Microsoft Vista: The Most Secure Client Operating System in the World

Author: Scott Porter

September 2008

Simply stated, Microsoft’s Vista client operating system is the most secure client operating system in the world. In this article we will discuss the security enhancements, and security features of Microsoft Vista Ultimate. Unfortunately there is a cost associated with security: namely usability, convenience, and a longer learning curve.

Microsoft dramatically changed the architecture of Vista compared to their earlier client operating systems. A large part of these changes deals with security enhancements.  The most significant security enhancements to Microsoft Vista are as follows:
User Access Control (UAC) is probably the most noticeable and misunderstood security enhancement to Windows Vista. UAC makes use of multiple access tokens, specifically a standard user access token and administrator access token created during authentication, to allow or deny specific tasks. BY default, all users logging on locally to their machine will have a standard access token, even if they are an administrator. When a user attempts to perform an administrative task such as installing an application or device drive, a UAC prompt will appear, requiring consent/acknowledgement or administrative credentials to begin the task. After the task is completed, the UAC automatically returns from the elevated administrative token to the standard user access token, returning the system to a protected state. Most small businesses and home users with Windows XP are using the account with which the operating system was installed. By default, this gives them administrative permission over the entire machine.

Windows Bitlocker Drive Encryption requires that the motherboard has a Trusted Platform Module (TPM) 1.2 chip installed. Bitlocker also requires TPM compliant BIOS and a second HDD partition formatted as NTFS, be on the active system partition, with at least 50MB dedicated to Bitlocker utilities, preferable 150MB. With the release of Service Pack 1, the ability to encrypt multiple partitions and drives has been included.

Windows Firewall now allows inbound and outbound connections to be allowed or denied, instead of the inbound limitation provided by Windows XP. Outbound connections can be IP based addresses, ports or services. IPSec is also fully integrated, allowing for secure connections to remote and/or high security sites.

In summary, Microsoft Vista, vulnerable as are all operating systems, is a step in the right directions for making a client system more secure for home and corporate environments.

Scott Porter – Senior Technical Trainer, New Horizons Training Supervisor-Louisville, Network Engineer, Master Web Designer & Consultant. Senior Technical Trainer and Computer consultant specializing in Network Engineering; E-commerce planning, design, and implementation strategies. Twenty years’ experience in providing innovative solutions for complex client needs and expectations, in both entrepreneurial and corporate roles, focusing primarily on high tech and government industry clients. Founder of Preferred Technology Solutions LLC.  & Co-founder of www.cafewebhosting.com.

For additional information about New Horizons Computer Learning Centers Ohio Valley and our superior training opportunities, please call Ph: 937-879-6080 Fax: 937-754-1644