Win10 Enterprise Eol

[Jeremias Resendez]

Thereal problem is that the majority of smaller medical entities will not be using the enterprise version of Win 10. More than likely, Win 10 Pro would be used, supplied with a new computer by the vendor. My understanding is that Win 10 Pro is not HIPAA compliant and can not be configured in any way to be such.

If your network and your computers are correctly set up and configured (this will require that you employ the services of an IT professional), and if everyone is careful as to what they do online, you will likely be able to achieve HIPAA compliance.

The one way I know of which could work for most people is if they have secure terminals (not computers) which are connected to a secure system, and which have access only to secure HIPAA-compliant resources, then you would probably be successful. Less expensive would be Citrix remote desktop Windows (or Linux?) sessions, hosted by a secure organization, so that they, not you, handle the security and the HIPAA compliance. This will cost your organization, but not nearly as much as trying to do it all yourself.

If I handle HIPAA-protected information as part of my job, and my employer has chosen to employ an OS that allows HIPAA-protected information to leak out (i.e. become unprotected), who is guilty of the HIPAA violation? Me? or my employer?

The issues are more gray when it comes to IT concerns. I personally think that no one should be able to use free email when transmitting or receiving HIPAA information, because it is clear that the email service is scanning the emails. I know a therapist who uses Yahoo email to communicate with his patients; I advised him against doing that, but to my knowledge, he is still doing it.

Much worse than that, in theory, there is absolutely no warranty that email is encrypted end to end so it is not to be considered a safe mean of communicating any sensitive information. The server who handles your email also has an unencrypted copy of it, so if it gets hacked, it is not good.

Startmail (www.startmail.com) looks pretty secure to me. Those who handle HIPAA-protected info should use something like Startmail for sending and receiving email. Or, they could type the sensitive info into a document, encrypting the document, and emailing it as an attachment, rather than putting the sensitive info into the body of the email.

The following configuration was tested and verified to provide minimal cloud-communications that would not compromise required functionality. (e.g. Allow Windows Registration data, etc.). It is provided as a suggested configuration to reduce data communications as initiated by the cloud-features of Windows 10 Enterprise.

That statement on their preamble is slightly wrong too: you cannot configure Home or Pro to be fully HIPAA compliant. You can configure the Enterprise edition to be more than compliant, and in fact MS provides templates and tools via Technet for the ENT edition to easily lock down the client OS to exceed the standard.

That statement on their preamble is slightly wrong too: you cannot configure Home or Pro to be fully HIPAA compliant. You can configure the Enterprise edition to be more than compliant, and in fact MS provides templates and tools via Technet for the ENT edition to easily lock down the client OS to exceed the standard.

Would you bet against employees doing work that should be HIPAA compliant at both work and at home which is not even when the employer system is ENT and properly configured? Would you bet that somebody, somewhere, somehow will not find a way around compliance?

Either I just wasted 10 minutes of googling, or you are misinformed about HIPAA requirements, or I am wrong and the answer is deeply buried. I cannot find any reference that would suggest that OS provided geo-location services (as might be used by various apps on a PC or SmartPhone) would fail a HIPAA audit.

Pro and Home have three settings: Basic, Enhanced and Full. The Enterprise edition has one additional setting: Security. The first link I posted above explains the differences between all four. The Security level sends the least amount of telemetry back to Microsoft.

I hate to think about the gamut of other corporations and businesses, in particular small to medium sized enterprises who may not have either a dedicated IT department or a particularly sharp IT department which does not realize the above.

Just the fact that his thread is so long and full of if this and that indicates a big problem in my opinion. There should not be a need to have an IT specialized in this to be able to run your computer in HIPAA compliance mode. The problem is there is a lot of small professional offices like lawyers and small medical places that know nothing about computers except a bit about how to use them and they might rely on a self-proclaim expert to have their installation managed and they will have no clue how far they are from compliance. Just knowing that templates exist and you have to apply them is too much. There should be something very simple that is a HIPAA button with a password. You hit it, bam, done, Microsoft is responsible for insuring all their non compliant stuff is disabled.

And limiting this to Enterprise is also a problem. Enterprise is not the solution for small offices with 2-3 lawyers and a shared assistant. It should not be. Why having to pay more to have less? Microsoft is killing the serious and professional small businesses market.

More than 15 characters! This is what you want, in terms of password length, and which must include at least one special character (other than letters and digits), for passwords. The Achilles heel of all encryption algorithms is the length and complexity of either the password or the public/private keys. Above, we are dealing with remote secure access which requires a password for remote access. A too short and/or weak password can potentially defeat the inherent security of the the encryption method.

Password is not that useful too if your remote computer is compromised with a keylogger. Reading about security, I came to the conclusion that there is nothing that is quite secure unless you have two-factors authentication. Then, you would need two independent compromised devices to obtain access.

I have a windows 10 enterprise system. The screen keeps timing out and displaying the lock screen after 20 minutes. I am both local and domain administrator. I've disabled the screensaver in the registry both in HKCU and HKU. Gpedit shows Enable Screen Saver is set to no. The screen saver options menu shows a screensaver of "none" and a timeout of 20 minutes, despite the fact that I've edited the registry to disable the timeout. The power settings are configured appropriately - the system is not sleeping, the screensaver is just activating for some reason.

Working with VMWare Workstation Pro on an x64 Win10 enterprise machine (10.0.14393) (aka Redstone 1 or Anniversary Edition), attempting to get output from different VMs onto different .1q tagged VLANs on a trunk port. Unfortunately, I'm having little success.

Based on my reading, if I install the most current Intel driver package, 22.4.0.1, I should either be unable to create VLANs off the NIC (if I'm missing needed win10 updates), or they should work. I seem to be in a middle ground of some kind. I can create the VLANs just fine. Unfortunately, I get untagged output from the physical port for everything assigned to any VLAN. I doubt it's a sniffer problem since I can see .1q tags from a switch when capturing via the same external USB NIC.

The packets from the guest VM Linux OSes are untagged. The VMs are running an embedded image where tagging is not available. The VMWare NICs are bridged to host OS VLAN specific NICs. (e.g. VM1 is connected to I218-LM VLAN: VLAN1). I expected that layout to result in tagged data coming out the port.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

Hi Folks,

I'm new with my up2 and I have installed Windows 10 enterprise 2019 ltsc. Now I wrote a small test Desktop programm with c#@VS2017 to test the uart communication via the 40 Pin Header (8,10), but I cannot find it with "SerialPort.GetPortNames". The Device Manager shows under Ports 2 COM-Ports UART Sub device (COM2) and UART Sub device(COM4).

If I try to connect the serial port, I get a IOException.

Can anyone help me on this?

Thank you.

Kindly install UP framework SDK if you have not, after that install the demo apps and run them. If they work correctly, then something could be wrong in your C# program. You can find the link to SDK and demo apps here.

Hi @camillus,

I've installed the framework successfully, but still no success by using the UART from Win10. I think the UART-communication is not handled by the framework, right? I've tried to use the Win32api instead of .net serial port, but also no success.

Is there a special driver needed to use the uart-port with Windows 10 2019 ltsc?

best regards,

Daniel

Hi, any update on this?

I can confirm that the serial ports are listed on the device manager but not accessible on Windows 10 IoT Enterprise 64-Bit LTSC 1809.

Tested with a long used and trusted serial terminal application, the list of serial ports available comes up empty!.

Windows is freshly installed and updated. UP2 drivers, and framework SDK were dowloaded and installed as of today.

3a8082e126