Protect your business data with the tools you already own
Microsoft Office, Windows Vista, and other Microsoft tools help your organization be secure without purchasing additional software.
In summary:
| • | Discover the many security features that anyone can use in Windows Vista and the 2007 Microsoft Office system. |
| • | Take advantage of data backup capabilities. |
| • | Manage network environments for better security. |
There's no shortage of security products and services on the market. Some of these solutions are not only useful, but vital to safeguard the information and applications that are valuable to your business. But, there are also effective ways to protect your business data with the tools you already own.
"All Microsoft products and technologies ship today with various security aspects, some of which are enabled by default and others that have some configuration requirements," says Chris Andreozzi, president of KnowledgeCentrix, an IT consulting firm and Microsoft Gold Certified Partner based in Placentia, California.
Here are some of the ways you can maximize Microsoft technologies to protect information.
Windows Vista security features
The Windows Vista operating system features a number of security capabilities, including:
| • | Numerous firewall improvements. |
| • | The ability to manage and control firewall policy from a central location on a corporate network. |
| • | Disk encryption. |
| • | Utilities for data protection, system imaging, and system restore points, and for users to recover data or the entire operating system easily. |
With Windows Vista Business and Windows Vista Ultimate, you can centrally manage and control these features for a Windows Server network environment including Small Business Server 2003. Networking technology in Windows Vista allows you to send secure data transmissions on your company's network. The operating system also supports public key infrastructure (PKI) certificates, a technology that authenticates your employees' identities.
Windows Vista Ultimate features BitLocker Drive Encryption, which prevents an unauthorized user from breaking Windows Vista file and system protections or performing offline viewing of files stored on the protected drive. The technology protects both mobile and desktop systems in the event of loss or theft.
Microsoft Office Small Business 2007
The small business version of the 2007 Microsoft Office system includes useful security features that any employee can manage. For example, Office Outlook 2007 provides a number of tools, such as anti-spam and anti-phishing technologies, to help people block viruses and unwanted e-mail. Here are some others:
| • | Outlook E-mail Postmark is a new technology to help you stop spam. Before a message leaves your outbox, Office Outlook 2007 automatically stamps it with an e-mail postmark, which incorporates unique characteristics of the message. As a result, the postmark is valid only for that e-mail message. When a recipient e-mail application that supports Outlook E-mail Postmarking receives a postmarked message, it will recognize the postmark and verify the validity of the message. Otherwise, the message goes to an anti-spam folder. The technology is a barrier for spammers, because postmarking e-mails means that it takes a bit longer to send out e-mail messages. For spammers who send thousands of e-mails in one batch, that slowdown would likely lead them to turn the option off. |
Office Outlook 2007 also features an improved Junk e-mail filter that sorts out more unwanted e-mail messages than earlier versions of Office.
| • | There's also new protection against phishing (fraudulent e-mail messages that aim to trick people into divulging personal information). Office Outlook 2007 tracks suspicious e-mail messages and automatically disables links within such messages until users approve them. (For more information about how to prevent junk e-mail, see "Use Rules and Tools to Reduce Junk E-mail.") |
| • | Another tool, Information Rights Management (IRM), is a policy enforcement technology available in the 2007 Microsoft Office system that helps protect documents, worksheets, presentations, and e-mail messages from unauthorized access and use. IRM allows you to specify who can access documents and e-mail messages, and to control who is allowed to edit, copy, forward, and print the contents. |
Use backup capabilities to protect data
Windows XP and Windows Vista have built-in backup utilities; use them to back up the system state as well as data, says Nitesh Bharadia, CEO and technical director at b2Lateral Ltd, a London-based IT services and consulting firm and Microsoft Gold Certified Partner.
Employees should keep all data in one location and the directory structure below it, for example: c:\data\user1\etc. "Then they should regularly back up everything from c:\data to an external USB drive or [network], and then make a system state backup each time they add software or patches to their system," Bharadia says.
Windows XP and Windows Vista also provide System Restore points that make backups of the important states each time you add new software. This feature also delivers a means to restore the configuration to a "known good state," Bharadia adds. "It is also important to make regular recovery disks," he says. "Most modern machines [that] have pre-loaded operating systems don't provide the CDs to recover in the event of a failed disk. But they provide you with the ability to make these disks from the pre-loaded hidden partition on the disk. You should create these disks as soon as you receive the machine."
Manage network environments more effectively
One of the more effective solutions for managing a network environment is the Microsoft Distributed File Services (DFS), a core Windows Server technology, which is part of Windows Small Business Server 2003. DFS enables you to create a single, hierarchical view of your network's physical resources, rather than multiple separate directories, so you have good visibility of all network issues.
You can position each network resource in the most logical place in your DFS tree, regardless of its actual location in the network, according to Doug Fiore, president of Qortex LLC, an IT services provider and Gold Certified Managed Microsoft Partner in Englewood, Colorado.
A component of DFS, called DFS Replication, allows you to replicate files from one server to another, says John Oravez, senior network architect at Qortex. Using DFS Replication, you can maintain multiple copies of files in different locations without the need for extra software to provide backup redundancy in the event of hardware failure.
Automate tasks using Microsoft desktop and server technologies
Microsoft has closely aligned its server and desktop operating systems, Andreozzi says, and by using Group Policy, systems administrators can provide total control of the desktop operating system environment.
Group Policy and the Active Directory services infrastructure scripting in Small Business Server 2003 allow IT administrators to automate system policies and management of users and computers. "With the debut of Group Policy Management Console (GPMC) [in Windows Server 2003], policy-based management is even easier," says Oravez. "Administrators can efficiently implement security settings, enforce IT policies, and distribute software consistently across a given site, domain, or range of organizational units."
 | Bob Violino is a business and technology freelance writer based in Massapequa Park, N.Y. |
