I’ve downloaded (but not yet installed) the Windows 7 release candidate, and I’ve been perusing the security features they’ve added to the OS. Two things that have caught my eye are the new BitLocker to Go feature and AppLocker.

BitLocker to Go adds the capability to encrypt a USB disk drive through the BitLocker interface, which will protect any sensitive data stored on the drive from falling into the wrong hands. (Of course, the data protection is only as strong as the password you use, so remember not to make it something easily figured out by someone who nabs your device.) Data loss via portable devices has always been problematic – this is a pretty common sense way to at least mitigate that.  Read more about BitLocker to Go here: http://www.neowin.net/news/main/09/01/11/windows-7-bitlocker-to-go–biometric-improvements-overview .

AppLocker is a new feature in Windows 7 for the enterprise that allows central management of which applications are allowed to run on domain machines. Microsoft summarizes AppLocker as “a flexible, easy-to-use mechanism that enables IT professionals to specify exactly what is allowed to run on user desktops.” (http://www.microsoft.com/windows/enterprise/products/applocker.aspx). A more in-depth look at AppLocker on the Windows security blog indicates that: “AppLocker works by intercepting kernel calls that try to create new processes or load libraries and making sure that the code in question has been allowed to execute.” (http://windowsteamblog.com/blogs/windowssecurity/archive/2009/04/20/windows-7-security-helping-enable-the-mobile-workforce.aspx).  This seems to be based on defining rule sets, although I’m not sure what the nature of these rule sets is because I haven’t had a chance to toy with it yet.

In addition to helping lock down a desktop from users installing things intentionally, AppLocker also seems to be a good way to keep malware from being installed via drive-by downloads or other nefarious means. What I’ve read so far seems to be centered around enterprise management and group policy, so I hope that AppLocker can also be configured easily on my lone desktop at home.

Each Thursday, Security Musings features a security-related technology or tool. Featured items do not imply a recommendation by Gemini Security Solutions. For more information about how Gemini Security Solutions can help you solve your security issues, contact us!

This entry was posted on Thursday, May 7th, 2009 at 3:09 pm by Walt Turnes and is filed under Technology & Tool Thursday. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.