I haven’t posted in a while – I was preparing for and attending Gartner’s US Fall Symposium conference in Orlando which wrapped up yesterday. Coincidentally, yesterday was also the official launch of Windows 7.
As I talked about here, there are things that organizations can do today to improve the security of their endpoints that don’t require an upgrade to Windows 7.
However, there are a LOT of new and improved security capabilities with Windows 7. Some are completely new – like AppLocker and BitLocker To Go. Others are improved over what shipped with Windows Vista (like BitLocker), but are new to XP users.
The full Gartner research note on Planning for the Security Features of Windows 7 has just published. In the research note, I look at most of the security capabilities of Windows 7, discuss their pros and cons as well as recommendations for deployment. If you are a Gartner client and planning on deploying Windows 7 (which will be just about every organization given how few actually deployed Vista), this document will be useful guide for testing and planning.
Here’s a list of the prioritized features discussed in the note (I’m sure there are more, these are the major ones that I get questions on):
- User Account Control
- BitLocker To Go
- Internet Explorer Version 8 Security
- Windows Services Hardening
- Windows Firewall
- ASLR, DEP and Safe Unlinking
- USB Device Control
- Kernel Patch Protection (formerly called PatchGuard) and Signed Device Drivers With 64-Bit Windows 7
- Network Access Protection
- Windows Defender
- Domain Name Systems Security Extensions Support
- Windows Audit Function
- Rights Management Services Client
One important note: Because many of the more popular security features such as BitLocker, BitLocker To Go, AppLocker, DirectAccess and so on require EA/SA, the cost of EA/SA must be factored into any cost-benefit analysis of migration. If you don’t already have EA/SA, this can be a significant expense.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.