Windows 11 is set to become more secure for SMB users all over. This is coming as news of new security features already rolling out to Windows 11 insiders.
Windows 11 Secure For SMB Users
Microsoft is now introducing a couple of new features in the next version of Windows 11 which should reportedly make it more secure for some of its users.
Microsoft Principal Program Manager Ned Pyle in an update posted on the Microsoft blog reportedly announced that Windows 11 will allow admins to mandate SMB client encryption for all outbound connections. That in question simply means that admins can mandate that all destination servers support SMB 3.x and encryption, and in the event that those are missing, the client will not connect.
“This enforces the highest level of network security as well as bringing management parity to SMB signing, which allows both client and server requirements,” Pyle explained. SMB encryption as you should know makes data encrypted end-to-end, which is a feature that stops potential eavesdropping.
The New Incoming Feature Is Already Rolling Out
The new incoming feature is already rolling out with Windows 11 Insider Preview Build 25982 to insiders in the Canary Channel.
“You can now also configure the SMB client to always require encryption, no matter what the server, share, UNC hardening, or a mapped drive requires,” he added.
“This means an administrator can globally force a Windows machine to use SMB encryption – and therefore SMB 3.x – on all connections and refuse to connect if the SMB server does not support either.”
Admins Can Now Configure the New Feature
Admins can now configure the new feature through PowerShell or the “Require encryption” group policy that can be seen under Computer Configuration \ Administrative Templates \ Network \Lanman Workstation.
What It Means To Disable the Policy
Disabling the policy obviously takes away the encryption requirement. Pyle also however cautioned IT teams when reportedly deploying SMB encryption via group policy to a heterogenous fleet, as any legacy SMB servers (think Windows Server 2008 R2) will not be supporting SMB 3.0. “Older third-party SMB servers might support SMB 3.0 but not encryption,” he reportedly added.
Microsoft to Boost the Security of both Windows and Windows Server
The changes in question are part of the company’s campaign to help boost the security of both Windows and Windows Server for the modern threat landscape, Pyle reportedly concluded.
MORE RELATED POSTS
- Best Tools for Social Media Management – 10 Social Media Management Tool In 2022
- Four Ways SMBs Can Protect Themselves from Cybersecurity Threats
- Many SMBs Are Still Not Equipped To Deal with Cyberattacks
- Five Ways Smbs Can Protect Themselves From Cyber Security Threats – Why Is Cybersecurity Important?
- Ways that SMBs can Reduce Cybersecurity Threats