Windows 8 is a dramatically changed operation system from Microsoft. Since the release of Windows 8 in October last year, a lot of consumers choose to get their hands on the new OS, and the next step for Microsoft is to convince enterprises to upgrade to Windows 8. As we can see, for years, the Windows platform has built many amazing security features into the core of its operating systems. To some extent, the new edition of Windows extends these capabilities and provides some new enhancements. On the other hand, there are also some disputes on its security performance to enterprise users.

For PC users, they may upgrade to Windows 8 simply because they find password reset for Windows 8 is much easier than that for any other systems. The enterprise is not always the first to adopt new OS, for it is not easy to change an entire fleet of systems from one operating system to the next. Many enterprises even stick with a single version of an operating system for years, sometimes skipping every other release.

Five or six years ago, the operating system itself was most targeted by attackers, but now it’s the browser. Microsoft has also made some improvements on Windows 8 browser. According to Forrester, better security is the number one reason that firms upgrade browsers. IE10 is said by some IT security experts to be the safest Windows 8 browser against socially-engineered malware, building on the top-rated security features of IE9 with SmartScreen, enhanced protected mode and new memory protections.

Windows 8’s new security improvements also focus on the apps. The AppLocker can help mitigate issues by restricting the files and apps that users or groups are allowed to run. Under AppContainer, a developer must produce a manifest file that is linked directly to the application. This manifest file defines what the application can and cannot do. DirectAccess in Windows 8 makes it an easy thing for remote users to access resources inside a corporate network and they need’t launch a separate VPN. It will definitely help IT administrators keep remote users’ computers in compliance by applying the latest policies.

There are also many other security improvements in Windows 8 which may be practical for PC users, but not suitable for enterprise users. Take the picture password in Windows 8 as an example. Picture password, a new authentication method, allows Windows 8 users to select any picture and then draw a sequence of gestures including taps, lines and circles. It is said to be designed to simplify the process of Windows 8 login and also to reduce the likelihood that you forget the password. After all, you will have to reset Server 2008 administrator password when you forget the password in Windows Server 2008, while you just need change to log in with picture password in Windows 8. However, the picture password is supposed to be unsafe. The fingerprints on a careen with smudges can reveal attackers the gestures. Besides, the picture password is just a supplement of text password and can only be made after you¡¯ve had a text password. Once a user has changed to a new authentication means, the text password is encrypted using the AES algorithm and stored to Vault storage in a Windows System folder. Then, any user who has the admin privileges can access the original plain-text password, if the account is configured for authentication using the two authentication methods. In addition, the touchscreen method seems not so practical for enterprise desktops.