The expert guide to Windows 7 security

How to configure Microsoft's new Windows operating system to beat malware and keep data secure

By Roger A. Grimes, InfoWorld |  Windows, Windows 7

EFS (Encrypting File System) has been improved in many ways beyond using more modern ciphers. For one, you can use a smart card to protect your EFS keys. This not only makes EFS keys more secure, but allows them to be portable between computers.

Administrators will be happy to know that they can prevent users from creating self-signed EFS keys. Previously, users could easily turn on EFS, which generated a self-signed EFS digital certificate if a compatible PKI server could not be found. Too often, these users encrypted files but did not back up their self-signed digital certificates, which frequently led to unrecoverable data loss.

With Windows 7, administrators can still allow self-signed EFS keys, while mandating ciphers and minimum key lengths. Windows 7 will prod users to back up their EFS digital certificates to some other removable media or network drive share -- and keep prodding them until they do it. A Microsoft Web page details the EFS changes.

Read more about how to secure your Windows 7 PCs in InfoWorld's free PDF report, "Windows 7 Security Deep Dive," including:

  • Safe browsing with IE8
  • Multiple active firewall policies
  • Managed and virtual service accounts
  • Configuring AppLocker
  • Running by the rules

This article, "The InfoWorld expert guide to Windows 7 security," was originally published at InfoWorld.com. Follow the latest developments in information security and Windows at InfoWorld.com.

Read more about security central in InfoWorld's Security Central Channel.


Originally published on InfoWorld |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness