Moving to Windows 7 enables organizations to realize great user productivity and IT benefits. In this article, I wanted to share information about the security benefits, and specifically, seven practices and easy to configure policies that can make your desktop environment safer and more controlled.
1. Control your desktop network access. Windows 7 enhances the firewall and provides granular control over inbound and outbound connections based on where the user is: domain (work), private (home), and public, including determining notification levels for the user. A little-known fact is that, with Windows7, there is a new capability that enables having more than one profile active. Because users typically connect to both local network (work or home) as well as the Internet (public), different rules should apply. Simply type “Windows Firewall with Advanced Security” on your Start menu to see the options. All firewalls events can be viewed in the monitoring tab and aggregated through Windows Event Log. Learn more More »
Windows Management Instrumentation (WMI) is a key part of the Windows 7 operating system. It is used to gather system statistics, monitor system health, and manage system components. To work properly, WMI relies on the WMI service. This service must be running and properly configured for your environment.
You control the configuration of the WMI service through WMI Control, which can be accessed on a local or remote system by using the following steps:
1. Click Start, type administrative tools, and hit Enter.
2. Then click Computer Management.
3. To connect to a remote computer, right-click Computer Management in the console tree and then select Connect To Another Computer. You can now choose the system that has the services you want to manage, provided you have the proper administrative privileges. More »
Occasionally, you might discover a client that isn’t automatically installing updates correctly. Such clients are typically identified during software update audits. To identify the source of the problem, follow these steps:
1. Determine the last time the client was updated. This can be done in two different ways—by checking the client’s registry (the most reliable technique) or, if you use Windows Server Update Services (WSUS), by checking the Reports page on the WSUS Web site.
* To check the client’s registry, open the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results registry key. In each of the Detect, Download, and Install subkeys, examine the LastSuccessTime entry to determine when updates were last detected, downloaded, and installed. More »
In order to preserve access to any encrypted data and stored passwords that a user might have, it is preferable to try and recover a user password rather than change or remove the password.
Windows 7 provides two ways to recover user passwords:
Password Hint A hint can be accessed on the Welcome screen. Ordinarily, the Welcome screen is displayed when the computer is started and no one is logged on. If someone is logged on to the workstation, ask him or her to log off. Click the user’s name to display the Password prompt, and then click the blue enter button to display the password hint. Hopefully, the password hint will help the user remember the password. If it doesn’t, you need to use a password reset disk. More »