Preparing for Vista

Learn how you can enjoy the benefits of the new Windows Vista operating system without compromising your business' security.

After many years in development, Microsoft’s new operating system, Windows Vista, became available to businesses with volume license agreements on November 30. The home version of Vista will be available on January 30, 2007. The Vista launch has been highly anticipated, as it took more than five years for Microsoft to release this updated version of Windows. Vista offers a variety of new features ranging from a streamlined and enhanced user interface to faster data transfer for remote data sources. Windows Vista is also being touted as a more secure operating system. However, industry experts question the level of security it is able to offer since Vista’s primary function is as an operating system and cannot address all security issues including viruses and Trojan horses.

Additionally, as with most new releases, there may be unforeseen vulnerabilities that could be discovered and exploited by hackers. In fact, even though Vista has not been released to the public yet, Microsoft has already issued numerous patches for its preliminary version of Vista for a graphics-rendering problem. If left unresolved, this problem could force a machine to run arbitrary code that could result in the downloading and execution of malicious code. There have been several other issues regarding security that have been discovered recently, and Microsoft has advised users to run an automatic update a second time to access the additional package that is necessary.

While improvements have been made, no operating systems is completely secure Any time you introduce new software into your IT environment, there is potential that unforeseen security vulnerabilities may emerge. If this happens, you will need to address the vulnerabilities immediately. There are some things you can do now that will help strengthen the security of your IT environment should it be faced with a security issue.

Recommendations
Here are some things small and mid-size businesses can do to protect their IT environment:

Install security software: Though Vista is supposed to integrate security features into the operating system itself, it is important to note that it is not a substitute for security software. For instance, there have been numerous tests conducted using Internet Explorer 7 (IE7) on Vista, resulting in the discovery of vulnerabilities that could be exploited by hackers. Even though patches have been released, the possibility of more vulnerabilities makes it more important than ever to have security software installed, which should include firewalls and virus protection.
 

Update patches: When you install a new operating system, be on the lookout for patches and news updates about the product. And as more people use the new operating system, additional vulnerabilities may be discovered, for which the vendor will create and offer patches on their website. By staying on top of patches, you reduce the amount of time that your computers are exposed to vulnerabilities, helping to prevent security breaches and threats.
 

Implement a layered security solution: Since malicious code threats and security breaches can occur at different levels, it is important to implement a layered security solution. This means installing security software at different levels of your infrastructure — at the gateway, mail server, and desktop tiers. This can help deal with communication challenges such as IM threats, which likely bypass the mail server and company firewalls but can be dealt with at the desktop. A layered security solution can also help deal with another type of situation - if an employee disables antivirus on the desktop, for example, the protection at the gateway tier can help thwart a security breach.

Upgrade to newer versions of security software: As you upgrade to a new operating system, it may be necessary to install new versions of security software that are compatible with the new system, since your existing security software may not be compatible with the new OS. Check with your security vendor to see if your software is compatible and if you are eligible for any upgrades.
 

Conclusion A new operating system often has technological advantages, but it may also create vulnerabilities and issues that are discovered over time. However, you can still enjoy the benefits of Vista without compromising security, by ensuring you have the necessary security measures in place and taking proactive precautions and staying informed about patches and updates.

from Symantec