What's new

Securing and keeping RT secure


New Member

I'm opening a threat about one the (imho) important feature of Windows RT, it's security posture.

I own, and used Android and iOS based devices (including tablets). I've selected the Surface to use
it in my day to day job because it is by far the easiest to use in a Microsoft (Desktop OS, 20xx server)
enviroment. I've tried the iPad and Android device, but it is too cumbersome to be used professionally.

Hence also my surprise to read the negative reviews on various sites, they all don't seem to like it, for various reasons.
Unless I haven't read the articles that well, but security is seldom mentioned. The reviewers are comparing
the Surface against Android/iPad, but don't seem to care that there is an awful lot of malware around for Android,
and the iPad has its security issues (although it is not that bad as the Android tablets)

iPad and Android are great devices to consume content. But are too cumbersome to create content and transferring
content to your desktop system is even harder. Esspecially when you don't want to use Cloud based services
like (iCloud, Google Drive, DropBox etc etc). Sure Dropbox et al are great for data that classified as 'public'. But
I'm not using it for personal or company data. A Surface with connectivity to SMB shares build in suits my needs
just fine.

Although I have to explore more how secure the RT platform is, but Microsoft OS'es are pretty hardened now,
and it's commitment to vulnerability management (patching etc) is second to none. Windows RT is much more secure than Android
and more secure than the average iPad.

For me, the combination of security features of Windows RT, a company that takes patching seriously (Microsoft),
ability to easily move files around (desktop, server systems), probably the most mature office apps (compared to
Apple's Pages, Numbers, Keynote, and whatever you can get on the Android) on tablets (Office RT). I would like to
have VLC finally released for RT, but in the mean time I'm happy with Qool and (for me a killer app) NovaMind.

I'm planning to look at the Surface RT from a security perspective, starting with a Nessus scan. And in the mean time,
perhaps talk about security on Microsoft RT in this threat.


Interesting post. Also thanks for the heads up on Qool and NovaMind. I liked what I saw of Qool and I will look more into NovaMind. Btw, is NovaMind available for RT?
Interesting post. Also thanks for the heads up on Qool and NovaMind. I liked what I saw of Qool and I will look more into NovaMind. Btw, is NovaMind available for RT?

Qool and NovaMind are. I'm not too keen that NovaMind uses Skydrive, but I'll live with it.

Well, I use Skydrive heavily, so that is not really a problem for me. But good to know that both are available for RT. I'll check them out. Thanks.
Interesting thread. One thing to consider from a security aspect would be encryption. Both iOS and Android tablets support encryption of local data. As far as I can see the RT does not. Bitlocker is available to Pro users but that's little comfort to us RT owners.

Any one have any thoughts on this?
A HUGE advantage to RT over other platforms for me is the Family Safety stuff that's built in. I bought my son a Dell RT tablet for his birthday when they had them on sale for cheap. I signed in with his MS account and turned on Family Safety and the device inherited all the content filtering, usage hours and such that I have setup for his account on the home desktops. For people with kids, RT is a great low cost, easily managed device. This will get even better with cheaper, 7-8" devices.
RT is BitLockered out of the Box....

Cool thanks for the clarification but it doesn't have the bit locker to go features so you can't encrypt additional storage, apparently...

Sent from the SurfaceForums.net app for Windows 8
Bitlocker to go is an enterprise feature, available only in Pro or Enterprise as Windows RT and Windows 8 are marketed to consumers it is unavailable.
You can encrypt your sd card on a Pro version of windows and then continue to use it in your RT as RT can still read and write to bit locked drives.
Windows RT does use device encryption. Disk Management shows that my windows partition is encrypted. Also important for me is that on RT it is harder to execute files without it being published thru the Windows RT. That of course does not stop cyber criminals to hide malware in published software. Hence I'm being careful with what I install or not.

One of the pros is that RT is actively patched by the same Microsoft cycles for other products (Windows Update), it has a av product build in specifically designed for RT (it has to prove its effectiveness), it has a reasonable safe browser and no VBA in the Office products. I can run an netstat -nao :) , netsh and I can lock down my system in a way that is not possible on Android or Apple's iOS.

Further investigations shows that my Surface RT has a TPM chip build in, and a bitlocker key is being stored in my Microsoft account. Need to check out some of the build-in features that comes with Windows RT/8
Last edited: