The theme here is “Improving Security and Reliability” while a good sign that security as a business concern fell to seventh place this year from second last year, does not mean that security is no longer an issue according to Gartner; rather maintaining secure systems was just expected. Microsoft’s approach to that end is building upon Windows XP Service Pack2 (SP2) and later in 06, or early 07 Release 3 with new security features, all being poured into Vista. This posting will be a first in a series of blog postings highlighting Microsoft’s Vista Security Road Map 06’ and the Emerging Companies that support those initiatives – i.e. Vista functionality.
First things first; a new way to secure Windows Operating System startup. This feature eliminates the worry about when the operating system (OS) could be compromised at time of startup. Some security attacks happen during the operating bootup cycle where malware tampers with the OS before it loads network drivers. The new Vista OS feature will incorporate Trusted Processing Module (TPM) an on-board chip that stores keys, passwords and digital certificates. By encrypting the data on the disk it eliminates the probability of code injection during boot cycles.
Many of my Security Emerging Business Companies ask me if the new Windows File System (WFS) or WinFx will be included with encryption. It’s a bit too early to tell but from monitoring the Vista BetaOne Ascend correspondence it’ll probably be officially released late 06 or early 07.
This of course is a great feature, but what if your company’s laptops contain sensitive data that you would like to encrypt today on older versions of the Windows OS. ORBO has a great product RedSphere for Laptops that upon installation the local encryption agent will encrypt all data files contained on the computer’s hard drive. In addition to encryption, they have an interesting Access Control Manager comes with a choice of authentication modules and can be used as additional access security for devices using leading edge cognometric authentication, password shields or eTokens.
What is Cognometric Authentication using passfaces? Users start by getting to know a group of faces – their Passfaces – which are assigned by the system at random from a large library of anonymous faces. You remember the faces out of the crow and use them to gain access to the system in lieu of passwords. When I tried this, I thought I would never be able to remember to pick “one” of my five faces out of a line up of twenty, and repeat five times. Surprisingly, I got it right first try – check out the on-line demo, it’s fun!
This concludes the first post in a series.