Windows 10 Enterprise E3 enables businesses to take advantage of enterprise-grade security and management functionality. It was designed for businesses that handle sensitive customer data (such as credit card or social security numbers), operate in regulated industries, or create and monetize intellectual property.
Built for small and mid-sized businesses, Windows 10 Enterprise edition has added security features such as Device Guard, Credential Guard and Managed User Experience.
Credential Guard uses virtualization-based security to help protect security secrets (for example, NTLM password hashes, Kerberos Ticket Granting Tickets) so that only privileged system software can access them. Credential Guard can be managed through Group Policy, Windows Management Instrumentation (WMI), or Windows PowerShell.
Device Guard is a combination of hardware and software security features that allow only trusted applications to run on a device. It helps protect against malware, and protects the Windows system core from vulnerability and zero-day exploits, while allowing only trusted apps to run.
Application Virtualization makes applications available to end users without installing the applications directly on users’ devices. App-V transforms applications into centrally managed services that are never installed and don't conflict with other applications. This feature also helps ensure that applications are kept current with the latest security updates.