Windows 11 is the COVID-19 vaccine for your PC

Vast segments of the PC population are unprotected. Upgrade your hardware and get the shot.
Written by Jason Perlow, Senior Contributing Writer

We all know that one person who means well and has good intentions but doesn't have the best communication skills. Perhaps, it's a politician or a world leader that you know. They'll tell you to do something because it's for your own good and that if you don't do it voluntarily, there's an imminent danger that bad things will happen. 

For example, if you do not get your COVID-19 vaccine, and you do not wear a mask in public places, with this new Delta variant, you stand a very good chance of becoming infected, possibly very ill with long-standing effects, and maybe become hospitalized and even die. 

Also: Windows 11 FAQ

And at the very least, even if you don't become ill, even if you are asymptomatic, you can become an active spreader of something that can potentially harm many other people, possibly those who are close to you.

Getting your COVID-19 vaccine is called being proactive. Wearing your mask is acting responsibly.

We don't always like listening to people of authority, especially when we are asked to do something that doesn't have immediately visible, tangible benefits. Doing things proactively, such as getting a COVID-19 vaccine and wearing a mask, requires having faith in someone being supplied with superior knowledge and expertise, such as a world leader or public health expert.

However, as we know, not everyone in a position of authority and possessing subject matter expertise is so polished they can package a message like this and make it palatable to every end-user. 

With its Windows 11 rollout, Microsoft is not entirely different from that unpolished world leader or politician. Its communication skills have left room for improvement related to this significant and critical Windows upgrade. That's something I think everyone covering this industry can agree on.

We know it means well, we know it has the expertise, but people will still challenge it and get all huffy when they are being told that Windows 11 is an essential upgrade related to securing the PC platform from advanced malware threats. 

But to take advantage of the new security capabilities that shield you from these threats, your PC hardware needs to be able to support it. And that is not a message people want to hear.

Unfortunately, many legacy PCs, regardless of what antivirus solutions they may run and regardless of how functional and how fast they still run their application workloads, are highly vulnerable to these threats. And as they are not eligible for the Windows 11 upgrade, they are effectively immunocompromised.

Just like getting a COVID-19 vaccine and wearing a mask is proactive, so are the architectural changes required to upgrade to Windows 11. And in some cases, implementing those is going to need investment in new PC hardware. It will also require investing in further training and, potentially, some new deployment tools. It's going to cost some money.

But as we know, implementing security changes in your large organization, small business, and consumer space is also not easy to sell. Anything that helps ensure business continuity and strengthen security resiliency from a threat that isn't immediately visible will fall on deaf ears to all but the most cautious and conservative IT organizations, let alone end-users. 

How many companies or individuals have we encountered as professionals that run their environments with no or untested backups, haven't run a complete continuity and DR test in years, and then get burned for it? I mean, how many people did we know that ran with no antivirus or firewall for years before it was built into the foundational IT infrastructure because they didn't want to pay for it or just felt it was a nuisance? I have dozens of stories as a former IT architect and consultant over my 30-year career to tell for this.

It's tough to sell hardened security or any form of protection as the defining feature to the entire user population. So Windows 11 is also being released with an exciting new user interface to entice them to upgrade, whether by opting-in on hardware that can already accommodate the new OS or upgrading to new PCs.

Is this going to cost money to most organizations? Yes. Are a lot of end-user PCs going to need upgrades, costing people money? Yes. Spending money is painful, especially if we are talking about an upgrade to something strictly preventative in nature. 

But do you know what is even more painful? A compromise -- one which results in reputation loss, such as a publicly visible one that gets your organization on the news, such as a ransomware attack that holds all your IT assets hostage and stops your business cold for days. 

Such an attack makes you and your company look stupid for not remediating it when it could have been prevented. 

Best case scenario in this situation? Your customers think you're a bunch of incompetent idiots. Worst case? Business-ending event.

The good news is that, like the Pfizer and Moderna COVID-19 vaccines, you can get the first "shot" now. If your hardware supports the new secure boot, virtualization-based security (VBS), and Hypervisor-protected Code Integrity (Memory Integrity/Core Isolation) you can turn it on in Windows 10 today.

And when Windows 11 arrives in October or November, get that second shot. And if any of your systems aren't eligible, replace them. Immediately. Because that's the proactive and responsible thing to do.

Editorial standards