Is Vista Under Your Christmas Tree?
1. Engineered for Security
Vista is the first operating system from Microsoft developed end-to-end with security as the focus. Microsoft is working toward Common Criteria (CC) certification with the goal of achieving an Evaluated Assurance Level 4 (EAL4) and Single Level OS Protection Profile certifications. Security from the ground up is not a bad place to “Start Me Up.”2. Internet Explorer (IE) Protected Mode
This feature is only available in the Vista version of Internet Explorer 7 (IE). Protected mode does not allow other applications to access Internet Explorer. I worked on an application for Windows XP that hooked IE that could capture the data during a FORM POST even over SSL. Nice to know the bad guys can’t do this anymore, as long you run in protected mode.3. Windows Defender
Anti-Spyware built in! When looking at friends and family PCs I find them full of malware. Windows Defender is a good start in protecting your computer when surfing the wild sections of the Internet.4. Windows Firewall with Advanced Security
All the great features of the firewall in Windows XP SP2 with the added protection of securing outgoing traffic. The firewall also has an option to disable all incoming connections, especially useful when connecting to a high risk network like a free wireless network or a hotel network.5. New Logon Architecture
New methods and APIs for independent software vendors (ISVs) and developers to build their own authentication methods, such as biometrics or tokens, by writing credential providers. This can open unique methods of authenticating to your Vista PC. As a software developer I find this very interesting.6. Windows BitLocker™ Drive Encryption
BitLocker provides full disk encryption. This protects the operating system, boot files and all the data on the hard drive. Computers with a Trusted Platform Module (TPM 1.2) heightens the protection of user data, and helps to ensure that a client computer running Windows Vista cannot be tampered with while the system is offline.This is a very useful feature for laptops. Lost and stolen laptops can cause serious business issues, especially when those laptops contain intellectual properties or private customer data.
7. Windows Service Hardening
Windows Service Hardening restricts critical Windows services from doing nasty activities to the file system, registry, or network. This protects the operating system from malware being installed or by compromised Windows Services. I will be watching the security bulletins for this exploit. Will there be security issues in Vista that are mitigated by this feature? Time will tell.8. Improved Encrypted File System (EFS)
Under Windows XP, EFS was good at protecting your data, that was about all. Doing anything fancy became complex and cumbersome. One major downfall with the previous version of EFS was the difficulty storing the EFS certificates on a smart card. This now works! An interesting feature as well is the page file and cached offline files can now be encrypted.9. Windows Security Center (WSC)
WSC is a method for third party software and web sites to query the security state of a computer before interacting with the computer. For example, a bank web site could make sure you have anti-spyware and anti-virus software with up to date signatures before allowing you to login to your online banking.10. Device Control
Today’s USB drives can now hold 4 gigabytes of data, this is basically a whole DVD of data. This has been a security headache for a long time. Employees walking out of the office with all the company secrets on USB drives, ouch. Now there is a group policy setting that disables USB drives from being accessed in a corporate Vista PC.Conclusion
I have been using Vista since Beta2. I am now running Vista Ultimate thanks to my MSDN subscription. I have been enjoying Vista and as a security pro, looking at ways that it can help the security of a small/medium business. Vista rolls many security features into an operating system which allows Vista to worry about the security and you worry about your business. Christmas TimeThe 11th reason is not about security but the enjoyment of using your computer. It may be more secure, but is it Christmas time and it is time to relax and enjoy your family, friends and some downtime with your computer (geek out!). Vista sports the new glass interface which gives the environment a very solid feel. With Windows Media Player your can enjoy DVDs, music and last year’s Christmas Video. The upcoming DirectX 10 games will defiantly be a blast.
Aucun commentaire:
Enregistrer un commentaire