Security features in an operating system is still the top concern for IT professionals. Therefore, it is quite natural questions regarding what Microsoft has done to secure Windows 7.Windows 7 draws heavily on the security foundations of Vista the most secure version of the Windows client to date – while enhancing auditing and the User Account Control experience. AppLocker in the new Windows 7 helps IT control what software can run in their environment. Windows 7 also improves the core features of BitLocker Drive Encryption with the introduction of BitLocker To Go for removable storage devices.
AppLocker in Windows 7 not only helps in removing unknown applications but also provides security. With the higher risks of malware infections, the user can’t be certain whether they are running the approved and licensed software. Sometimes, the non-productive applications are downloaded by the users which are not compatible with business applications, which hampers the performance on the local desktop.
The organizations always look for ways to have more control over their desktop environment through a variety of lock down schemes. If the user run the system as standard, non administrative, then he cannot eliminate unknown software in the organization.
Keeping all this in view, Microsoft Windows 7 provides solution for application control in the enterprise with the introduction of AppLocker, which is a flexible method that allows administrators to specify exactly what is allowed to run in their desktop environment. It keeps unlicensed software and malwares from running in the desktop environment. It also stops the user to run application that consumes unnecessary network bandwidth or destabilize desktop environment or increase help desk support cost. It allows the users to install and run only approved applications.
AppLocker works through three rule types: allow, deny, and exception. Allow rules limit the execution of application to a “known good list” of applications and blocks the else, whereas Deny rule works opposite to Allow rule as it only allows the execution of the applications except on the list of “known bad” application. And Exception rules allow you to exclude files from allow/deny rule. Greater flexibility is also provided by AppLocker as multiple configurable policies are supported by it. AppLocker through new tools and wizards provides great benefit to IT administrators. Automatically generating rules and importing/exporting rules are easy to create and maintain.
Thus, Windows 7 AppLocker not only provides defense and security against malicious software but also provides operational benefits.
Microsoft has markedly improved Windows Vista’s BitLocker in its latest Windows 7. The tool, which is the best solution for Drive Encryption, is available in the Ultimate edition that helps the user by encrypting the entire data. Once you turn on the BitLocker, any file on the drive will be automatically encrypted.
BitLocker feature in Vista was too complex as the user first needed to shrink the partition to create the partition for BitLocker which took a lot of energy from the user, but this is quite simplified in Windows 7. You simply have to go to System and Security in the control Panel, turn on the BitLocker and the rest will be done by Drive Preparation tool.
Unlike Vista, BitLocker partition is already available in Windows 7. The tool can easily boot up. It takes only 30 seconds in encryption process for 1 GB.
However, there are some system requirements to use BitLocker. Your computer should be provided with Trusted Platform Module running version 1.2 otherwise you need to save a start up key on a removable device. Primary Partition, at least of 1.5 GB, should be available which needs to be marked as active partition as it is used as boot manager to boot the system. And for data storage, you need another primary partition.
You can boot up Windows 7 once the system drive is encrypted, but USB stick should be present. If the system drive is not available, then you should know the Rcovery Key or Recovery Password. Windows 7 selects 48 digits Recovery Password. New Group Policy settings has also been included in Windows 7 unlike Vista. Moreover, the new operating system also supports New Recovery option, the Data Recovery Agent.
BitLocker To Go is a new feature of Windows 7 that gives lockdown treatment to the portable devices that can be easily misplaced.
