Guard your virtual campus
Improving security and compliance with Windows Vista
In today's digital world, computers are an increasingly attractive target for criminals hoping to steal information or to harm your institution, its administration, faculty members, and/or students. In addition, new government regulations require you to maintain high standards for security and data protection.
To help your institution address the risk and reduce the expense associated with security and compliance, Windows Vista provides multiple layers of protection. It begins with an operating system that is designed to be secure. On top of that, Windows Vista is engineered to protect your institution from external attacks, internal threats, and unauthorized access to specific information. And, should you need to recover data, Windows Vista makes it easier to ensure that your information is backed up and accessible.
On This Page
Experience a system engineered for security
Windows Vista is the first version of the Windows operating system to be developed using Microsoft's Security Development Lifecycle. The Security Development Lifecycle makes security a top priority from the start by defining a repeatable engineering process that every developer must follow and then verifying the efficacy that process before release.
Protect information using encryption and recovery
If someone gains access to your school network, it doesn't have to mean they can access your confidential information. Windows Vista helps you keep data confidential by supporting data encryption at the disk, directory, or file level, with features such as:
Windows BitLocker Drive Encryption: In 2005, a laptop was stolen from a major university. The laptop contained personal data, including Social Security Numbers, for nearly 100,000 students. The data was not secured. BitLocker Drive Encryption could have protected that data. BitLocker Drive Encryption is a hardware-enabled data protection feature that addresses the growing concern that institution and student data could be accessed from lost or stolen computers. By encrypting the entire Windows system volume, data is better protected, which prevents unauthorized users from compromising Windows file and system protection on any lost or stolen PCs. Using BitLocker also helps your institution comply with data privacy regulations and reduces concerns about repurposing equipment. Available with Windows Vista Enterprise or Windows Vista Ultimate, BitLocker is simple to deploy and use, and makes recovery easy if the need arises.
Encrypting File System: Encrypting File System (EFS) is useful for user-level file and folder encryption. For example, if two students share a computer running Windows Vista, EFS can be used to encrypt each student's data so that it is not available to the other student using the computer. In addition, Windows Vista enhances the administrator's ability to manage EFS on a network by supporting storage of EFS keys on smart cards. This way, the rights assigned to each individual's smart card determine what content he or she has access to on a computer and across the network.
Control over storage device use: Windows Vista also includes the ability to restrict the use of universal serial bus (USB) keys and other removable storage devices with a corporate computer. With students and faculty increasingly using USB keys to transport work to and from campus, this added layer of security will help prevent your institution's valuable intellectual property from walking out the door.
Windows Vista also makes it easier to ensure that you have a backup of your information, so that if you should need to recover information, you can do so with relative ease. Previous Versions automatically creates point-in-time copies of files as you work, so you can quickly and easily retrieve versions of a document that you may have accidentally changed or deleted. That means you can add "I accidentally deleted it" next to "My dog ate it" on the list of out-dated excuses for missing assignments.
Protect against external threats
To help protect your institution's data from external threats, Internet Explorer 7 in Windows Vista runs with enough privileges to browse the Web, but not enough for students and faculty to modify user files or settings by default. As a result, even if a malicious Web site attacks a potential vulnerability in Internet Explorer 7, the ability of the site's code to install software, copy files to the Startup folder, or change browser settings will be reduced. The goal of protected mode privileges is to deliver an additional layer of security that makes it that much harder to attack the system, while still balancing between security and compatibility.
Windows Defender, an integrated component of Windows Vista, helps block, control, and remove spyware and other potentially unwanted software by periodically scanning individual hard drives, watching for spyware and malicious software.
Schools and universities are challenged to make wireless networks secure. Many users, particularly higher education students, connect to multiple networks at once. If an application or hacker can forward data requests from one network to the other, this can create a vulnerability. In Windows Vista, wireless networking is more secure by default, and includes support for the latest and most secure wireless networking protocol, WiFi Protected Access 2 (WPA2).
Finally, to further help protect your institution from external attack, Microsoft continues to improve Windows Firewall. For example, bi-directional, application-aware filtering helps prevent distributed denial of service attacks. And service hardening restricts atypical service access to files, registry, and network resources, helping to block the ability of malicious software to hijack Windows services for use in carrying out attacks.
Protect against internal threats
Increasing protection against internal threats (whether deliberate or accidental) to your institution's information resources means increasing control over what individual people can do on your network. Viruses, denial of service, unauthorized access, and theft of proprietary information are the top four causes of data loss. Running individual application privileges at the lowest required level reduces the attack surface of the operating system, limiting the ability of malicious software to cause harm. In addition, User Account Control helps protect school resources by letting you deploy computers with standard user privileges, such as "Student," "Teacher," or "Administrator" privileges.
Access information more securely
As using the Internet becomes integrated into your educational and administrative processes, the browser your students, teachers, and administrators use is a key defense against increasingly sophisticated Internet threats.
Windows Internet Explorer 7 in Windows Vista represents a major step forward in browser security and privacy protection. Its new architecture is designed to give users more confidence in the security of their browsing activity while also helping to protect their personal data from phishing attacks and fraudulent Web sites.
In Windows Vista, Windows Defender helps protect your system from malicious software. It monitors aspects of the operating system that malicious software uses, and before allowing the software to change your system, it asks for your approval. Windows Defender also automatically scans your system looking for suspicious software and will help you remove it.
