The document discusses Windows 7 security features such as Action Center, improved User Account Control, BitLocker, BitLocker To Go, biometric security, and Internet Explorer 8. It notes Windows 7 is an incremental update to Vista that uses the same security technologies but with a simpler interface and performance enhancements. The document emphasizes the importance of securing Windows 7 systems, educating users, using features like BitLocker, patching, and antivirus as threats continue to evolve beyond any single platform.

1. Windows 7 SecurityJorge OrchillesTerremark Worldwide

2. About MeIT Consultant over 7 years agoSecurity Analyst at TerremarkMaster’s of Science in Management Information Systems @ FIUAuthor of Microsoft Windows 7 Administrator’s Reference, Syngress PublishingFew certs: CCDA, CSSDS, MCTS, MCP, Security+

3. Audience SurveyXP Users?Vista Users?Windows 7 Users?Mac OS X?Linux/Unix?

4. RealityMarch 2009 Survey - ComputerWorld88% Windows

5. 10% Mac

6. 1% LinuxRealityUp to 94% of corporations skipped Windows VistaNew PC users had a choice to “downgrade” to XPNew OEM PCs will include Windows 7 and no choice for Windows Vista or XP for that matter. All enterprise systems will be required to upgrade to either Vista or Windows 7 soon! Microsoft is threatening cut off dates already.Windows XP is 8 years old!

7. Windows Vista FAIL?Why?Bad Press

8. Horrible releaseWindows Vista - Security Fail?Not so muchFewer High Security Vulnerabilities in Year 160% Fewer Malware Infections Than Windows XP SP2Mac OS X 10.4Ubuntu6.06 LTSRed HatEL4WSReduced

9. Windows Vista - Security FeaturesSecurity Development LifecycleWindows Service HardeningWindows DefenderInternet Explorer 7 w/Phishing FilterNG TCP/IP –IPv6, IPSec., WFPVista Firewall – inbound and outboundNetwork Access ProtectionUser Account Control – consent and credential promptingCode Integrity – all OS DLLS and exec digitally signedBitLocker, Encrypted File Systems, & Trusted Platform Module

10. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerIntroduction to Windows 7Incremental update to Windows Vista Uses the same technologies already in place with VistaSimpler user interface and enhancements to performanceExtensive UAT via public Beta and RC

11. New Desktop FeaturesUser Interface

12. Taskbar – Notifications

13. Aero Peak and Aero Snap

14. Jump Lists

15. Desktop Search

16. Driver and Device Support

17. HomeGroup

18. Windows Media Player/CenterSecurity FeaturesAction CenterBetter UACBetter BitLockerBitLockerToGoBiometric securityInternet Explorer 8AppLockerDirectAccessPowerShell v2

19. Action Center - SecurityReplaces Security CenterFirewall

20. Windows Update

21. Virus Protection

22. Spyware / other malware

23. Internet Security Settings

24. User Account Control

25. Network Access ProtectionAgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerAction Center - MaintenanceCheck for solutions to problems

26. Backup

27. Check for updates

28. Troubleshooting

29. RecoveryAgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerUser Account ControlLess nagging

30. GUI for customizing

31. Helpful?BitLockerIntroduced in Windows VistaEncrypts the system volume, including the page file and hibernation filesNo need for partitioning!Whole drive/volume encryption Trusted Platform Management (TPM) chip or pin/USB key

32. BitLocker – Recovery KeyAllBitlocker deployments require a copy of the recovery password to be stored somewhereOut of the box, your users must save their own recovery passwordThis probably isn’t the best idea…

33. BitLocker - IssuesHigh security environments can require a pin # or USB key before the system will bootRemote systems or servers in datacenter - BEWAREBitLocker is not a replacement for EFSBitLocker protects the whole drive at bootNo protection from user A seeing user B’s files post bootEFS solves this problem

34. BitLocker - IssuesTrusted Platform Module required

35. BitLocker – Corporate EnvironmentRequires Windows Server 2003 SP1 or newer domain controllersGroup Policy – Require Encryption!Universal Recovery Key: Data Recovery AgentWhat about deleted/disabled computer accounts?Sales guy who’s always on the roadHigh-powered exec who goes on a 3-month sabbatical

36. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerBitLocker To GoEncrypt Removable Media

37. Lost USB drive with corporate information?http://bit.ly/iJv4vhttp://bit.ly/1zFl3

38. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerBitLocker To Go - IssuesDoes not work with other OS

39. FAIL

40. On Vista and XP you can view content but not edit

41. FAIL

42. Password based

43. Recovery file?

44. Brute force?Biometric SecurityOptions with most new laptopsHad to use OEM softwareHP Biometric Security – FAILCan login Local or Domain

45. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerInternet Explorer 8Can be used on XP and Vista

46. Better than IE 6 and 7

47. SmartScreen

48. XSS Filter

49. Data Execution PreventionAgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerInternet Explorer 8 – Acid Test?

50. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerInternet Explorer 8 – Acid Test?

51. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerInternet Explorer 8 – SmartScreen?

52. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerInternet Explorer 8 – FTW?http://bit.ly/17KT8I

53. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerXP ModeXP remains App standard

54. Makes it easy to be compatible

55. Don’t forget to secure this VM!With Server 2008 R2Windows 7 with Microsoft Windows Server 2008 R2 features:AppLockerApplication White ListingEnforce App StandardizationBranchcacheCaches files from WANDirectAccessNo need for VPNEasier for administrationUses SSL, IPv6, IPSecFederated SearchSearch all assets including SharePoint

56. ManagementPowerShell v2IISExchangeCmdletsRemote ManagementEnhanced Group Policy

57. Secure?So far yes!September Patch TuesdayNone for Windows 7SMB2 0day?Does not affect Windows 7 finalhttp://bit.ly/10ffcx

58. Hide extensions for known file types

59. AutoRunNo longer AutoRun/ AutoPlay with non-optical media

60. Easier to distribute CD’s than Flash Drives!

61. Patch available for past OS http://support.microsoft.com/kb/971029

62. Easy upgrade path?

63. Upgrade can take a full day!http://bit.ly/39iiVt

64. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerEvolveCyber Crime is UP!

65. Threats have evolved

66. Less platform-centrichttp://bit.ly/akwRThttp://www.sans.org/top-cyber-security-risks/

67. AgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerEvolveAttack the applications

68. Attack the browsers

69. Attack the usersAgendaIntroduction to Windows 7Internet Explorer 8BitLocker and BitLocker to GoAppLockerEvolve – Stay CurrentTrain Users!

70. Security Awareness

71. Browser Security

72. Windows Training?RecapIf you run Windows now, you will be on 7 eventuallySecure it!Educate UsersUse BitLocker or FDEPatch EverythingUse AntiMalwareUse Firefoxno script - http://noscript.net/ WOT - http://www.mywot.com/

73. RecapCarefully plan migration from XP to 7Train users: Security AwarenessBrowser Use Windows 7 training

74. Questions?Thank YouEmail: jorgeao@gmail.comBlog: http://www.orchilles.comhttp://www.twitter.com/jorgeorchilles