Introduction:
Due to the constant changing of security threats on the Internet.
Microsoft has found it necessary to focus its resources on creating
an operating system that helps to keep a home or business computer
along with any network of computers safe from security threats. In
this paper I would like to discuss the key features that Microsoft
has used in its Vista operating system and how these security
features impact you, the computer user.
<>User Account Control (UAC):
The most significant feature of the Vista operating system is the use
of the User Account Control (UAC). The purpose of the UAC is to
allow standard users to have permission enough to be productive but
not be allowed to make potentially harmful system changes. The
greatest challenge for the UAC is that most users get very
frustrated when prompted for Administrative level permissions for
tasks that are under the UAC's control. Over time, many people will
tire of the constant prompts and take the UAC out of the equation by
running with Administrator controls.
Running your computer as administrator can be fine for those that
are pretty computer savvy and can confidently make the necessary
system changes without compromising the security of the system. For
those of you that are not comfortable making system configuration
changes or are not sure how to properly configure your network, I
would advise running in standard user mode so that Vista can help
protect your system from possible security threats. Security threats
are very real in today's world. It isn't a matter of 'if' your
system gets attacked any more. It is a matter of 'when' your system
will be attacked.
Vista's UAC has the ability to keep malicious code from accessing
certain system files and will notify you in the event something is
in fact trying to make these changes. Therefore, it is important
that you allow Vista to do its job and not turn this feature off. I
know that the prompts can be a bit annoying at times, but it is
something that you should learn to accept and know that it is trying
to keep your valuable data safe.
<> Windows Vista Security Center:
The Windows Security Center was developed to place all of your
security programs in one easily accessed location so that you can
view the status of these installed programs. Once accessed, you will
easily be able to see that you have all of your security settings
turned on. The Windows Security Center will even monitor 3rd party
security programs to show that these programs are turned on and are
up-to-date.
<>Malicious Software Removal Tool:
Microsoft delivers a Malicious Software Removal Tool via Windows
Update. This tool runs in the background and will scan your system
periodically for any malicious code (viruses, worms and Trojan
horses) that could have been installed. This tool has the ability to
remove this code and return your system to its original state. Keep
in mind that this tool is not intended to replace an anti-virus
software. The Malicious Software Removal Tool is a post infection
tool, meaning that the infection has already been installed on the system. Keep
a capable and updated anti-virus software installed and running on
your system at all times. If you do not want the Malicious Software
Removal Tool installed on
your system, you have that choice. However, if you ever would like
to download and run this tool to check your system, you can do that
online here:
http://www.microsoft.com/security/malwareremove/default.mspx
<>Windows Vista Firewall:
The Windows Vista Firewall is a very capable firewall that gives
sufficient protection to basic users by default. "IT" individuals that
require added protection have the flexibility of configuring the
firewall to suit their needs. For more information about the Windows
Vista Firewall, visit the link below:
http://www.support4vista.com/tutorial/windows-firewall.htm
<>Windows Defender:
Microsoft's Windows Defender is a real-time anti-spyware detection
and removal application that is built in to Windows Vista. This
anti-spyware tool can be accessed via Control Panel and clicking the
Windows Defender icon. It can also be accessed through the Windows
Security Center and then clicking the Windows Defender link. Once
accessed, you can scan your system for possible spyware infections.
The tool will then notify you of such infections and give the option
to clean your system from these pests.
Keeping this tool up-to-date can help keep your system protected
against spyware being installed on your system. Once Windows
Defender's main screen is open, click the "Check for Updates Now"
button to install the latest security definitions.
<>Safer surfing with Internet Explorer 7:
Internet Explorer 7 has many security features installed. The
features that I'd like to discuss here are:
- Protected Mode
- Phishing Filter
- Security Status
Bar
- Protected Mode:
Windows Vista comes bundled with Internet Explorer 7 and has
Protected Mode turned on by default. With this feature turned on,
anytime a malicious code attempts to install itself in to a location
that is monitored by Protected Mode, you will receive a notification
of this attempted installation. In having a user double-check this
suspicious activity, it greatly reduces any malicious code attempt
and stops it before it has a chance to install.
- Phishing Filter:
When Internet Explorer is first installed on your system it will
have the Phishing Filter turned on by default. Users can at that
point decide if they would like to keep it running or decide to turn
this feature off. What Microsoft has done is compiled a huge and
on-going list of known web sites that have a reputation of phishing.
From the 5 Star Support Computer Glossary, Phishing is defined as:
"Short for Password Harvesting Fishing. It is the luring of
sensitive information, such as passwords and other personal
information, from a victim by masquerading as someone trustworthy
with a real need for such information.
Popular targets are users of online banking services, and auction
sites such as eBay. Phishers usually work by sending out spam e-mail
to large numbers of potential victims. Typically the email will
appear to come from a trustworthy company and contain a subject and
message intended to alarm the recipient into taking action.
A common approach is to tell the recipient that their account has
been de-activated due to a problem and inform them that they must
take action to re-activate their account. The user is provided with
a convenient link in the same email that takes the email recipient
to a fake web page appearing to be that of a trustworthy company.
Once at that page, the user enters her personal information which is
then captured by the fraudster."
With the Phishing Filter turned on, a user would be warned of this
possible activity prior to accessing the site.
- Security Status Bar:
You will not notice the Security Status Bar until you have entered
an area that requires personal identifying information. While many
of the sites that you visit are trusted and the need for accessing
this status bar is unnecessary, it could prove helpful if you are
accessing a site that you have never purchased anything from before.
You will see the Status Bar at the right side of your address bar
(where you enter in a web sites address). It is a little yellow
lock. When you click the yellow lock image, you will invoke a
separate window and will offer advice that could help keep you
safe from any possible fraudulent activity.
Closing Comments:
As you can see after reading this article, Microsoft has addressed
many important security concerns with the Windows Vista release. Is
it perfect? Absolutely not! In fact, there is much more work to be
done. As the Internet evolves, it will be necessary to make constant
changes to ensure people are safe from data theft and identity
theft. I think Microsoft fully understands its responsibilities to
its customers and has demonstrated with this latest release their
dedication to Internet security.
[Top] |
