Saturday, July 2, 2011

Using Windows 7 Part 1

Windows 7 has had some fine tweaks made to it. There were many complaints about what Vista was and Microsoft heard and delivered. The real question is. Now that you have the features you asked for why are you not using them? An edition of Windows 7 is not just another version of Windows XP or Vista. It is in a category all by itself. Security is my area of expertise but the functionality that Windows 7 brings to the table is not seen implemented hardly or even at all. Company A has migrated from Windows XP Professional to Windows 7 Professional. Their main achievement for the upgrade was to reduce cost and potentially gain a return on investment by increasing user productivity and enabling features like AppLocker and Branch Cache. Also, keeping in mind that these features are only available in the versions of Windows 7 Ultimate and Enterprise.
Bit Locker functionality and Direct Access has been thrown out of the window because of this upgrade path. There is an old saying, “If you do not know where you are going. Any road will take you there.” Now Company A has upgraded to Windows 7 along the wrong path for their needs. Mobile users are present and need software updates as well as any new policy that the company has deployed. So far this is a debacle. Company A is now in the same position as they were before the upgrade. Huge downloadable files are still coming over the WAN, mobile users are not protected as Bit Locker is not enabled, Direct Access cannot be used as it is not supported in Windows 7 Professional (at the time of this article being written).  

Now Company A has to reinvest finances to upgrade to Ultimate or Enterprise. In this case scenario I do not see the Return on Invest. How will this upgrade path support the company within 3-4 years?
These features are the very foundation for moving to Windows 7 in the first place. There is a greater ease in deployment. Better manageability using tools like RSAT federation searches, credential manager, and recovery from a failed system. Even the option to use AppLocker, even though most users hate it has been removed from your list of options.

Well you might say our company has saved on power a little and because Windows 7 does a great job of maintaining itself there are fewer helpdesk cost. Let’s look at the bigger picture. Company A is still spending money over the WAN. Computers are still not protected from known threats. The risk of company data being easily stolen is present with no PKI or Bit Locker encryption. Windows 7 coupled together with Windows Server 2008 R2 is a match made from heaven. Using roles such as AD CS, WSUS, NAP, and DFS. You pretty much have an infrastructure that will let you know when something is broken and wrong before the user gives the Help Desk a call.

You asked for it now you have it. Windows 7 brings to the table what we have been asking for, for a long time. The real question is when will you start taking advantage of this cost saving software? My advice is to follow the six P’s. Prior, Proper, Planning Prevents, Poor, Performance. Take your time and plan out your Windows 7 infrastructure for the future knowing that you can take advantage of using all of the features with one upgrade. Spend money once and your CFO will be a very happy person.

Adnan Cartwright
CEO Integrity Solutions Inc