridges the gap between tablet and laptop/desktop performance. A new breed of “all-in-one” and “2-in-1” hybrid devices from manufacturers like Dell, HP and Lenovo have the power and connectivity to complement or even replace traditional laptops in some use cases.

A Balanced Approach

We’ve seen that many organizations approach the steps of the hardware lifecycle as three distinct parts: select, acquire and manage. Sadly, when different individuals or groups are making decisions, setting standards and managing purchases, the results are internal gaps and delays in the procurement process.  Find out how a holistic approach to managing your device lifecycle and roadmap will help enhance security, manageability, and productivity in your environment.

5 Reasons Why It Pays to Go (Windows 10) Pro


Download the Infographic here

Whether it is that time in the refresh cycle or your organization’s hardware has slowed to a crawl, upgrading to new devices powered by seventh-generation Intel Core processors and Windows 10 Pro can save time, money, and countless headaches. Here is why.

1. That old laptop isn’t what it used to be.

It used to be common for organizations to go for four or more years between hardware refreshes. But in today’s fast-changing IT environment, four years is an eternity. Accumulated files, outdated applications, and general wear and tear can turn formerly top-of-the-line machines into lumbering laggards, refusing to open multiple applications, choking on even basic tasks, and, of course, crashing.

Research shows that laptops and PCs that are more than four years old cause more than a few extra gray hairs among staff; they cost real dollars in lost productivity (see infographic). And when it comes to dated security features, the costs can be far worse.

2. Security comes out of the box — and in it.

Malware, ransomware, botnets, rootkits — we have all read the headlines, and if we have been in an organization that has suffered a security breach, we know the impact. The average cost of a data breach now exceeds $3.5 million, and with more employees spending time working outside the office or on personal devices, the security challenges are only growing.

Modern Intel devices running Windows 10 offer three layers of protection. First, built-in hardware-based security can prevent malware from infecting systems and software. Then, Windows 10’s upgraded security offerings limit access to certified programs, offer up-to-date antivirus protection, identify compromised devices across the network, and use encryption to safeguard business data from theft or destruction. Finally, new authentication features such as Windows Hello and Credential Guard can help address the most serious threat: the user who dutifully types in the same password at work, at home, and on social-media accounts. (Research shows that 75 percent of us use the same three or four passwords across all our accounts).

Companies running Windows 10 Pro can see a 33 percent reduction in security issues and the time required to resolve problems. And upgrading to more secure systems can pay off even if there’s no breach. Organizations can save up to $710,000 per year in security remediation expenses by running Windows 10 Pro.

3. New tools offer new ways of doing business.

Windows 10 devices with seventh-generation Intel Core processors offer better performance and longer battery life. They boot up and wake from sleep move more quickly, saving each user 15 minutes or more a day. But the hardware is just the beginning.

With Windows 10 Professional, the cloud is baked into the operating system. Employees can access their information and applications from anywhere, while state-of-the-art security extends into the cloud to protect company data. And with the latest Intel Core-powered devices, everyone benefits from new time-saving tools like digital ink, which  allows users to write, not type, on their PCs, laptops, and tablets—with proven benefits to understanding, organization, and memorization. No wonder, then, that studies show that Windows 10 can increase overall productivity across the enterprise by 50 percent.

4. Upgrading may not pay for itself in a year, but it is close.

Return on investment has a big impact on the bottom line, especially when you are talking about hardware upgrades. Windows 10 delivers, with upgrades paying for themselves in just 14 months, according to a Forrester study. Over three years, total ROI exceeds 233 percent.

5. Upgrading is no longer an all-day affair, making it easier to focus on upgrading your skills. 

Windows 10 only takes five minutes per device to install, requiring 70 percent fewer resources than the Windows 7 upgrade. And once installed, IT managers get better tools to oversee the enterprise, including dynamic provisioning and in-place upgrading, that can save up to 15 percent of their time.

But once you have upgraded to the latest and greatest Intel devices running Windows 10, it is time to relax. Right?

Not exactly. Both employers and their employees quickly realize how much-untapped potential is at their fingertips. In one survey, 64 percent of executives said that their companies weren’t taking full advantage of their IT investments. And more than 7 in 10 workers realize they are using less than half of the features available to them. So, with less time spent waiting for something to break or be breached, IT managers can spend their time exploring how to leverage the new productivity-focused features of Windows 10 across the enterprise. And that is a lot more exciting than thinking about the next iteration of the upgrade cycle.

Dell Rugged gets the ultimate upgrade – 6th generation Intel

Dell Rugged gets the ultimate upgrade - 6th generation Intel

Dell Rugged Goes Beyond Expectation. Again.

Dell made a huge impact on the rugged market in 2014 with the introduction of the Latitude Rugged and Rugged Extreme to the market. Boasting to be the answer to the needs of the world’s toughest jobs and harshest conditions, they made a promise to the market to Go Beyond Rugged. And they delivered.

How do you make the Latitude 14 Rugged and Rugged Extreme notebooks and the Latitude 12 Rugged Extreme even better?

[Read more…]