{"id":121820,"date":"2022-09-20T10:00:00","date_gmt":"2022-09-20T17:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=121820"},"modified":"2023-08-03T15:29:17","modified_gmt":"2023-08-03T22:29:17","slug":"new-windows-11-security-features-are-designed-for-hybrid-work","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/","title":{"rendered":"New Windows 11 security features are designed for hybrid work"},"content":{"rendered":"\n<p>Attackers are constantly evolving, becoming increasingly sophisticated and destructive\u2014the median time for an attacker to access your private data if you fall victim to a phishing email is 1 hour, 12 minutes.<sup>1<\/sup> Microsoft tracks more than 35 ransomware families and more than 250 unique nation-state attackers, cybercriminals, and other actors. We have unparalleled threat intelligence\u2014processing more than 43 trillion signals per day, including 2.5 billion daily endpoint queries and 921 password attacks blocked every second. We work alongside more than 15,000 partners in our security ecosystem and we have more than 8,500 engineers, researchers, data scientists, cybersecurity experts, threat hunters, geopolitical analysts, investigators, and frontline responders across 77 countries. We combine human and machine intelligence with built-in AI to continuously learn from the attack landscape, and we have a dedicated team, the Microsoft Offensive Research and Security Engineering (MORSE), that works to stop threats before they reach your device.<sup>2<\/sup> All of this goes into the design process to deliver a more secure Windows with every release.<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\"><p>\u201cBecause Microsoft designed the <a href=\"https:\/\/www.microsoft.com\/en-us\/windows\/business\/windows-11-security\">security model of Windows 11<\/a> from the ground up to assume that some component has already been compromised, threat actors will find it orders of magnitude more difficult to remain undetected [and persist] in the environment than in traditional architectures.\u201d<\/p><cite>&#8211;<a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RE4PnBs\" target=\"_blank\" rel=\"noreferrer noopener\">SANS Institute<\/a><\/cite><\/blockquote>\n\n\n\n<h2 class=\"wp-block-heading\">Protection that evolves with the threat landscape<\/h2>\n\n\n\n<p>Today, we\u2019re proud to announce that the security features you heard about <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/04\/05\/new-security-features-for-windows-11-will-help-protect-hybrid-work\/\">in April 2022<\/a> are now available on Windows 11<strong>.<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Application Control<\/h3>\n\n\n\n<p>We\u2019ve added features that give people the flexibility to choose their own applications, while still maintaining tight security. <strong>Smart App Control<\/strong> is a new feature for individuals or small businesses designed to help prevent scripting attacks and protect users from running untrusted or unsigned applications often associated with malware or attack tools.<sup>3<\/sup> This feature creates an AI model&nbsp;using intelligence, based on the 43 trillion security signals gathered daily, to predict if an app is safe. App control is known to be one of the most effective approaches to protecting against malware but can be complex to deploy. Windows 11 uses the power of AI to generate a continually updated app control policy that allows common and known safe apps to run while blocking unknown apps often associated with new malware.&nbsp;Our customers have asked us to make this simpler and we have responded.<\/p>\n\n\n\n<p>The Smart App Control approach achieves the goal of making advanced app control protection widely available. Smart App Control is built on the same same OS core capabilities used in <a href=\"https:\/\/docs.microsoft.com\/windows\/security\/threat-protection\/windows-defender-application-control\/windows-defender-application-control\" target=\"_blank\" rel=\"noreferrer noopener\">Windows Defender Application Control<\/a>. Smart App Control is provided on all Windows client editions with clean installations of Windows 11 2022 Update. Alternatively, for enterprises, your IT team can use Microsoft Intune with Windows Defender Application Control to remotely apply policies to control what apps run on workplace devices.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Vulnerable driver protection<\/h3>\n\n\n\n<p>Malware increasingly targets drivers to exploit vulnerabilities, disable security agents, and compromise systems. Window 11 uses virtualization-based security (VBS) for enhanced kernel protection against potential threats.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Hypervisor-protected code integrity (HVCI),<\/strong> also called memory integrity, will be enabled by default on all new Windows 11 devices. HVCI uses VBS to run kernel mode code integrity (KMCI) inside the secure VBS environment instead of the main Windows kernel. This helps prevent attacks that attempt to modify kernel mode code such as drivers. The KMCI role is to check that all kernel code is properly signed and hasn\u2019t been tampered with before it is allowed to run.