In many ways, the security features in Windows 7 are the result of Vista users' feedback and experiences; therefore, a lot of the teething problems have been addressed. Windows 7 has been developed using Microsoft's enhanced Security Development Lifecycle process during the planning, development and testing phases. Microsoft has worked hard to make the security features easier to understand, use and manage.
Take the User Account Control (UAC) feature, which requires users to approve system-level changes when using the system as an administrator. Many users found the deluge of authorization prompts too numerous and annoying. In Windows 7, without reducing security, the frequency of prompts can easily be adjusted with a slider. In fact, all the alerts from 10 existing security features, such as Defender, Windows Update, Diagnostics and Network Access Protection, are incorporated into an Action Center, which replaces the Security Center.
The accompanying help is far more user friendly as well. One great new feature in Windows 7 is BitLocker To Go, which extends the data encryption features of Vista's BitLocker to removable storage devices like USB thumb drives and flash drives. Finally, administrators have control over all those removable storage devices; encryption can be required for any removable storage device that users want to write data to. Group Policy can also set password strength or require a smart card to access protected devices.
Other welcome security features include AppLocker; as its name implies, it allows administrators to ensure that only authorized scripts, installers and dynamic load libraries (DLLs) are accessed, keeping malware and unlicensed software off corporate machines. Administrators and users will both appreciate DirectAccess, which securely connects employees to the corporate network without the need to use a conventional VPN, always a gripe with mobile workers. It also allows administrators to update Group Policy settings and distribute software updates whenever a Windows 7 machine connects to the Internet.
As you can see, Windows 7 has a lot going on in the security front. I would recommend you start getting familiar with it. A good place to start is Microsoft's Windows 7 site. Here, you can download the Windows 7 Release Candidate (RC) and begin testing it in your own environment. I'd also make use of the Microsoft Assessment and Planning (MAP) Toolkit, which helps organizations assess whether their PCs have the hardware resources to run Windows 7.
Dig Deeper on Windows Security: Alerts, Updates and Best Practices
Related Q&A from Michael Cobb
A new programming language called Wyvern is helping developers use multiple languages in one app securely. Application security expert Michael Cobb ...continue reading
Gartner predicts more than half of all mobile apps will use HTML5 by 2016, but what threats will this cause the enterprise? Expert Michael Cobb ...continue reading
Public key pinning aims to reduce the lack of trust associated with digital certificates and certificate authorities. Expert Michael Cobb explains ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.