First look at Windows 7 security

By on
First look at Windows 7 security

Keys, wallet, smartphone, laptop thumbdrive of sensitive corporate secrets: this is the list the average businessperson runs through before leaving the office.

But if a Ponemon Institute study this month of 967 respondents is to be believed, more than two in five have lost a device such as a USB drive that held data.

Memory product maker Kingston Technology released the first 128GB thumbdrive ($700) last week, which holds nearly 200 films, 44,000 songs or 27 million text files. That's a lot of corporate secrets to trust to such a package so flimsy on security.

BitLocker To Go, a key feature Microsoft's latest operating system Windows 7 to be released on October 22, is entering a field dominated by the likes of IronKey and Trend Micro to protect data stored on these tiny devices.

At a reviewers' briefing yesterday in Sydney, Microsoft Australia IT Pro evangelist Jeff Alexander demonstrated how the security software that comes with the next Windows halts data walking out the door.

Group policies are set so that information can't be written to a device such as a thumbdrive unless it was first encrypted with BitLocker To Go. Legacy desktops running Windows XP, for instance, read data stored on the devices using software that is installed when the BitLocker partition is created.

Deployment is simplified for IT managers because BitLocker doesn't need to be set up when the OS is installed. Chief information security officers can make a stronger case to deploy Windows 7 because group policies control its use under Windows Server 2008 R2.

Key escrow is held in Active Directory, easing recovery of lost passwords. And users benefit because the encrypted thumbdrives may be set to open on PCs they use routinely without entering passcodes, Alexander said.

Multi-factor authentication through the use of smart cards or biometrics may be deployed to strengthen access to corporate data.

AppLocker, another new feature, gives administrators fine control over which applications to allow on their fleet PCs. Prohibited applications are determined by rules such as program name, author or its unique signature (called a "hash tag") that will survive software updates.

Although Windows 7 built on the security foundations of Vista that it replaces, Microsoft flagged that some "low-level" applications such as firewalls and anti-virus software may need to be upgraded.

System administrators and helpdesk staff should find troubleshooting user problems is eased through the Problem Step Recorder that emails pedagogic screenshots and a text file illuminating the steps a user takes before they hit an error.

Windows 7 is netbook friendly, Microsoft said, and the Home Premium version will have the same installed "footprint" as its bigger brothers. Every version of Windows 7 (except the basic "Starter" pack) has identical features that are activated using the Windows Anytime upgrade function. Administrators buy activation keys to upgrade their installation although Microsoft was unsure about whether they would get these from the software maker or a reseller.

Microsoft also demonstrated an operating system "refresh", which erased an existing installation of Windows XP or Vista to replace it with Windows 7. It copied 6.3GB over 541 files of user data in about half an hour.

To follow Australian reviewers' comments during the session, search #W7AU on Twitter.

Key security features

BitLocker (improved from Vista SP1)

  • Minimum partition size 100MB
  • Simplifies encryption and key management for all drives using the Data Recovery Agent.
  • Store recovery information in Active Directory.
  • Right-click on drive in Explorer to enable.
  • Hidden partition created on Windows installation (no need to repartition the drive later).

BitLocker To Go (new)

  • Protects data on removable drives.
  • Option to require BitLocker To Go to store data on removable drives.
  • Reader installed on partition to access encrypted drives on earlier Windows versions (no OS X support).

AppLocker (new and improved)

  • Admins set fine rules for which applications are permitted that survives software upgrades.
  • PowerShell "cmdlets" when used with the audit function test and automate policies controlling software deployment on PCs.
  • Custom error messages may be set to inform the user when they attempt to access a prohibited application.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
bitlocker microsoft operating os security storage system windows windows7

Partner Content

Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Secure, integrated platforms enable MSPs to focus bringing powerful solutions to customers
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Ingram Micro Ushers in the Age of Ultra
Ingram Micro Ushers in the Age of Ultra
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Kaseya Dattocon APAC 2024 is Back
Kaseya Dattocon APAC 2024 is Back

Sponsored Whitepapers

Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
2025 State of Machine Identity Security Report

Events

techpartner.news MSP index - Brisbane
techpartner.news MSP index - Brisbane
techpartner.news Channel Leader List / Golf day
techpartner.news Channel Leader List / Golf day
techpartner.news Pipeline Conference 2025
techpartner.news Pipeline Conference 2025
Integrate Expo 2025
Integrate Expo 2025
Security Exhibition & Conference 2025
Security Exhibition & Conference 2025

Most read articles

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services

AI ambition: Nick Beaugeard looks to harness AI agents to provide tech services
Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
MSPs pressed to review ransomware response as new reporting rules commence

MSPs pressed to review ransomware response as new reporting rules commence
Tech Research Asia to present Australian IT M&A report

Tech Research Asia to present Australian IT M&A report

Log in

Email:
Password:
  |  Forgot your password?