<\/li><\/ul>\n\n\n\n<p>HVCI ensures that only validated code can be executed in kernel mode. The hypervisor leverages processor virtualization extensions to enforce memory protections that prevent kernel-mode software from executing code that has not been first validated by the code integrity subsystem. HVCI protects against common attacks like WannaCry that rely on the ability to inject malicious code into the kernel. HVCI can help prevent the injection of malicious kernel-mode code even when drivers and other kernel-mode software have bugs.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>The Microsoft vulnerable driver block list<\/strong> is another important safeguard against advanced persistent threats and ransomware attacks that exploit known vulnerable drivers. Beginning with the 2022 Update, the block policy is now on by default for all new Windows computers, and users can opt in to enforce the policy from the Windows Security app.<\/li><\/ul>\n\n\n\n<p>The Windows kernel is the most privileged software and is therefore a compelling target for malware authors. Since Windows has strict requirements for code running in the kernel, cybercriminals commonly exploit vulnerabilities in kernel drivers to get access. Taking advantage of Windows Defender Application Control, the kernel blocklisting feature prevents vulnerable versions of drivers from running. Microsoft works with ecosystem partners to constantly identify and respond to potentially vulnerable kernel drivers. Users who want the highest level of protection can still specify an allow list to implement driver control.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Enhanced identity protection and simplified password management<\/h3>\n\n\n\n<p>With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security that small or medium-sized businesses say results in 2.8 times fewer instances of identity theft.<sup>5<\/sup> Here are a few enhancements that can help you stay secure now and in the future:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Windows Defender Credential Guard<\/strong> is enabled by default with Windows 11 Enterprise. Credential Guard uses hardware-backed, virtualization security to help protect against credential theft techniques such as pass-the-hash or pass-the-ticket. In addition, this feature helps prevent malware from accessing system secrets even if the process is running with admin privileges.<\/li><li><strong>Credential isolation with Local Security Authority (LSA) protection enabled <\/strong>by default provides extra protection to new, enterprise-joined Windows 11 devices. LSA is one of the critical processes that verify a user\u2019s identity. With LSA protection, Windows will load only trusted, signed code, making it significantly more difficult for attackers to steal credentials.<\/li><li><strong>Enhanced phishing protection in Microsoft Defender Smartscreen<\/strong> can detect and warn you when you\u2019re entering your password into a known compromised app or website. It also promotes good credential hygiene by warning users when they try to re-use passwords or store them in an unsafe location such as a text file. This goes beyond browser-based protection to build advanced phishing protection into the operating system itself, empowering users to take proactive action before passwords can be used against them or their organization. IT admins can customize alerts using a mobile device management (MDM) solution like Microsoft Intune.<sup>4<\/sup><\/li><li><strong>Go Passwordless with Windows Hello for Business.<\/strong> With built-in protection already enabled, Windows 11 helps block software and firmware attack from the moment you turn on your device. And for secure, convenient single sign-on (SSO), you can take advantage of the protection and convenience of <strong><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/05\/05\/this-world-password-day-consider-ditching-passwords-altogether\/\">passwordless authentication<\/a><\/strong> using Windows Hello for Business and a unique identifier such as your face, fingerprint, or PIN. These unique identifiers are bound to your device and can only be used by you from that device for secure, convenient SSO across your computer and cloud services.<\/li><li><strong>We\u2019ve also made Windows Hello for Business much easier to deploy.<\/strong>&nbsp;For example, we\u2019ve removed requirements for public key infrastructure (PKI). Look into&nbsp;<a href=\"https:\/\/learn.microsoft.com\/windows\/security\/identity-protection\/hello-for-business\/hello-hybrid-cloud-trust\" target=\"_blank\" rel=\"noreferrer noopener\">this deployment model<\/a>&nbsp;for an easy, secure way to set up a modern, passwordless sign-in experience.<\/li><li>And if you\u2019re going passwordless, you\u2019ll be able to take advantage of <strong>presence sensing<\/strong> for hands-free secure sign-in. Presence detection sensors work with Windows Hello to sign you in when you approach, and lock when you leave.<sup>5<\/sup> The feature is optional and can be easily enabled on devices equipped with presence sensors.