Are Privileged Access Workstations (PAW) better than SAW?
So there was a session at Ignite on how Microsoft IT builds Privileged Access Workstations (PAW) and someone asked me if this was better than Secure Admin Workstations (SAW).
Trick question. They are basically the same concept. Well, I think a better explanation is PAW is SAW grown up, taking advantage of technology in Windows 10 and Windows Server 2016 to provide a "Guarded host". This lets you support the physical device performing remote health attestation against a Host Guardian Server (HGS) and running shielded VMs. It's an interesting development in protecting administrative privileges.
You can watch the Ignite session below to learn more.