New Windows security features revealed

Sunday Business Post - IT security supplement - Feb 22 2009

Read the article on the Sunday Business Post website by clicking here.

Microsoft’s Windows 7 operating system will include a new feature to allow users to encrypt data on memory keys and data sticks. The system, due to replace Microsoft Vista, is due to hit the market before the end of the year.

‘‘One of the new features in Windows 7 will allow users to encrypt data on memory keys or USB sticks,” said Declan Faller, infrastructure product manager with Microsoft Ireland. ‘‘A lot of memory keys with important data are being lost at the moment, and the ability to encrypt memory keys will be an important feature in Windows 7.”

Recent reports on the new operating system, which is also expected to have smart cards and biometric identifier capabilities, have pointed to the possibility of a security flaw within its User Account Control (UAC) system.

Although he declined to comment on specific details, Faller said the development of the product was at beta stage, and changes to the UAC would be made prior to its full release. He said Microsoft was working with major global security vendors to develop applications to run on Microsoft-enabled PCs and servers, and that the aim was to ensure that all would be compatible with the new version of Windows.

‘‘We recently announced the Windows 7 Ecosystem Readiness Program, where we’ll be working closely with software, hardware and peripherals vendors,” said Faller. ‘‘A key area for us is to ensure that each of the different vendors - like MacAfee and Symantec and many others - work very closely with the product team developing Windows 7, to ensure the products are ready to go.”

Microsoft is also set to release new versions of its ForeFront range of security products later this year. These will be used to protect company’s desktops, servers and applications.

‘‘The next wave of these products will be released before the end of this calendar year,” Faller said. ‘‘They will begin to really integrate the world of security with the world of infrastructure management, helping to automate security processes and giving users one console to look at all the potential vulnerabilities within their organisation. This will enable people to be much more proactive in how they manage their IT infrastructure security.”

IT managers and business owners facing falling IT budgets should not opt to scrimp on security.

‘‘We are very much aware that IT budgets are being reduced dramatically or, at best, remaining stagnant. It is very important that companies assess exactly where they make those cuts,” Faller said.

‘‘We are seeing that companies realise that they still have to spend a certain amount on security to protect their systems. Most organisations realise that maintaining the security of their systems is not negotiable.”

There could be potential savings for companies that were not utilising all of the security features on offer in their existing systems.

‘‘We are advising customers to look at their existing licensing agreements and maximise what they have paid for,” said Faller.

‘‘Sometimes, a customer might be licensed to use products that they might not be using. Another area is to make sure they are using all the features in the products that they have.”

Microsoft Office has a number of features to ensure data security. ‘‘There are a number of security features within the Office products which can restrict what can be done with a document,” said Faller.

‘‘If you are sending a sensitive document to a colleague that you do not want forwarded on, and you do not want to get into the public domain, you can set the rights of a particular document or spreadsheet so that they can only just view it, not forward it or print it off.

‘‘There are also password protection features for documents, such as spreadsheets from the finance department, that they want to share. They can restrict access to it using settings within the active directory, on who has the right to view that document.”

Businesses with valuable customer information held within their SQL databases or Microsoft Dynamics Customer Relationship Management (CRM) systems should be using encryption and following strict information management processes, Faller said.

‘‘It is very important that databases are encrypted, whether the information is sitting locally on people’s machines or somewhere centrally,” he said.

‘‘If information goes missing - for example, if a laptop with customer details is lost - you should know where the information sits, and if that laptop was encrypted.”