Know What’s New for Security in Windows 7
Windows 7 includes some important improvements for securing the desktop. Here's a quick overview.
Windows 7 doesn’t include the large number of new, highly visible security features that were introduced with Windows Vista. But it has improved upon several of those features. Some—such as User Account Control, Windows Defender, and Windows Firewall—sport new, simpler interfaces and new capabilities. In addition, Windows 7 also has numerous under-the-hood improvements and security features for computers on large networks that are of interest primarily to software developers and information technology professionals—and hackers, who now have many additional challenges and obstacles to face. Here is an overview of some of the most important security improvements you’ll find in Windows 7:
Windows Firewall Windows Firewall is substantially changed from the version in Windows XP. As in Windows Vista, it is a two-way firewall, monitoring outbound traffic as well as inbound, and it fully supports Internet Protocol version 6 (IPv6). In Windows 7, Windows Firewall adds multiple access firewall profiles, a feature that provides appropriate protection for each connected network when you’re connected to more than one at a time—an increasingly common situation. With an advanced configuration console for Windows Firewall, administrators have granular control over firewall rules and other settings.
User Account Control (UAC) UAC reduces the inherent danger of using an administrator account for everyday tasks by requesting your consent when an application needs to do something with systemwide effect. Furthermore, architectural changes wrought by UAC make it practical for most people to use a standard account for daily computing. In Windows 7, UAC is far less intrusive than in Windows Vista because fewer tasks trigger UAC prompts, and new configuration options make it easier to control UAC so that it doesn’t control you.
Windows Defender Windows Defender, an antispyware program, continuously monitors system settings to prevent the installation of known spyware and to alert you to the presence of spyware-like activity. The new interface in the Windows 7 version has fewer confusing options—which is appropriate for a program that normally runs silently in the background.
Internet Explorer Internet Explorer runs in Protected Mode, which lessens the likelihood of installing malicious code. Effectively, it runs isolated in a “sandbox” with reduced privileges, able to write data only in locked-down temporary folders unless you grant permission to act outside the protected area. Other security improvements to Internet Explorer include restrictions on ActiveX controls, a SmartScreen phishing filter, and InPrivate Filtering and InPrivate Browsing to prevent information about your browsing habits from being tracked.
Windows Biometric Service The Windows Biometric Service provides support for fingerprint biometric devices so that you can use a fingerprint reader to log on to your computer and to enter administrative credentials in response to UAC elevation prompts.
Data encryption BitLocker Drive Encryption (available only in Enterprise and Ultimate editions) encrypts entire hard drives—making the data they contain completely inaccessible to a thief who makes off with a computer. In Windows 7, BitLocker To Go can also be used to protect removable storage drives, such as portable hard drives and USB flash drives.
From the Microsoft Press book Windows 7 Inside Out by Ed Bott, Carl Siechert, and Craig Stinson.
credit: technet.microsoft.com