The Defense Department, led by DISA, is in the process of transitioning all current Windows-based systems to Windows 10, the latest version of Microsoft's flagship operating system.

"All DoD entities using Microsoft-based systems are to migrate to Windows 10 in order to standardize the DoD operating environment," said Col. Cedric Leighton, a former deputy director of training for the National Security Agency. "Basically, they want to complete the migration by January 2017."

Transitioning to a single common operating system will improve DoD's cyber posture by establishing a common baseline," DoD spokeswoman Lt. Col. Valerie Henderson said. "Improving software-patching practices helps consistently keep software secure and configure all computers to DoD's security standards," she said. "Deploying Windows 10 across DoD will allow these patches to roll out more quickly."

"Windows 10 provides an array of tools and features that can help agencies be more productive and enable continuous innovation," said Susie Adams, chief technology officer of Microsoft Federal, located in Reston, Virginia. "We are confident the DoD's adoption of Windows 10, coupled with the department's ability to use Surface devices, will help it reach its goals of improving its cybersecurity posture, lowering the cost of IT and simplifying its operating environment."

"For the DoD it's about far more than cybercrime; it's about thwarting cyber espionage on all its networks," said Leighton. "That's why the DoD CIO's reference to a Secure Host Baseline (SHB) is a key element to this migration."

DISA and NSA are jointly developing the SHB, a pre-configured and security-hardened machine-ready image that contains an organization's common operating systems (OS) and application software. "The idea is to standardize host security configuration management activities," Leighton said. "That may not necessarily achieve all of DoD's cybersecurity goals, but at least it points to the adoption of standard policies that will cover some of DoD's most vulnerable IT networks."

"Couple this with the benefits of the latest generation of client-based hardware options, [and] the DoD will experience performance gains and a superior user experience," said Greg Clifton, director of DoD and intelligence for Intel Federal Government Solutions. Intel Federal provides guidance to the DoD on hardware and processor features required to support Windows 10.

Clifton observed that the new form factors supported by Windows 10, such as Microsoft’s portable Surface devices, will give users across DoD access to enhanced security features. "They will also provide extended battery life and better performance, which leads to increased productivity and mission effectiveness, and smaller, thinner, lighter device options, including touch-screen displays," he said.

Windows 10 will also enable the DoD to take advantage of the sophisticated security features built into the latest Windows-compatible desktop and mobile devices. "In order to utilize various security features of Windows 10, such as Credential Guard and Device Guard, certain hardware features are required," Clifton said. "Examples of these hardware features include technologies such as CPU virtualization extensions, 64-bit architecture and Trusted Platform Module (TPM) version 2.0."

Another Windows 10 benefit is the potential for a more powerful automated cyber defense. "By adopting Windows 10 throughout the DoD enterprise, the DoD CIO hopes he can do a better job of leveraging the protections inherent in the new OS," Leighton he said.

Leighton said a key challenge facing both the DoD and DISA as the transition moves ahead will be ensuring that Windows 10's new security features don't neutralize the protections already resident on DoD networks: "We don't want an undiscovered vulnerability to crop up in the new OS."

Share:
More In IT and Networks