5 Windows 7 security features businesses need to know about Part II
Each profile type has its own selection of applications and connections allowed through the firewall. For instance, in a home or small-business network marked Private, you might allow file and printer sharing, while on a network marked Public, you would likely disallow access to your files.
Oracle Database 11g: Defense-in-Depth Solutions for Security and Compliance: Download now
Vista’s firewall profiles worked well except when a computer was connected to multiple networks simultaneously, such as an Ethernet and a wireless network. In those cases, the system would default to the most restrictive profile. This could cause problems when, for example, connecting to a corporate VPN through a public Wi-Fi hot spot; Vista would recognize simultaneous connections to both a public and domain network and apply the public profile to both.
All versions of Windows 7 allow computers to keep several firewall profiles active at the same time, maintaining the access and functionality of the more trusted network while blocking access via the less trusted network. Since many remote access functions require less restrictive firewall settings, users can now work securely while remaining protected from threats outside of the corporate network.
With fingerprint readers becoming more and more common on laptops, establishing a standard for the handling of biometric data has become important. Enter Windows Biometric Framework, a standardized method for storing fingerprint data and accessing it through a common API. Although most of the features of this subsystem are of interest only to developers, there are two important things that businesses should know Microsoft MCTS Training.
First, while fingerprint scanners could formerly be used to log onto a computer but not to log onto a corporate domain (a corporate network or network subsection), the Windows Biometric Framework allows domain log-in.
Second, users can store up to 10 unique fingerprints, one for each finger. While most of us probably don’t expect to lose a finger anytime soon, having all 10 fingers enrolled in the system is a good precaution in case of lesser injuries. A cooking accident or a hand caught in a door can easily modify a finger enough that it won’t register correctly with a fingerprint reader, and you don’t want a user to be barred access to his computer while he heals.
Fingerprints are added using the Biometric Device applet, which appears in the Control Panel of any Windows 7 computer with a fingerprint scanner attached and from which you can enable computer and domain log-in. You must be logged in as an administrator to add or manage fingerprints on Windows 7.
BitLocker To Go
One of the most serious security threats facing today’s businesses is the loss of a mobile asset containing confidential corporate information. Windows Vista’s BitLocker began to address this problem by allowing business users to encrypt a laptop’s entire hard drive so that if it were lost or stolen, nobody could access the information stored on it. BitLocker To Go extends the same protection to even more easily lost external drives, including pocket-size hard drives and tiny flash drives Microsoft MCITP Certification.