By Zach Dickson
At Lucidity we firmly believe security is paramount to the success of any IT system. With the release of Microsoft’s latest server platform, Windows Server 2016, Microsoft is leading the way in terms of both keeping up to date with existing threats, as well as planning ahead to neutralise attacks in the future.
I’m going to do a series of blogs running through some of the components of the below features, starting on my favourite topic, Security (see also my previous blogs that discuss cloud security here and here).
Following the release in October 2013 of the previous version, Windows Server 2012 R2, there are now significant improvements and features in Windows Server 2016 for businesses to take advantage of. Server 2016 was developed alongside Windows 10, and has been built with three main features in mind:
1) Safeguard your business; 2) Improve IT efficiency and productivity 3) Ready for the cloud
With the rise of increasingly sophisticated cyber threats, and the ever expanding virtualised environments that are now commonplace within the IT industry, Microsoft has identified protecting virtual machines (VMs) as one of the key focuses of Server 2016.
Attackers are often using compromised, highly privileged admin credentials to access VMs, making it easy for them to remain unnoticed and wreak havoc within the environment. Any attacker that can access the compute resources, network or fabric storage would instantly have access to every virtual machine within that environment and that would be very bad news indeed.
With the cost of data breaches increasing exponentially year on year, these attacks are often devastating to businesses. A recent study by IBM shows that on average, a data breach now averages $4 million dollars (USD) per incident.
But, it is not all doom and gloom! Microsoft has responded to this ever-growing threat by creating comprehensive, robust security layers on the Server 2016 platform. Threat defence and credential isolation capabilities are activated upon deployment, and a host of other security features can be turned on or off depending on your businesses requirements. Without going into too much detail, here are a few of the main ones:
Shielded Virtual Machines
The Crown Jewel is Shielded Virtual Machines (VM). These shielded VMs are BitLocker encrypted and protect the data contained within VMs. Should the environment be compromised or attacked by malicious admins, Shielded VMs data cannot be accessed outside of the host machines which are permitted to run the VMs. Windows 2016 Host Guardian Service (HGS) then validates hosts that can run the shielded VM.
Microsoft’s below infographics illustrate who has access to the data and the attestation process that the VM runs through when allowing a host access.
As well as Shielded VMs, Microsoft has also looked to limit the source of the problem by providing a variety of tools to protect admin credentials. Credential Guard protects admin credentials from being stolen by a variety of known attack methods while Just-in-Time Administration and Just Enough Administration protect critical data from attackers, even if they already have compromised admin credentials. Just-in-Time Administration allows you to limit the amount of time that people have administrator privileges for, and Just Enough Administration controls what they can do while they do have access.
Microsoft has also included Windows Defender on Server 2016. This is a built-in feature that protects the virtual environment from malware, it can regularly update anti-malware definitions using Windows Update, ensuring your environment is fully protected at all times.
So, that’s a very quick overview on just a handful of the security features that have been built into Windows Server 2016. If you’d like to find out more about the full range of features on offer, I recommend you visit Microsoft’s Windows IT Center here.
As a Microsoft Gold Partner, Lucidity can support your organisation by providing both the Windows 2016 Server platform and the in-house consultancy skills to meet your needs. Our CloudOS virtual machines also include licensing for Windows Server 2016.