6 Reasons Why Windows 7 Beats Vista In Security

Vista might have been more secure than previous Microsoft operating systems, but that security came at a pretty high price. One of the biggest usability challenges occurred because of its security prompts, which came frequently, in duplicate and at odd intervals. That is to say, Vista users were bombarded with them.



The problem stemmed from Vista's User Account Control (UAC), which was turned on by default and gave end users administrative privileges over their security settings. Consequently, if a user attempted to run a certain application, they would automatically receive a security pop-up. "[Microsoft] got a lot of complaints around that," said Jason Miller, data and security team leader for Shavlik Technologies, a patch management company.



Windows 7 revamped the security control model to allow more flexibility and options. Whereas Vista users had to either adopt a "paranoid mode" security level or none at all, Windows 7 users now have the option of selecting various additional levels of security, therefore controlling the number of security prompts they receive.



Security experts say that the revised feature doesn't necessarily make the OS less secure but gives users more options around their required level of security.



"It allows more exceptions, and those pop-ups are not as prevalent as before," Miller said.

The same encryption technologies that were good in Vista are now expanded in Ultimate and Enterprise editions of Windows 7. And the inclusion of an enhanced encryption drive is a big boon for the new operating system, experts say. Copious reports still contend that one of the primary -- if not the biggest -- causes of data breaches is lost and stolen hardware devices (i.e. leaving a laptop in a taxi, forgetting a smartphone in a restaurant, etc.). Vista's BitLocker technology worked great for the local hard drive, experts say, but was lacking for mobile storage devices, creating a security risk with the influx of remote and traveling workers transporting critical data to and from the workplace. Subsequently Microsoft introduced BitLocker To Go in its Windows 7 OS, specifically designed to give mobile workers a much-needed security boost for their USB devices.

Trying to access your favorite social media site and coming up against an "access denied" alert? It might not be a mistake. The new AppLocker feature, embedded in Windows 7, allows IT administrators to write rules and directly control the applications end users are allowed to access. Don't want users be downloading iTunes? Or streaming videos? No problem, just write it in. In addition to improving productivity, organizations can also use the feature to adhere to compliance mandates.



While in the past, Vista and other operating systems could support software that enabled these kinds of user restrictions, the software was cumbersome and plagued with compatibility issues, experts said. "A lot of times you'd break things that you don't want to break," Miller said.



While intended to primarily be used in the enterprise environment, the AppLocker feature also could be used as a parental control for home users, experts say.

Microsoft is slowly inching its way forward in the security space. So it's not too surprising that Redmond would invest in high-end technologies such as biometrics. More and more organizations are requiring a fingerprint for single-sign on, which, until now, has been largely provided by third-party security vendors. Now Windows 7 is reducing the need to take additional steps by providing its own biometric technology on the Windows 7 side. While thus far Windows 7 has compatibility for fingerprints, the technology could be expanded to include handprints and other scans down the road.

Along with a slew of security features, Windows 7 comes with beefed-up reporting and auditing capabilities designed to monitor and report user behavior and activities to IT administrators and various regulatory compliance agencies. The enhanced auditing features are great for smaller organizations struggling to adhere to PCI, Sarbanes-Oxley, HIPAA and other mandates. Experts say that the Windows 7 upgrade might actually provide a much-needed boost for SMBs and smaller organizations balking at the thought of undergoing an installation of compliance software in order to meet compliance objectives.

This might seem like a no-brainer, but what's the first thing users do when their PCs are slow? Yeah, that's right, they turn off the antivirus and other security settings presumed to be dragging their system down. Likewise, security is usually the first to go when they run up against compatibility issues after installing a required application. And over the last two years, that was especially true for Vista users, who would do just about anything to get their system to work.



So needless to say, if their systems are fast, light on resources, and compatible with just about everything, most users take the "if it's not broken, don't fix it" mentality and leave their security settings well enough alone. Initial reports suggest that (installation issues aside) Windows 7 appears to be all of the above, which means that users are likely getting what they need from their new operating system and are simultaneously more secure.



Translation? A happy user is a secure user.