Home PCs can face very different threats from business machines, which is why Microsoft and its manufacturing partners developed the Secured-Core PC for enterprises. However, some of their security features are included on all versions of Windows 11. Let’s take a look at how a Secured-Core PC compares to your laptop at home.
Security Baselines
Security on Windows 11 starts with the basics to stay secure, which Microsoft calls security baselines. These baselines can vary based on device types and industry-specific threats such as web security or confidential data protection.
The term “security baselines” is specifically about Windows Pro machines, nevertheless there are some basics that most modern PCs, including Windows 11 Home devices, use to stay secure. One example is the Trusted Platform Module Version 2.0 (TPM 2.0), which Microsoft famously started requiring for Windows 11 machines. TPM is a hardware-level security feature that stores encryption keys in a secure manner for authenticating hardware and software, enabling BitLocker encryption if available, as well as protecting biometric identity and other data.
The next key baseline feature is Secure Boot, which only allows signed (known) operating systems to run. This helps prevent rootkits and other nasty bits of malware that could infect the system. Windows Hello with biometric identity authentication is also considered an essential baseline.
Finally, there’s BitLocker drive encryption, which keeps your data safe when not in use. BitLocker is not available for Windows 11 Home PCs, but some support a lighter version called Windows Device Encryption.
So What Are Secured-Core PCs?
Microsoft and its partners aim Secured-Core PCs at people who need a higher level of security because of the…