Today marks an exciting milestone in Microsoft’s AI journey. This morning, at an event in New York City, we made several major announcements to empower people across work and life—you can read more about Microsoft Bing and Edge with Copilot, what’s new from Microsoft 365 Copilot and Bing Chat Enterprise for work, Microsoft Designer and Copilot in Microsoft 365, Windows 11, and new Surface devices in Yusuf Medhi’s blog.
These innovations will redefine how we live and work with AI, and it’s so exciting to see the progress we are making to put AI and other capabilities into the hands of our customers across every aspect of their whole lives.
As we rapidly iterate and improve technology, it’s imperative that we do so with a security-first mindset. This means both building products that are secure by default and ensuring that we are adopting and deploying new technologies, like AI, in a secure and responsible way.
Designing Windows security for the new era
Today, we shared the upcoming Windows 11 update that will be available on September 26, 2023. That update includes several important security features and updates that help make this the most personal and intelligent Windows experience yet. I want to take a moment to highlight some of the key security features you’ll hear more about next week:
Building the passwordless future
We’ve talked for years about the passwordless future that we envision here at Microsoft. We know that passwords are one of the most common entry points for attacks—in fact, there are more than 4,000 password attacks every second—a nearly three-fold increase since last year.1 That’s why it’s more important than ever for organizations and individuals to use passwordless options whenever possible. In the Windows 11 update, we’re excited to introduce:
- Even more passwordless: IT teams will now be able to remove the option to enter a password on day one for all Windows 11 devices with Windows Hello for Business, prompting employees to use more secure login options.
- More with passkeys: For the past several years we have been committed to working with our industry partners and the FIDO Alliance to further the passwordless future with passkeys. Passkeys are the cross-platform, cross-ecosystem future of accessing websites and applications. Today we are pleased to share that Windows 11 users can better take advantage of passkeys. After creating a passkey with Windows Hello, you can access a website or application using your face, fingerprint, or device PIN. You can manage passkeys stored on your Windows PC and sign in using passkeys saved on your mobile phone for added convenience. You can use passkeys on a variety of services such as GitHub.com, DocuSign.com, and more.
Empowering IT with new security tools
The latest Windows 11 will also include powerful new tools that empower IT teams to keep their organizations and employees more secure, including:
- Custom App Control for Business policies with Microsoft Intune: Applications are the lifeblood of our digital experiences, but they can also become entry points for threats. With application control, apps must earn trust to run, ensuring only approved, secure, and trusted apps are allowed onto devices. By preventing unwanted or malicious code from running, application control is a critical part of a comprehensive security strategy. Application control is often cited as one of the most effective means of defending against malware. Customers can now use App Control for Business (formerly called Windows Defender Application Control) and its next-generation capabilities to protect their digital estate from malicious code. With App Control for Business, IT teams can configure what runs in a business environment through Microsoft Intune or other MDMs in the admin console, including setting up Intune as a managed installer.
- Config Refresh: We often uncover threat actors launching attacks designed to evade security measures by changing settings and system configurations. Config Refresh enables settings in the Policy Configuration Service Provider (CSP) on a Windows 11 device to be reset every 90 minutes by default, or every 30 minutes if desired. This protects against configuration settings being unexpectedly changed through either malicious software or registry edits and ensures that your settings are retained in the way IT configured them.
We will share more details about these and other new Windows 11 features next week.
New advanced security for Microsoft 365 Personal, Family, and Basic subscribers
As a company, we are also thinking about how we equip individuals with tools and information to better protect themselves at home. Today, we are excited to announce new advanced security benefits for Microsoft 365 Personal, Family, and Basic subscribers.
Microsoft Defender for individuals introduces credit monitoring and privacy protection in the United States
Today, we shared two new additions to Microsoft Defender for individuals that will help individuals and families protect their personal data online:
- Credit monitoring: The Defender identity theft monitoring capabilities will now be expanded with new credit monitoring functionality. Users will get an alert any time there is activity related to their credit that might be malicious, enabling them to act quickly and help stop activity while it’s occurring.
- Privacy protection: Privacy protection shields sensitive data from threats when users are connected to open and public Wi-Fi networks. It reduces online tracking and protects against bad actors on unsecured network and enables users to hide their IP address and location from websites, apps, and advertisers that may attempt to track online activity to collect personal data. Privacy protection also encrypts traffic and data through a VPN.
Learn more about Microsoft Defender for individuals.
OneDrive advanced security in Microsoft 365 Basic
Earlier this year, we launched our most affordable subscription plan, Microsoft 365 Basic. As promised, we’re now adding the OneDrive advanced security features in our Microsoft 365 Personal and Family plans to the Microsoft 365 Basic plan at no extra cost. Starting October 12, 2023, Microsoft 365 Basic subscribers will have access to OneDrive advanced security features like unlimited files in your Personal Vault, expiring sharing links, password-protected sharing links, files restore, and ransomware detection and recovery. Microsoft 365 Basic continues to offer 100 GB of cloud storage and incredible peace of mind benefits at an incredible price.
Using AI securely and responsibly
As we celebrate our advancements across AI, it’s important to reiterate our commitment to deploying these technologies securely and responsibly. I have been lucky enough to have had a front-row seat as we built, tested, and iterated on these amazing AI technologies. But as we’ve watched this evolve, we recognize that, as Spider-Man would say, “With great power, comes great responsibility.” That is why we are committed to building and deploying AI responsibly and ethically. You can read more about our commitments at the Empowering Responsible AI practices hub.
We’ve heard from customers and seen firsthand that employees are eager to use AI in the workplace. But many leaders have concerns about the use of AI in their organizations. They worry that it can introduce unnecessary risk. That’s why we are taking a safe and secure approach for customers, empowering them to feel confident in using AI at work. For example, Bing Chat Enterprise helps employees tap into the power of AI while ensuring prompts and responses aren’t logged or used to train the underlying model. Our commitments to enterprise-grade security, privacy, identity, compliance, and responsible AI in Microsoft 365 Copilot remain unchanged. And lastly we will continue to use AI to drive a paradigm shift in security with Microsoft Security Copilot. We empathize with security and IT leaders trying to navigate a challenging landscape and will continue to build security into our products to help them harness the power of AI confidently.
As part of our time in New York today, I am pleased to be a part of a panel discussion on this topic. Thank you for being part of our journey and making security forefront in your lives.
Stay tuned for more exciting details from Windows next week as we celebrate the availability of the new Windows 11 on September 26, 2023.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
1Microsoft internal data.