Windows Vista: A Cyber Security Shield

TECHNOLOGY BRIEF
®Windows Vista:
A Cyber Security
Shield
ackers are constantly exploiting users work with local administrator consent to perform the operation. security vulnerabilities and users' privileges, which allow them to perform A main benefit of the UAC feature is Hnaiveté to steal corporate and many common tasks on their own and that companies and IT departments can personal information with the intent of without the involvement of the IT provide a way for their employees to work committing fraud and other crimes. Such department. These tasks include installing on their own, yet still block damaging breaches can result in lost customers, a new program, adding a printer or some configuration changes and the installation financial loss and penalties, legal actions, other hardware device, changing the of malicious applications. problems with industry and government system time or running some applications. One caveat with UAC is that when tasks regulators and bad press. Unfortunately, this level of freedom that require local administrator privileges 1A 2007 Baseline article noted that the also allows malicious software to install need to be run, the user is prompted and average cost per security breach is on the itself. UAC offers a level of protection asked if this step is okay. Some users might rise, and the two main security concerns against such threats. simply answer yes to a screen prompt and in most organizations are "spyware and With UAC, users run in standard unintentionally install bad software. employees' ignorance of security." mode, rather than in local administrator To address this issue and further Fortunately, Windows Vista® mode. From a practical standpoint, this protect against the impact of malicious incorporates a number of new and allows users to perform tasks required for software, Windows Vista includes enhanced security features that address day-to-day business. For instance, users Windows Defender, a real-time spyware both concerns. would be able to install a printer, set up monitor embedded within the operating One of the main benefits found in and configure a virtual private network system. Windows Defender, which works Windows Vista is the User Account connection and download and install with Internet Explorer 7, is designed Control (UAC) feature, which brings application updates. However, when to scan, block and remove unwanted added security by helping to reduce the users start to perform a task that requires software. In particular, it scans downloaded chances of a user making a change that administrative privileges, such as installing files before they are saved and executed, to might expose a computer to risks. a new application, they are prompted to help reduce the chance that spyware Underprevious versions of Windows, most authenticate themselves and give explicit might be installed accidentally.
Trademarks and trade names may be used in this brochure to refer to either the entities claiming the marks and names or their products. November 2007TECHNOLOGY BRIEF
Preventing Users from To help users avoid being fooled by Dell offers a Windows Vista Readiness Being Hooked these targeted attacks, Windows Vista Assessment that helps you determine where Such features are increasingly important includes the Microsoft Phishing Filter in you stand on hardware, software, end-user, today as phishing attacks increase. A 2007 Windows Internet Explorer 7. The filter organizational and infrastructure readiness. 2eWEEK article reported that phishing is combines a client component that scans Once an assessment is completed, Dell on the rise. Perhaps most troubling, the Web sites for suspicious characteristics will recommend a course of action to get article noted that hackers are using more with an online service that tags known the migration under way. aggressive techniques and phishing phishing sites. If a user tries to visit a In many cases, IT staffs do not have toolkits are making it easier for hackers known site, Internet Explorer 7 indicates the time to spend on many of the chores to develop more sophisticated attacks. that there is a threat and automatically associated with the planning and One technique that hackers use today redirects the user to a warning page. implementation stages of a Windows is to send an e-mail spam message with Also new in ... [download for more]