You know how conventional wisdom suggests holding off as long as possible before upgrading to the newest Windows operating system? Well, both Gartner and Forrester Research have bucked that and now recommended upgrading to Windows 10 sooner rather than later. 

While analysts typically tell clients to patch existing operating systems, particularly after big attacks, it’s not all that often two major firms come out and recommend upgrading to a new WIndows OS — let alone for security reasons. Let’s take a look at why. 

[Register Now: Upcoming HIMSS Healthcare Security Forum]

For starters, Microsoft has employed a slightly new security strategy. 

“With Windows 10, Microsoft has added several new built-in security features, as it has in previous releases,” said Gartner vice president Peter Firstbrook. “However, Windows 10 also introduced a much more aggressive end-point protection platform and endpoint detection and response strategy that more directly challenges the incumbent EPP and EDR market leaders.”

Microsoft also moved from monthly security updates to an ongoing stream of fixes with WIndows 10, Firstbrook added.

“This enables customers to get security fixes in a timelier manner, ensuring user devices will stay up to date and more secure,” he said. “As a result of these changes, deployments of Windows 10 on new PCs are primarily driven by security improvements.” 

Gartner rival Forrester surveyed IT decision makers and found that 51 percent said they are upgrading to Windows 10 for security reasons. 

“Highlights include better integration between the operating system and the underlying hardware -- the result of collaboration between Microsoft, Intel and hardware partners,” Forrester principal analyst David Johnson said. 
 
For example, a unified extensible firmware interface (UEFI) secure boot. Some ransomware attacks, such as Petya, work by altering the operating system boot loader. Secure boot in Windows 10 detects this anomaly and stops the boot process, preventing the drive from being encrypted by the ransomware.
 
“There are also kernel-level improvements in Windows 10,” Johnson explained. “Kernel randomization and non-executable kernel regions protect the integrity of the core of the operating system, and have proven effective against previously unknown exploits.”

Windows 10 also features what is known as application space improvements.
 
“Device Guard prevents untrusted apps from running, and App Locker blocks execution of unsigned binaries on older hardware that can’t take advantage of Device Guard,” Johnson explained.

Gartner, it’s worth noting, has recommended in the past that clients skip specific versions of Windows — notably 8.1 and Vista before that — and Forrester published a report in 2013 projecting that Windows 8 would never become a standard enterprise OS. 

So don’t write off this recent advice about upgrading to Windows 10 as simple plugs for Microsoft. 

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn