Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Windows 7 security enhancements


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Windows 7 security enhancements

  1. 1. Cryptography IN THE REAL WORLD
  2. 2. Enhance Security and Control Narenda Wicaksono IT Pro Advisor, Microsoft Indonesia
  3. 3. Windows 7 Enterprise Security Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable.
  4. 4. A. Fundamentally Secure Platform Windows Vista Foundation Streamlined User Account Control Enhanced Auditing
  5. 5. B. Securing Anywhere Access Network Security Network Access Protection Direct AccessTM
  6. 6. C. Protect Users & Infrastructure AppLockerTM Internet Explorer Data Recovery
  7. 7. D. Protect Data from Unauthorized Viewing RMS EFS BitLocker & BitLocker To GoTM
  8. 8. A. Fundamentally Secure Platform Windows Vista Streamlined User Enhanced Auditing Foundation Account Control
  9. 9. Streamlined User Account Control Make the system work well for standard users Administrators use full privilege only for administrative tasks File and registry virtualization helps applications that are not UAC compliant
  10. 10. User Account Control – Windows 7 Reduce the number of OS applications and tasks that require elevation Refactor applications into elevated/non-elevated pieces Flexible prompt behavior for administrators Users can do even more as a standard user Administrators will see fewer UAC Elevation Prompts
  11. 11. B. Securing Anywhere Access Network Security Network Access DirectAccess Protection
  12. 12. Network Security Policy based network segmentation for more secure and isolated logical networks Multi-Home Firewall Profiles DNSSec Support
  13. 13. Network Access Protection Ensure that only “healthy” machines can access corporate data Enable “unhealthy” machines to get clean before they gain access
  14. 14. DirectAccess Security protected, seamless, always on connection to corporate network Improved management of remote users Consistent security for all access scenarios
  15. 15. Network Access Protection POLICY SERVERS such as: Patch, AV Windows DHCP, VPN Client Switch/Router NPS Not Policy Remediation Compliant Servers Example: Patch Restricted Network Health policy validation and remediation Helps keep mobile, desktop and server devices in Policy CORPORATE NETWORK compliance Compliant Reduces risk from unauthorized systems on the network
  16. 16. Remote Access for Mobile Workers Access Information Anywhere Difficult for users to access corporate resources from outside the office Challenging for IT to manage, update, patch mobile PCs while disconnected from company network
  17. 17. Remote Access for Mobile Workers Access Information Anywhere Same experience accessing corporate resources inside and outside the office Seamless connection increases productivity of mobile users Easy to service mobile PCs and distribute updates and polices
  18. 18. C. Protect Users & Infrastructure AppLockerTM Internet Explorer 8 Data Recovery
  19. 19. AppLockerTM Enables application standardization within an organization without increasing TCO Increase security to safeguard against data and privacy loss Support compliance enforcement
  20. 20. Internet Explorer 8 Protect users against social engineering and privacy exploits Protect users against browser based exploits Protect users against web server exploits
  21. 21. Data Recovery File back up and restore CompletePC™ image-based backup System Restore Volume Shadow Copies Volume Revert
  22. 22. Application Control Users can install and run non-standard applications Even standard users can install some types of software Unauthorized applications may: Introduce malware, Increase helpdesk calls, Reduce user productivity, Undermine compliance efforts
  23. 23. Application Control Eliminate unwanted/unknown applications in your network Enforce application standardization within your organization Easily create and manage flexible rules using Group Policy
  24. 24. AppLocker Simple Rule Structure: Allow, Exception & Deny Publisher Rules Product Publisher, Name, Filename & Version Multiple Policies Executables, installers, scripts & DLLs Rule creation tools & wizard Audit only mode SKU Availability AppLocker – Enterprise Legacy SRP – Business & Enterprise
  25. 25. D. Protect Data from Unauthorized Viewing RMS EFS BitLocker
  26. 26. RMS Policy definition and enforcement Protects information wherever it travels Integrated RMS Client Policy-based protection of document libraries in SharePoint
  27. 27. EFS User-based file and folder encryption Ability to store EFS keys on a smart card
  28. 28. BitLocker Easier to configure and deploy Roam protected data between work and home Share protected data with co-workers, clients, partners, etc. Improve compliance and data security
  29. 29. BitLocker Worldwide Shipments (000s) 1200 Removable Solid- State Storage 1000 Shipments 800 600 400 PC 200 Shipments 0 2007 2008 2009 2010 2011 • Gartner “Forecast: USB Flash Drives, Worldwide, 2001-2011” 24 September 2007, Joseph Unsworth • Gartner “Dataquest Insight: PC Forecast Analysis, Worldwide, 1H08” 18 April 2008, Mikako Kitagawa, George Shiffler III
  30. 30. BitLocker + Extend BitLocker drive encryption to removable devices Create group policies to mandate the use of encryption and block unencrypted drives Simplify BitLocker setup and configuration of primary hard drive
  31. 31. BitLocker BitLocker Enhancements Automatic 200 Mb hidden boot partition New Key Protectors Domain Recovery Agent (DRA) Smart card – data volumes only BitLocker To Go Support for FAT* Protectors: DRA, passphrase, smart card and/or auto-unlock Management: protector configuration, encryption enforcement Read-only access on Vista & XP SKU Availability Encrypting – Enterprise Unlocking – All
  32. 32. Windows 7 Enterprise Security Building upon the security foundations of Windows Vista, Windows 7 provides IT Professionals security features that are simple to use, manageable, and valuable. Windows Vista Network Security AppLocker RMS Foundation Network Access Internet Explorer 8 EFS Streamlined UAC Protection Data Recovery BitLocker Enhanced Auditing DirectAccess
  33. 33. Learning curriculum
  34. 34. eBooks in Bahasa
  35. 35. Indonesia Developer Portal
  36. 36. IT Professional Portal
  37. 37. © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.