<\/li><\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Locking down IT policy and compliance<\/h3>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Config lock<\/strong>, available only on Secured-core PCs that are designed for added security, helps prevent the configuration drift that occurs when users with local admin rights change settings and put devices out-of-sync with IT security policies. With config lock, Windows 11 monitors the registry keys that configure each feature even when the device isn\u2019t connected to the internet. When a drift is detected, the device immediately reverts to the IT-desired Secured-core computer state.<\/li><\/ul>\n\n\n\n<p>Config lock builds on the security fundamentals of Windows 11 and is, in part, secured by specific <a href=\"https:\/\/docs.microsoft.com\/windows-hardware\/design\/device-experiences\/restore-scpc-config-for-admins\" target=\"_blank\" rel=\"noreferrer noopener\">hardware features.<\/a> The feature monitors a pre-configured set of <a href=\"https:\/\/docs.microsoft.com\/windows\/client-management\/mdm\/config-lock#list-of-locked-policies\" target=\"_blank\" rel=\"noreferrer noopener\">configuration service providers (CSPs) and policies<\/a>. If you assign any of these policies to devices in your tenant, enabling config lock will maintain your defined settings.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Ongoing innovation to improve security for all<\/h2>\n\n\n\n<p>We\u2019re continuing to add protection from chip to cloud, with an emphasis on the benefits of using new, modern devices with hardware features optimized for security and hybrid work.<\/p>\n\n\n\n<p>For example, if you work in data-sensitive scenarios, <a href=\"https:\/\/www.microsoft.com\/windows\/business\/windows-11-secured-core-computers\"><strong>Secured-core PCs<\/strong><\/a> with Windows 11 can be a great choice. These devices come with additional safeguards enabled, including advanced firmware protection, for the highest level of Windows security. We also will now detect if a device is capable of Windows Defender System Guard and alert users in the Windows Security app that the feature can be enabled. This update to the Windows Security app is currently available to the Windows Insider population and will be broadly available soon.<\/p>\n\n\n\n<p>The\u00a0Microsoft Pluton\u00a0security processor, designed by Microsoft and our silicon partners, directly integrates into the silicon of the CPU, providing protection for sensitive assets like credentials and encryption keys by isolating them from the rest of the system. The Pluton firmware also gets security updates straight from the cloud through the Windows updates process which helps security and IT teams simplify management and ensure they have the latest, ongoing protection against threats.\u00a0<\/p>\n\n\n\n<p>We\u2019re all working together toward a more secure future, and we look forward to delivering more innovation that will not only detect threats but help prevent them. Microsoft has committed a USD20 billion investment in security research and development over five years.<sup>4<\/sup> We\u2019re committed to your security and to continuously improving the foundational security provided by Windows with default security baselines to help you thrive now and in the future.<br><br>To get more information on Windows 11 chip-to-cloud security, <a href=\"https:\/\/www.microsoft.com\/windows\/business\/windows-11-security\">visit our website<\/a> and check out the <a href=\"https:\/\/query.prod.cms.rt.microsoft.com\/cms\/api\/am\/binary\/RWMyFE\" target=\"_blank\" rel=\"noreferrer noopener\">Windows 11 Security Book<\/a> details on how Microsoft optimizes Windows 11 for <a href=\"https:\/\/www.microsoft.com\/security\/business\/zero-trust\">Zero Trust<\/a>. <\/p>\n\n\n\n<p>To learn more about Microsoft Security solutions,&nbsp;<a href=\"https:\/\/www.microsoft.com\/security\/\">visit our&nbsp;website<\/a>.&nbsp;Bookmark the&nbsp;<a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\">Security blog<\/a>&nbsp;to keep up with our expert coverage on security matters. Also, follow us at&nbsp;<a href=\"https:\/\/twitter.com\/@MSFTSecurity\" target=\"_blank\" rel=\"noreferrer noopener\">@MSFTSecurity<\/a>&nbsp;for the latest news and updates on cybersecurity.<\/p>\n\n\n\n<div style=\"height:27px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<p><sup>1<\/sup><a href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/08\/30\/cyber-signals-3-strategies-for-protection-against-ransomware\/\">Cyber Signals: 3 strategies for protection against ransomware<\/a>, Vasu Jakkal. August 30, 2022.<\/p>\n\n\n\n<p><sup>2<\/sup><a href=\"https:\/\/news.microsoft.com\/innovation-stories\/morse-microsoft-offensive-research-security-engineering\/\" target=\"_blank\" rel=\"noreferrer noopener\">MORSE security team takes proactive approach to finding bugs<\/a>, Elliott Smith. August 3, 2022. <\/p>\n\n\n\n<p><sup>3<\/sup>Availability may vary by region.<\/p>\n\n\n\n<p><sup>4<\/sup><a href=\"https:\/\/www.cnbc.com\/2021\/09\/08\/microsofts-20-billion-and-cybersecuritys-big-spending-problem.html\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft has a $20 billion hacking plan, but cybersecurity has a big spending problem<\/a>, Eric Rosenbaum. September 8, 2021.<\/p>\n\n\n\n<p><sup>5<\/sup>Hardware dependent.