Windows 8.1 security: what's been improved

Defender was improved within Windows 8

Defender was improved within Windows 8

Once you can store information securely and prove that your PC doesn't have a rootkit or a virus that could compromise that, you can use your PC as a way to authenticate that's more secure than a password.

"Passwords are increasingly problematic," Hallum points out; "people can have them phished or they can be guessed." Windows 8 can already use the TPM as a virtual smartcard but that's not truly two-factor authentication. You need something else to prove your identity and that will be your fingerprint.

Windows 8.1 fingerprint sensors

Today's fingerprint sensors are big, clumsy (you have to swipe your finger across them carefully) and easy to fool with a fake finger. More powerful sensors can tell the difference between a real finger and a fake – they can tell if your finger has a pulse – and they can detect prints from four fingers at once, but those sensors currently cost $100 or more.

Microsoft is working with partners who can get the price down to about $4 each, so you'll get them in notebooks and tablets and even printers. And that could do way with insecure passwords entirely. "We want to make biometrics completely mainstream," says Hallum boldly.

Windows 8.1 virtual smartcards

Businesses get extra features as well. Windows 8.1 gets a way to use devices like Windows RT tablets, which can't jon a domain but do have a TPM, as virtual smartcards – as long as they use the new workplace join option so you identify to your company network which device you're using. That would mean that the files you can sync from your Windows Server file server to your RT tablet using Work Folders can be protected by Information Rights Management, which only lets authorised people open, print or copy those files.

Windows 8.1 selective wipe

Windows 8.1 will also include selective wipe for removing business files from a personal computer without deleting your personal files too. Work files will be protected by the encryption and admins will be able to send a command (using standard device management software like Mobile Iron, Airwatch or System Center) to erase just those files. That will work on both x86 and ARM devices running Windows RT.

Senior Director Stella Chernyak summed the combination up as Microsoft's answer to the BYOD trend. "As a user I can bring my personal device to work and easily join a corporate network with workplace join, and the company has a way to have my device recognised so when they expose the company data they know what device they're exposing it to. They don't manage the devices, they manage their corporate information, they control who has access - and they can remotely wipe business data and apps from that personal device if I'm leaving the company."

Now check out the other features in Windows 8.1. You can also check out the video below for a quick round-up:

TOPICS
Contributor

Mary (Twitter, Google+, website) started her career at Future Publishing, saw the AOL meltdown first hand the first time around when she ran the AOL UK computing channel, and she's been a freelance tech writer for over a decade. She's used every version of Windows and Office released, and every smartphone too, but she's still looking for the perfect tablet. Yes, she really does have USB earrings.