Windows 7 Security: Tips and Tricks to Help Protect Your OS
Orin Thomas
There are several obvious basic steps to securing a computer: Keep it current with the latest operating-system and application updates, ensure you’ve installed the latest antispyware and antivirus software, and use complex passwords, changing them regularly. In this article I’ll cover some security tips that go beyond these basic strategies and help you better utilize the security features of Windows 7.
Prepare for BitLocker
One of the most notable security improvements in Windows 7 is in BitLocker, the technology for hard-disk encryption and boot-environment integrity-protection that debuted in Windows Vista. In Windows 7, the Enterprise and Ultimate editions include BitLocker. The technology ensures that unauthorized users can’t recover data from the hard-disk drives of stolen or lost laptops, as long as the computer was powered off when it went missing.
One challenge BitLocker presents, though, is recovering data after a hardware failure that locks protected volumes. So although BitLocker offers excellent protection, many IT professionals find it problematic because they tend to encounter it only when they must perform recovery operations.
Data recovery requires access to the BitLocker keys or passwords associated with the locked volumes. While it’s relatively easy to keep track of these for a small number of computers, doing so for several hundred is much more challenging.
Group Policy helps IT professionals configure BitLocker so it can be activated only when the recovery keys and passwords have been successfully backed up to Active Directory. Extracting this recovery data has been vastly simplified by improvements to the Active Directory Users and Computers console in Windows Server 2008 R2 and to the Remote ServerAdministration Tools for computers running Windows 7. Locating recovery passwords and keys is much easier than with the tools in Windows Vista.
Instead of having to download, install and configure special tools, you can access BitLocker recovery keys and passwords from a BitLocker Recovery tab. You’ll see this when viewing computer account properties in Active Directory Users and Computers. Ensuring that BitLocker keys and passwords are backed up is a three-step process:
1. In the Group Policy for the computer accounts of the system BitLocker will protect, navigate to Computer Configuration | Windows Settings | Administrative Templates | Windows Components | BitLocker Drive Encryption.
CREDITS http://technet.microsoft.com/en-us/magazine/ff626497.aspx
Orin Thomas
There are several obvious basic steps to securing a computer: Keep it current with the latest operating-system and application updates, ensure you’ve installed the latest antispyware and antivirus software, and use complex passwords, changing them regularly. In this article I’ll cover some security tips that go beyond these basic strategies and help you better utilize the security features of Windows 7.
Prepare for BitLocker
One of the most notable security improvements in Windows 7 is in BitLocker, the technology for hard-disk encryption and boot-environment integrity-protection that debuted in Windows Vista. In Windows 7, the Enterprise and Ultimate editions include BitLocker. The technology ensures that unauthorized users can’t recover data from the hard-disk drives of stolen or lost laptops, as long as the computer was powered off when it went missing.
One challenge BitLocker presents, though, is recovering data after a hardware failure that locks protected volumes. So although BitLocker offers excellent protection, many IT professionals find it problematic because they tend to encounter it only when they must perform recovery operations.
Data recovery requires access to the BitLocker keys or passwords associated with the locked volumes. While it’s relatively easy to keep track of these for a small number of computers, doing so for several hundred is much more challenging.
Group Policy helps IT professionals configure BitLocker so it can be activated only when the recovery keys and passwords have been successfully backed up to Active Directory. Extracting this recovery data has been vastly simplified by improvements to the Active Directory Users and Computers console in Windows Server 2008 R2 and to the Remote ServerAdministration Tools for computers running Windows 7. Locating recovery passwords and keys is much easier than with the tools in Windows Vista.
Instead of having to download, install and configure special tools, you can access BitLocker recovery keys and passwords from a BitLocker Recovery tab. You’ll see this when viewing computer account properties in Active Directory Users and Computers. Ensuring that BitLocker keys and passwords are backed up is a three-step process:
1. In the Group Policy for the computer accounts of the system BitLocker will protect, navigate to Computer Configuration | Windows Settings | Administrative Templates | Windows Components | BitLocker Drive Encryption.
CREDITS http://technet.microsoft.com/en-us/magazine/ff626497.aspx
