Held to the same standard as all Microsoft services and software, Microsoft Surface devices provide uncompromising chip-to-cloud security, put ultimate control in your hands, and provide peace of mind wherever and however work gets done. In a global environment where security threats are ever-increasing in sophistication, Surface provides world-class security across multiple layers including hardware, firmware, software, application, and identity. From conceptual design to a team members’ first Hello – Surface reduces complexity and elevates trust.
20% reduction in security breaches, annually, for Surface device users
17% reduction in endpoint security costs when using a portfolio of Surface devices
Built for peace of mind
Every Surface device is designed with industry-leading security. TPM 2.0 protects and controls authentication. BitLocker encryption is enabled by default on all Surface end-user devices (reducing the amount of time needed to deploy with AutoPilot and ensuring all users receive secure devices out-of-the-box). Most Surface device features the Microsoft-designed and built unified extensible firmware interface (UEFI)² to control device firmware and select devices feature secured-core Industry-leading biometrics provides device owners instant and more secure access with Windows Hello for Business, replacing passwords with strong, two-factor authentication. And, to minimize risk end-to-end, Surface continuously evaluates supplier security in manufacturing and works with resellers to develop security-focused distribution logistics.
Ultimate control
Ultimate control remains in your hands long after deployment through a variety of features. Built with and for the Windows and Microsoft 365 security stack, our devices not only meet every standard for a highly secured PC but are also capable of automatically receiving updates from the dynamic world of defensive security. Microsoft UEFI, able to be remotely configured gives you control over security updates on your timeline and ensures device protection from factory floor to the end-user.
A secure boot – enabled by default – further protects against firmware tampering. IT Admins can monitor device health remotely, gain insights, and retain control through the Surface Management Portal. And, removable SSD, standard on most Surface devices, enables retention of sensitive data