Microsoft has been focusing quite a lot on security for its products in the past couple of years. Today, the company is announcing a new tool for its Surface products that will make these devices more secure for enterprises. The software giant also announced that its Surface devices are now part of the NSA’s Commercial Solutions for Classified Programs (CSfC) list. The NSA now lists the Microsoft Surface Pro 4, Surface Book and the Surface Pro 3 on its CSfC list, but the company’s latest Surface Studio device isn’t listed there just yet.
The NSA is also adding Windows 10 to its CSfC list, but Microsoft’s Surface devices are the only Windows 10 devices which are part of the CSfC list — however, devices from third-party OEMs will likely get added in the near future. In a blog post, the director of Windows Enterprise and Security at Microsoft, Rob Lefferts stated:
Our customers are the most security-conscious in the world and demonstrating our commitment to meeting their needs is incredibly important to us. Today, I’m excited to share that both Windows 10 and Surface devices including Surface Pro 3, Surface Pro 4 and Surface Book have been added to the NSA’s Commercial Solutions for Classified Programs (CSfC) list. The CSfC program listing demonstrates Windows 10, as well as Surface devices (the only Windows 10 devices currently on the list), when used in a layered solution, can meet the highest security requirements for use in classified environments.
Microsoft is also launching a new tool that will help enterprises secure their Surface device. Microsoft is calling the new tool the “Surface Enterprise Management Mode (SEMM)” which will allow enterprises to deploy Surface devices in a way that will allow these devices to fight against attacks. SEMM will be available for the Surface Pro 4, Surface Book and the Surface Studio. As Microsoft stated in the blog post, SEMM will allow IT pros to take ownership, lock down, modify and control the hardware config, OS behaviors, security within the device firmware which is really powerful. IT Pros can use SEMM to apply configuration rules to Wi-Fi networks, Bluetooth, Ethernet, application access, certificates, and more during the initial deployments. However, IT pros will also be able to dynamically push these security configs via the cloud.