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security. We&#8217;re proud to announce the new security features you heard about this spring are now available.<\/p>\n","protected":false},"author":162,"featured_media":122041,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3662],"topic":[3683,3688],"products":[3690],"threat-intelligence":[],"tags":[3896,3824,3819],"coauthors":[2185],"class_list":["post-121820","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-news","topic-security-management","topic-threat-trends","products-microsoft-defender","tag-credential-theft","tag-hybrid-work","tag-windows"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>New Windows 11 security features are designed for hybrid work | Microsoft Security Blog<\/title>\n<meta name=\"description\" content=\"With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Windows 11 security features are designed for hybrid work | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-20T17:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-03T22:29:17+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"David Weston\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"David Weston\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/david-weston\/\",\"@type\":\"Person\",\"@name\":\"David Weston\"}],\"headline\":\"New Windows 11 security features are designed for hybrid work\",\"datePublished\":\"2022-09-20T17:00:00+00:00\",\"dateModified\":\"2023-08-03T22:29:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/\"},\"wordCount\":1744,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg\",\"keywords\":[\"Credential theft\",\"Hybrid work\",\"Windows\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/\",\"name\":\"New Windows 11 security features are designed for hybrid work | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg\",\"datePublished\":\"2022-09-20T17:00:00+00:00\",\"dateModified\":\"2023-08-03T22:29:17+00:00\",\"description\":\"With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg\",\"width\":1200,\"height\":900,\"caption\":\"Business person uses Dell 7520 2-in-1 connected to dual monitors at their home office.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New Windows 11 security features are designed for hybrid work\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New Windows 11 security features are designed for hybrid work | Microsoft Security Blog","description":"With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/","og_locale":"en_US","og_type":"article","og_title":"New Windows 11 security features are designed for hybrid work | Microsoft Security Blog","og_description":"With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/","og_site_name":"Microsoft Security Blog","article_published_time":"2022-09-20T17:00:00+00:00","article_modified_time":"2023-08-03T22:29:17+00:00","og_image":[{"width":1200,"height":900,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg","type":"image\/jpeg"}],"author":"David Weston","twitter_card":"summary_large_image","twitter_image":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg","twitter_misc":{"Written by":"David Weston","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/david-weston\/","@type":"Person","@name":"David Weston"}],"headline":"New Windows 11 security features are designed for hybrid work","datePublished":"2022-09-20T17:00:00+00:00","dateModified":"2023-08-03T22:29:17+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/"},"wordCount":1744,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg","keywords":["Credential theft","Hybrid work","Windows"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/","name":"New Windows 11 security features are designed for hybrid work | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg","datePublished":"2022-09-20T17:00:00+00:00","dateModified":"2023-08-03T22:29:17+00:00","description":"With Windows 11, you can protect your valuable data and enable secure hybrid work with the latest advanced security.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2022\/09\/WIN22_HybridWork_021.jpg","width":1200,"height":900,"caption":"Business person uses Dell 7520 2-in-1 connected to dual monitors at their home office."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/09\/20\/new-windows-11-security-features-are-designed-for-hybrid-work\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"New Windows 11 security features are designed for hybrid work"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"msxcm_display_generated_audio":false,"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/121820"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/162"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=121820"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/121820\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/122041"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=121820"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=121820"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=121820"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=121820"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=121820"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=121820"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=121820"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}