Microsoft has developed a new security configuration framework that will define the security levels required for the Windows 10 devices among enterprises.
Called SECCON, the new framework will simplify security configuration while still providing flexibility to balance, security, productivity, and user experience. Microsoft has defined five security levels for addressing the security needs of Windows 10 devices.
The reason behind developing SECCON framework is that there are thousands of group policies available in Windows. This makes the security configuration complex and makes it difficult for users to choose the best setting. They aren’t sure about the right policies needed for the implementation of a complete scenario. Sometimes they face unintended consequences of security lockdowns.
SECCON will organize the devices into one of 5 distinct security configurations.
- Level 5 (Enterprise Security)
This should be the minimum level of the security configuration for enterprise devices.
- Level 4 (Enterprise High Security)
The enterprise devices using which sensitive or confidential information is accessed, should use this level of security configuration.
- Level 3 (Enterprise VIP Security)
The devices used by larger or more sophisticated security teams, or users who are at high risk, should have Enterprise VIP Security configuration. Recommendations for this level of security can be a little complex because it may need the removal of local admin rights for some organizations, which can take a lot of time.
- Level 2 (DevOps Workstation)
The devices used by developers and testers should have the DevOps Workstation security configuration. They have access to servers and systems that consist of valuable data and critical functions.
- Level 1 (Administrator Workstation)
Administrators of identity or security systems present the highest risk to the organization. Their compromised device can cause data theft, data alteration, or service disruption.
“In the past, we left defining the security configuration for Windows 10 as a task for every customer to sort out. As a result, we saw as many different configurations as we saw customers. Standardization has many advantages, so we developed a security configuration framework to help simplify security configuration,” concluded Chris Jackson, Principal Program Manager, Microsoft in a blog post.