Windows 11 recently introduced powerful tools designed to bolster IT security, simplifying, and modernizing the approach to safeguarding organizations and employees.
Here are 4 new features in Windows 11 that you can take advantage of:
Phish-resistant credentials:
Windows 11 enhances security by offering phish-resistant credentials. Devices with Windows Hello for Business or FIDO2 security keys can eliminate traditional passwords, safeguarding against phishing. IT policies can remove password options for Microsoft Entra ID-joined devices, streamlining authentication. If ever necessary, users can leverage recovery mechanisms such as Windows Hello for Business PIN reset or web sign-in.
IT policy control with Config Refresh:
Config Refresh safeguards policies, resetting Windows 11 devices every 90 minutes by default or as often as every 30 minutes, preserving IT-configured settings. It operates through the policy configuration service provider (CSP), simplifying management. IT can pause Config Refresh for help desk support and reactivate it as needed.
Custom App Control:
Custom App Control permits only trusted applications on devices, reducing the risk of malware. It's seamlessly integrated into the Microsoft Intune admin console for simplified application control.
Enhanced Windows Firewall:
Windows Firewall gains significant enhancements:
· Application Control: Rules in Windows Firewall now support app ID tagging via Intune, enabling precise targeting of rules to specific applications without an absolute file path.
· Network List Manager Settings: These settings determine device presence on domain subnets, ensuring proper firewall rule application.
· Granular Firewall Logging: IT can configure granular Windows Firewall logging and specify inbound and outbound rules for ICMP types and codes.
These Windows 11 security tools empower IT teams to protect organizations efficiently while simplifying security configuration management.
