Windows 10 spells the end of Patch Tuesday
Microsoft is ready to abandon the longstanding patching schedule that saw patches and security updates being delivered on the second Tuesday of every month. With the advent of Windows 10, security updates and other software innovations will be pushed to PCs, tablets and phones as soon as they are ready.
But this change will only apply for home users – enterprise users will be able to take advantage of Windows Update for Business, a free service for all Windows Pro and Windows Enterprise devices.
Terry Myerson, the executive VP of Microsoft’s Operating Systems group, noted that while they have implemented security in all the layers of the Windows 10 stack, keeping devices up-to-date with the latest security updates is still the most crucial thing enterprises can do to protect them.
And the new changes to the updating process reflect that thinking. Still, Microsoft is aware that enterprises can’t afford not to test patches and updates before they implement them, so the Windows Update for Business will still use a monthly update cycle.
With this service, an enterprise’s IT pros will be able to specify which devices will be update first, and which will follow; the timeframes when updates will or will not be implemented (for example, not during office hours); and to deliver patches peer-to-peer, where branch offices and remote sites have a bandwidth problem.
At the Microsoft Ignite event for enterprises, currently underway in Chicago, the Redmond giant’s executives have announced a number of new solutions for making IT professionals’ job easier.
Among these is Microsoft Advanced Threat Analytics (ATA), a technology based on the recent acquisition of Israeli firm Aorato, which aims to quickly detect suspicious user and device activity within the enterprise network.
“Using deep packet inspection technology, Microsoft Advanced Threat Analytics analyzes all Active Directory traffic. It can also collect relevant events from SIEM and other sources,” the company explains. “ATA automatically starts learning and profiling behaviors of users, devices, and resources, and then leverages its self-learning technology to build an Organizational Security Graph, a map of entity interactions representing the context and activities of the users, devices and resources.”
The technology then looks for any anomalies in the entities behavior, as well as security issues and risks, and flags them to be checked, and finally provides actionable information to eliminate the threat.