Be the first to hear the mobile news. Enter your email to join.

Windows 10 introduces new model for data security with Enterprise Data Protection

  • Maddie Cook By

Over the past several decades, the Windows operating system has fundamentally changed the way we access, create and share information. However, the workplace has shifted too, from static workstations to dynamic work environments where employees access and share information across various devices. With this adapting workplace and constant movement of data, the likelihood for data leakage dramatically increases.

On July 29, Microsoft will release its latest operating system, Windows 10. The new release addresses how users access information and applications across different device types. As we’ve seen with other Windows 10 features, such as a unified app experience, Windows 10 is keen to address enterprise concerns and protect enterprise data.

Recently, enterprise data security has become a growing concern, both from external threats and internal leaks. To protect enterprise data and make internal data leaks less common, Windows 10 introduces Enterprise Data protection (EDP). As employees, we often use the same devices to access both personal and corporate information, but we access this information on unsecured networks and use third party applications. As employees transfer enterprise data between these devices, internal leaks, often accidental, have become more common. Windows 10 addresses this issue by introducing EDP, a new model for data security.

Pairing EDP with enterprise management software provides control and customization of the EDP features for the IT department to manage. Combining Windows 10 EDP with AirWatch allows IT to protect its enterprise from internal and external data vulnerabilities, and ensures that the right people have the right access to company information. With Windows 10 and AirWatch integration, EDP file containerization enables granular separation of personal and corporate data and apps.

Through containerization features, administrators are able to separate “corporate” and “personal” data. AirWatch administrators are able to define the boundaries of their enterprise network and apply comprehensive data protection policies to data sourced from these networks. However, while enterprise data is managed and secured, personal data on a device remains unaffected by company policies.

Once data is designated as “enterprise protected”, the protection follows the data wherever it may move. This can include transfers from desktop to mobile phone, desktop to USB drive, or from desktop folder to online portal. Data protection enforcement policies can also be customized to allow an end-user the ability to re-designate enterprise data as personal data.  For example, a marketing professional may need to share enterprise data with a personal application, like Twitter that is often considered a personal app. In this scenario, a policy would be created to allow the marketing professional to share data with the personal app, but do so in a secure way that prevents accidental data leakage.  When enterprise protected data is shared with a personal app, the user is prompted to agree that his action is not a potential data leak. When the marketing professional accepts this notification, an event is captured for auditing purposes.



This same corporate or personal designation for files can also be applied to apps. With Windows 10 and AirWatch integration, IT is able to designate apps as either enterprise protected or personal apps.  A policy can be created that allows only enterprise applications access to enterprise data.  Administrators are able to make apps “privileged,” meaning apps that can access enterprise data.


Also introduced in Windows 10 EDP are enlightened apps. An enlightened app is defined as an app that is able to separate corporate and personal data, without direction from the user or IT administrator. Enlightened apps are able to containerize automatically. For example, an enlightened email app is able to host a corporate email address and a personal email address. Without requiring a user to sort, it can automatically separate emails into two inboxes, and apply enterprise data protection policies to the enterprise email.

Windows 10 includes many more EDP features. AirWatch support for Windows 10 helps IT manage these features and assign to authorized users. With EDP and enterprise mobility management, organizations can take the next steps to preventing security breaches.

To learn more about Windows 10 and AirWatch support, register for the webinar.

Maddie Cook

Maddie Cook

Maddie has a variety of journalism experience as a science and technology reporter, editorial editor and production manager. As a writer for the AirWatch blog, Maddie looks forward to being a resource for mobility professionals.

Leave a Reply

Your email address will not be published. Required fields are marked *


Blog By Region

Blog By Category: