The invitations to the ball have arrived!

October 25th is going to be busy one for Microsoft watchers, fans, and foes. 

Drip, drip, drip

The Redmondians are continuing to torture us Microsoft watchers with a slow flow of information about the company’s bet-its-business launch.

We already knew Microsoft planned to launch Windows 8 and its ARM-based Surface RT devices in New York City on October 25, thanks to a save-the-date invitation we got a while back. We knew those products would become available commercially the following day, and we found out this week that Microsoft would be opening 30-plus holiday pop-up stores in the U.S. and Canada on October 26 as well.

As of October 4, we now know that the launch is going to be a lengthy affair — from 10 a.m. to 3 p.m. ET.

Here’s what I just got in my in-box:

Will there also be, as some are reporting, some kind of “midnight madness” event here in New York to coincide with Windows 8 and Windows RT PCs, tablets — and Microsoft’s own Surface RTs — going on sale as of October 26? No word on that yet. (I asked.) But I’d be surprised if there wasn’t. Microsoft officials have said its Surface tablet devices will be sold only through its own brick-and-mortar stores, as well as “select” Microsoft online stores. Those without a Microsoft Store nearby will only be able to purchase online, unless Microsoft modifies its previously stated plan.

Microsoft still has not released pricing or a full and complete spec list for its Surface RT tablets/PCs. It has not yet made them available for preorder. The Intel-based Surface Pro versions are not due out until three months, give or take, after the Windows RT launch.

If you’ll be in/around New York City on October 25 and 26, stay tuned for information about a meetup/tweetup that a few of us Microsoft bloggers, including my Windows Weekly cohost and Windows SuperSite editor, Paul Thurrott, are planning. More details on that to come soon via Twitter. Hope you can join us.

To View Full Article Click Here

10 Compelling Reasons to Upgrade to Windows Server 2012

Takeaway: Windows Server 2012 is generating a significant buzz among IT pros. Deb Shinder highlights several notable enhancements and new capabilities.

We’ve had a chance to play around a bit with the release preview of Windows Server 2012. Some have been put off by the interface-formerly-known-as-Metro, but with more emphasis on Server Core and the Minimal Server Interface, the UI is unlikely to be a “make it or break it” issue for most of those who are deciding whether to upgrade. More important are the big changes and new capabilities that make Server 2012 better able to handle your network’s workloads and needs. That’s what has many IT pros excited.

Here are 10 reasons to give serious consideration to upgrading to Windows Server 2012 sooner rather than later.

1: Freedom of interface choice

A Server Core installation provides security and performance advantages, but in the past, you had to make a commitment: If you installed Server Core, you were stuck in the “dark place” with only the command line as your interface. Windows Server 2012 changes all that. Now we have choices.

The truth that Microsoft realized is that the command line is great for some tasks and the graphical interface is preferable for others. Server 2012 makes the graphic user interface a “feature” — one that can be turned on and off at will. You do it through the Remove Roles Or Features option in Server Manager.

2: Server Manager

Speaking of Server Manager (Figure A), even many of those who dislike the new tile-based interface overall have admitted that the design’s implementation in the new Server Manager is excellent.

One of the nicest things about the new Server Manager is the multi-server capabilities, which makes it easy to deploy roles and features remotely to physical and virtual servers. It’s easy to create a server group — a collection of servers that can be managed together. The remote administration improvements let you provision servers without having to make an RDP connection.

3: SMB 3.0

The Server Message Block (SMB) protocol has been significantly improved in Windows Server 2012 and Windows 8. The new version of SMB supports new file server features, such as SMB transparent failover , SMB Scale Out, SMB Multichannel, SMB Direct, SMB encryption, VSS for SMB file sharing, SMB directory leasing, and SMB PowerShell. That’s a lot of bang for the buck. It works beautifully with Hyper-V, so that VHD files and virtual machine configuration files can be hosted on SMB 3.0 shares. A SQL system database can be stored on an SMB share, as well, with improvements to performance. For more details about what’s new in SMB 3.0, see this blog post.

4: Dynamic Access Control (DAC)

Even though some say Microsoft has shifted the focus away from security in recent years, it would be more accurate to say it has shifted the focus from separate security products to a more “baked in” approach of integrating security into every part of the operating system.

Dynamic Access Control is one such example, helping IT pros create more centralized security models for access to network resources by tagging sensitive data both manually and automatically, based on factors such as the file content or the creator. Then claims based access controls can be applied. Read more about DAC in my “First Look” article over on Windowsecurity.com.

5: Storage Spaces

Storage is a hot — and complex — topic in the IT world these days. Despite the idea that we’re all going to be storing everything in the public cloud one day, that day is a long way off (and for many organizations concerned about security and reliability, it may never happen). There are myriad solutions for storing data on your network in a way that provides better utilization of storage resources, centralized management, and better scalability, along with security and reliability. Storage area networks (SANs) and network attached storage (NAS) do that, but they can be expensive and difficult to set up.

Storage Spaces is a new feature in Server 2012 that lets you use inexpensive hard drives to create a storage pool, which can then be divided into spaces that are used like physical disks. They can include hot standby drives and use redundancy methods such as 2- or 3-way mirroring or parity. You can add new disks any time, and a space can be larger than the physical capacity of the pool. When you add new drives, the space automatically uses the extra capacity. Read more about Storage Spaces in this MSDN blog post.

6: Hyper-V Replica

Virtualization is the name of the game in the server world these days, and Hyper-V is Microsoft’s answer to VMware. Although the latter had a big head start, Microsoft’s virtualization platform has been working hard at catching up, and many IT pros now believe it has surpassed its rival in many key areas. With each iteration, the Windows hypervisor gets a little better, and Hyper-V in Windows Server 2012 brings a number of new features to the table. One of the most interesting is Hyper-V Replica.

This is a replication mechanism that will be a disaster recovery godsend to SMBs that may not be able to deploy complex and costly replication solutions. It logs changes to the disks in a VM and uses compression to save on bandwidth, replicating from a primary server to a replica server. You can store multiple snapshots of a VM on the replica server and then select the one you want to use. It works with both standalone hosts and clusters in any combination (standalone to standalone, cluster to cluster, standalone to cluster or cluster to standalone). To find out more about Hyper-V replica, see this TechNet article.

7: Improvements to VDI

Windows Terminal Services has come a long way, baby, since I first met it in Windows NT TS Edition. Renamed Remote Desktop Services, it has expanded to encompass much more than the ability to RDP into the desktop of a remote machine. Microsoft offered a centralized Virtual Desktop Infrastructure (VDI) solution in Windows Server 2008 R2, but it was still a little rough around the edges. Significant improvements have been made in Server 2012.

You no longer need a dedicated GPU graphics card in the server to use RemoteFX, which vastly improves the quality of graphics over RDP. Instead, you can use a virtualized GPU on standard server hardware. USB over RDP is much better, and the Fair Share feature can manage how CPU, memory, disk space, and bandwidth are allocated among users to thwart bandwidth hogs. Read more about Server 2012 VDI and RDP improvements here.

8: DirectAccess without the hassle factor

DirectAccess was designed to be Microsoft’s “VPN replacement,” a way to create a secure connection from client to corporate network without the performance drain and with a more transparent user experience than a traditional VPN. Not only do users not have to deal with making the VPN work, but administrators get more control over the machines, with the ability to manage them even before users log in. You apply group policy using the same tools you use to manage computers physically located on the corporate network.

So why hasn’t everyone been using DirectAccess with Server 2008 R2 instead of VPNs? One big obstacle was the dependency on IPv6. Plus, it couldn’t be virtualized. Those obstacles are gone now. In Windows Server 2012, DirectAccess works with IPv4 without having to fool with conversion technologies, and the server running DirectAccess at the network edge can now be a Hyper-V virtual machine. The Server 2012 version of DA is also easier to configure, thanks to the new wizard.

9: ReFS

Despite the many advantages NTFS offers over early FAT file systems, it’s been around since 1993, and Windows aficionados have been longing for a new file system for quite some time. Way back in 2004, we were eagerly looking forward to WinFS, but Vista disappointed us by not including it. Likewise, there was speculation early on that a new file system would be introduced with Windows 7, but it didn’t happen.

Windows Server 2012 brings us our long-awaited new file system, ReFS or the Resilient File System. It supports many of the same features as NTFS, although it leaves behind some others, perhaps most notably file compression, EFS, and disk quotas. In return, ReFS gives us data verification and auto correction, and it’s designed to work with Storage Spaces to create shrinkable/expandable logical storage pools. The new file system is all about maximum scalability, supporting up to 16 exabytes in practice. (This is the theoretical maximum in the NTFS specifications, but in the real world, it’s limited to 16 terabytes.) ReFS supports a theoretical limit of 256 zetabytes (more than 270 billion terabytes). That allows for a lot of scaling.

10: Simplified Licensing

Anyone who has worked with server licenses might say the very term “simplified licensing” is an oxymoron. But Microsoft really has listened to customers who are confused and frustrated by the complexity involved in finding the right edition and figuring out what it’s really going to cost. Windows Server 2012 is offered in only four editions: Datacenter, Standard, Essentials, and Foundation. The first two are licensed per-processor plus CAL, and the latter two (for small businesses) are licensed per-server with limits on the number of user accounts (15 for Foundation and 25 for Essentials).

To View Full Article Click Here

10 Windows 8 Keyboard Shortcuts You Need to Remember! 

Takeaway: There are 100+ keyboard shortcuts available for Microsoft Windows 8, but there are several you’ll want to remember because you’ll use them often.

In April 2012, Greg Shultz created a free cheat sheet of 100 Windows 8 keyboard shortcuts. That download contained just about every keyboard shortcut you could imagine. Those shortcuts are still valid of course, but if you are like me you can only remember a few Windows 8 shortcuts at a time, so you want to remember the ones that will be most useful.

So, while I highly recommend that you take advantage of the free PDF download listing of 100 Windows 8 keyboard shortcuts, I also recommend that you commit the following 10 Windows 8 keyboard shortcuts to memory, because you are going to need to access these features often and, for efficiency’s sake, it’s best to have them at the ready.

Windows 8 Specific Keyboard Shortcuts

Keystroke	Function
	Switch between Metro Start screen and the last accessed application
+ C	Access the charms bar
+ Tab	Access the Metro Taskbar
+ I	Access the Settings charm
+ K	Access the Devices charm
+ Q	Access the Apps Search screen
+ F	Access the Files Search screen
+ W	Access the Settings Search screen
+ X	Access the Windows Tools Menu
+ E	Open Computer

To View Full Article Click Here

The latter half of 2012 should see some exciting developments in tech including a new iPhone,Windows Phone 8 smartphones, Microsoft’s Windows 8-powered Surface, Android 4.1 devices, and tablets, lots and lots of tablets.

Apple is expected to introduce a smaller iPad before December, Amazon may roll out its follow-up to the original Kindle Fire, and Samsung may be one of the first companies to get on board with Windows RT.

Here’s a look at some of the hottest tablet speculation that we may see turn into actual products before the holidays.

iPad Mini

Apple may be getting ready to stop competitors from invading the iPad’s turf with a low-priced 7-inch iPad to take on Amazon’s Kindle Fire and Google’s Nexus 7. Bloomberg recently reported that Apple was prepping a 7-inch tablet that would launch in October for $200. On Sunday the The New York Times reported a similar story to the news wire, but added the new iPad Mini will have a 7.85-inch screen.

The Kindle Fire and Google’s Nexus 7 are seeing some success against the iPad by not taking on the iPad. The two companies sell $200 tablets designed largely for content consumption instead of trying to offer an iPad-like device that can replace your laptop in a pinch.

The Fire and Nexus 7 each operate by providing deep hooks into each company’s content stores to make it easy for people to buy more movies, TV shows, apps, and games. The strategy of focusing on content consumption appeared to work for Amazon, and critics are already saying good things about Google’s Nexus 7.

Kindle Fire 2

Amazon announced the original Kindle Fire in September 2011 and, as we close in on the tablet’s one year anniversary, thoughts turn to what Amazon may have planned as a follow-up to this tablet.

A May Reuters report in May claimed the next Kindle Fire will offer an 8.9-inch display. Earlier in July, an analyst for NPD DisplaySearch told CNET that Amazon was prepping three versions of the Kindle Fire 2, including a 7-inch tablet with a screen with 1280-pixel-by-800-pixel resolution, a camera, and a 4G option.

The current Kindle Fire features a 7-inch display with a resolution of 1024 pixels by 600 pixels.

Kindle FirePad

The Times’ Sunday report about the mini iPad also claimed that Amazon is prepping a bigger version of the Fire to take on Apple’s tablet. There are no details about screen size or functionality, so it’s not clear what the purported device would be like or if it would actually be designed to take on the iPad.

More likely–at least in my view–is that Amazon would prep a larger version of the Kindle Fire that is better adapted to consuming visual content such as movies and gaming. But to keep the price low, Amazon would offer fewer hardware features than Apple’s tablet such as GPS, Bluetooth, and front- and rear-facing cameras.

Rumblings about a bigger Kindle Fire have been circulating for some time. The latest report before the Times claim was from BGR in June saying the new Amazon device would have a 10-inch display and quad-core processor.

Samsung RT

Samsung will have one of the first tablets out of the gate loaded with Windows RT, the version of Microsoft Windows 8 designed for ARM processors, according to Bloomberg.

The device will purportedly feature a Qualcomm Snapdragon processor, but no other device details are known. Samsung’s Windows RT tablet should debut in October when Windows 8 is set for a public launch.

Beyond the Rumors

We already know that Microsoft will roll out its Surface tablets later in 2012 and into 2013, and Acer in June said it plans to launch a Windows RT tablet in early 2013. As we get closer to the Windows 8 launch in October, more details should be announced about the upcoming crop of Windows 8-powered tablets.

To View Full Article Click Here

Windows 8 Release-Oct. 26!

We were told earlier this month that Microsoft had pinned down the launch of Microsoft Windows 8 to some time in late October. It was nice to finally get some confirmation about the release, but we still didn’t have an exact date – now we do.

Steven Sinofsky, President of the Windows Division at Microsoft, just announced during the company’s annual sales meeting that Windows 8 would be shipping on October 26. On that date, you’ll be able to upgrade to it, buy a physical copy in store or buy a new PC with the operating system on it. Microsoft’s Windows RT Surface tablet is also expected to launch around that time with the Windows 8 Pro version coming sometime after.

As most Windows users who are upgrading probably already have Microsoft Windows 7, you will want to take advantage of Microsoft’s insane upgrade program. For only $40, users with Windows XP or later can upgrade to Windows 8 through digital download. Those who want a physical copy can pick one up for $70. The special pricing will be available through January 31, 2013.

Windows 8 is Microsoft’s chance to prove that they still got it. Many people believe that this is their last chance before Apple gobbles them up and spits them out with Mac OS X and iOS. Microsoft Windows 8 is definitely something unique only to Microsoft as it’s the first operating system to share the same core across all devices whereas Apple requires separate operating systems for mobile and desktop.

We’ll find out on October 26 if Microsoft’s bet on the future plays out. The Metro interface was designed for portable devices, which Apple already has a strong foothold in. The hype surrounding the recently announced Surface tablet could help catapult Windows 8 to the notoriety it needs to succeed.

As I’ve said many times, I barely have any use for the new iPad. Most technologists I know feel the same way about tablets. However, most of us understand that we’re an anomaly. For tens of millions of people, using a tablet like the iPad is infinitely easier and less frustrating that dealing with a Windows laptop. That’s why tablets are eating the bottom out of the PC market, and the trend is accelerating.

Microsoft knows this. It also knows that an alarming number of companies are allowing their employees to use iPads and some are even running trials to hand out the new iPads to lots of highly mobile employees. What’s even worse for Microsoft is that most of these employees are loving it and are gladly chucking their Windows laptops aside.

While a lot of these employees will still periodically use Windows machines for some of their work, they’re using them less frequently and that means slower PC upgrades and less urgency to jump to Microsoft Windows 8. We’re still only talking about a fraction of the market — iPad will sell 60 million units in 2012 versus 400 million PCs, according to Gartner. Nevertheless, it has Microsoft freaked out because it’s been just a little over two years since the iPad debuted.

That’s a lot of disruption in a short period of time.

Of course, that brings us to the announcement of the Microsoft Surface tablet this week. Microsoft turned a lot of heads by revealing that it is going to build its own line of Microsoft Windows 8 tablet devices, à la Zune and Xbox. The hardware design for the Surface that Microsoft showed off on Monday was impressive enough to pique the interest of the tech press and the public.

The tablet itself looks a lot like the new iPad and many of the high-end Android tablets, but there were a pair of features that stood out. The first was a sturdy built-in kickstand that stealthily pops out from the back of the tablet. The second is the magnetic cover that doubles as a keyboard and touchpad. When you put these two features together you suddenly have a tablet that easily doubles as a laptop. That eliminates the need for someone to have two devices.

Sure, the hardware of the Microsoft Surface Tablet echoes the iPad. But, Microsoft did use a special magnesium body that makes it light, thin, and durable. Sure, the cover of the Surface is a copy of the iPad’s Smart Cover, but Microsoft did innovate by adding a keyboard on the inside.

There’s plenty about the Microsoft Surface Tablet that screams, “iPad knockoff!” and the failure of Android tablets and the tablet debacles at RIM and HP show that trying to build an iPad competitor for the enterprise can be a brutal business.

Still, the Microsoft Surface Tablet has something going for it that the BlackBerry PlayBook, HP TouchPad, and the parade of Android tablets don’t — it’s going to automatically drop into the Windows networks that most Fortune 500 companies as well as a lot of small and medium businesses already have in place. That’s going to mean a lot fewer worries about compatibility, security, and data protection. In other words, it means a lot less work for IT on the backend and a smoother transition for many users

That doesn’t mean the Microsoft Surface Tablet is a slam dunk. There is still a big question about whether users are going to find the Windows 8 interface as easy to use as the new iPad. And, will spyware and malware become a big problem on the Surface since it’s running the full version of Windows? Above all, how much is it going to cost? The Pro version of the Microsoft Surface Tablet that most businesses are going to want is expected to cost about the same price as an Ultrabook — in the $800-$1000 range.

Ultimately, if you want to think of the Microsoft Surface Tablet as an iPad knockoff with a few key innovations and additions that make it a legitimate option for businesses, that’s fine. A lot of companies will be happy to pay a premium for an iPad look-alike that automatically fits into their current networks and is guaranteed to work with their existing applications.

To View Full Article Click Here

“It embodies hardware and software working together. People want to work and play,” Steve Ballmer said today amid much fanfare at Milk Studios in downtown Los Angeles. Microsoft has officially entered the ring with the Apple IPad. Microsoft views the Windows 8 Surface Tablet  as a “stage for Windows 8.” It’s 9.3mm thin, has full size USB 2.0 ports, a massive kickstand and weighs only 1.5 lbs. The casing is made out of magnesium (specifically, a material Microsoft calls VaporMg) and screen is covered in the Gorilla Glass 2 and optically bonded, a feature for the Microsoft Windows 8 Surface Tablet brags was specifically made for the Surface Tablet. The Microsoft Windows 8 Surface Tablet is directly aimed at consumers, and with that, the iPad.

Windows 8 is at the core of  Microsoft’s Surface Tablet. As such, it’s Metro device but also has access to all the Windows, not to mention Xbox features. Microsoft Surface Tablet is clearly the product Microsoft had in mind when it announced the Xbox SmartGlass feature at E3 earlier in the month.

Microsoft also announced several accessories for the Microsoft Surface Tablet including a clever 3mm thick cover that features a full (albeit super-slim) keyboard. Since it’s held on by magnets, it will likely be called a copy of the iPad’s SmartCover, too. The backside of the Surface even features a massive, unit-wide kickstand.

There will be two hardware options for Microsoft’s Surface Tablet, with both an ARM option and, for the full Windows experience, an Intel chip.

But like most hardware, it’s nothing without the right software. Ballmer was very clear at the beginning of the announcement event that the Microsoft Surface Tablet’s strength is the Windows ecosystem. This tablet runs Windows 8, and with that, both Metro and the traditional desktop environment. Every application that runs on Windows, save perhaps Skyrim and the like, should run on a x86 Surface.

Still, if Microsoft is attempting to take on Apple, it will need to court a new crop of developers. The iPad’s strength comes from its legions of small 3rd party devs that for the most part completely ignore all things Microsoft. Up until this product, there wasn’t another tablet platform with the same sort of penetration numbers as the iPad. But with the Surface Tablet, Microsoft is essentially giving developers a massive user base as the applications will hit both mobile and desktop units — and Metro’s dedication to the touchscreen makes the deal even sweeter.

The new Windows RT-powered Surface Tablet will sport either 32 or 64GB of storage depending on the purchaser’s preference, while the more traditional Intel variant will come with either 64 or 128GB. Microsoft declined to dive into specifics about their new tablet’s release, though they were quick to note that the Surface tablets would be priced “competitively” when they make it to market.

To View Full Article Click Here

With the introduction of Windows 7, many PC and notebook users may feel more secure than they did using older versions of the Microsoft operating system. Newer OSs have more security features, offer better out-of-the-box security settings and have closed many of the historical security holes. Windows 7, for example, has changed the default User Account Control level so that it’s harder for rogue programs to run without first explicitly gaining the user’s permission.

[Also read 3 steps to protect your personal data]

However, feeling too secure can be dangerous. With that in mind, here are 10 tips–commandments, if you will–for ensuring your desktop or notebook computer can be used productively as well as safely. Many of the recommended tools are free, and all are affordable–and certainly less expensive than the potential problems of an unsecured computer. Similarly, many will take you only a minute or two to perform–again, far less time than you’d spend recovering from a security problem.

Yes, Windows 8 is on the way; it’ll be many years before that version runs on a majority of the installed base. So these tips are focused at the computers you are actually using today–especially Windows 7 computers, though most of the advice also applies to Windows Vista or XP machines.

1st commandment: Start with new hardware

Today’s new hardware–motherboards, BIOS, CPUs, hard drives, and the system as a whole–includes more security “baked in,” even before the operating system is installed. Examples include Trusted Platform Modules (TPM), which embed cryptographic security directly into the hard drive or other component, Unified Extensible Hardware Interface (UEFI) firmware instead of the traditional BIOS, and Intel’s vPro security and management technologies. For example, machines with UEFI and TPM will, as part of each boot-up, check the computer’s firmware and boot-up binaries to confirm they have not been infected with malware.

If you are working with an existing machine, consider doing a fresh install of the operating system, after completing one (or several) full backup. Ideally, the operating system would be the newest version rather than what was previously installed. (Products like LapLink’s PC-Mover can reduce the effort of saving and migrating settings and even application software–although applications should be freshly installed if possible, as well.)

Even if you’re working with an existing machine, consider swapping in new hard drives that include built-in encryption. Drives that support the OPAL Storage Specification standard enable companies to manage encrypted drives from multiple vendors–and have also helped reduce the extra cost for an encrypted drive from $100 to nearly zero. After-market drives often include migration tools to speed and simplify a drive swap.

If a self-encrypted drive isn’t an option, look at using full-disk encryption software, such as Windows’ BitLocker (available only on Enterprise or Ultimate Windows Vista, 7 or 8 ) or a third-party tool.

2nd commandment: Use current OS versions and automatically get OS and application updates

If you aren’t using the most current commercial version of the operating system, it’s time to upgrade. Additionally, make sure you set the software to automatically apply updates (not just the OS, but all applications) and periodically turn off the computer, which is when many updates are auto-applied. An appalling number of security breaches occur because applications lack important security fixes that have been available for a year or more.

The computer vendor may also include helpful update tools. For example, Lenovo includes an update process that is designed to show all BIOS and driver updates available for that particular model. You can also manually start the update-check apps process. This may take several cycles, particularly for the first time around, if some updates require other updates.

“Third-party software is usually the vector that security intrusions come through, not the operating system,” says Ed Bott, a Windows expert and ZDNet blogger. Flash, Adobe Reader and Java are three of the biggest targets, Bott says. While many programs include their own automatic update checker, Bott urges using a tool like Ninite orSecunia Personal Software Inspector, which automate update checking for all the applications on your computer.

3rd commandment: Use Windows’ new security tools (and/or third party software)

Windows 7 includes a number of security controls and tools through its Actions Center (which replaces the Security Center), and other tools are available via the Control Panel, including:

• Windows Firewall: With its basic settings, this wards off basic attacks, and you can use its advanced settings for more specific control. There are also third-party firewall programs available.
• Microsoft’s Microsoft Security Essentials and Windows Defender. These tools secure your computer against viruses, spyware
  and other malware.

Obviously another option is to invest in third-party security software, like individual anti-virus, anti-spam and other programs, or a security suite, such as Symantec’s.

4th commandment: Set up (or remove) user accounts

Historically in Windows, the default account had administrator privileges–meaning that programs capable of taking unwanted insecure actions wouldn’t have to first ask the user if they could run. Starting with Vista, Microsoft added User Account Control (UAC), which asked non-administrator users for permission to run certain programs or actions. With Windows 7, UAC still protects systems but less intrusively.

Even so, managing which user accounts are–and aren’t–available contributes to security in the following ways:

• Establishes non-administrative user account(s) for each user.
• Disables or removes user accounts that aren’t used or shouldn’t be there.
• Disables the “guest” account, unless it’s needed. If it is needed, a password should be required for elevating privileges, to prevent unauthorized changes to the system.

Consider renaming the administrator account so that it’s not obvious to an intruder. Since this account can’t be “locked out,” password attacks can be performed indefinitely; changing the name makes the account less of a target.

5th commandment: Set passwords

Set the main Windows password, as well as the Power/Time to lock the system, with a screen saver, and require a password to resume activity.

Also, depending on the sensitivity of information on your system (did someone say “online banking”?), consider password alternatives, such as:

• Smartcard reader (contact or contactless)
• Biometric facial recognition
• RSA software and external token
• Password “gesture” (e.g., Android tablets)

Another option is two-factor authentication, such as requiring both a fingerprint and a password.

6th commandment: Add/activate anti-theft tools

Invest in, install and activate anti-theft tools that can either lock the system; conduct an IP trace; report, take and send pictures; and even wipe the computer when a lost or stolen computer reconnects to the Internet. An example is Absolute Software’s Lojack for Laptops.

Vendors like Lenovo are embedding Absolute’s CompuTrace Agent into the BIOS, so even if somebody erases or replaces the hard drive, the agent is automatically re-installed.

Computers that include Intel Anti-Theft technology in their hardware let you add additional security services, such as automatically locking the main board until it receives the “unlock” password, lock or wipe if a machine goes too long without connecting to the Internet or if a user fails the login process too many times. Intel Anti-Theft is typically part of third-party security products like CompuTrace, adding perhaps $3/year, and as the anti-theft option on WinMagic’s full disk encryption product.

7th commandment: Turn off sharing and other unneeded services

Windows allows you to share resources that are on your computer, like file-sharing (Shared Folders) and print sharing. Your computer’s Internet connection management utility (Windows includes one, but many systems have their own) lets you define each network as either Public, Home or Work. If you mis-set a connection, your Shared Folders will be visible to other computers on the network.

Suggested Desktop Security Reading

• Windows 7: Explore New and Improved Security Features (Microsoft)
• Security checklist for Windows 7 (Microsoft)
• “Enhancing Endpoint Security for Windows Desktops,” Derek Melber, President and CTO of BrainCore.Net
• Best Practices: Windows Desktop, IT Security for the University of Missouri

If you are behind a firewall, when your computer’s Internet connection manager tool asks you what kind of location/connect it is, you can call it either a Home or Work network, Bott says. But specify Public network if you are connecting directly to the Internet (e.g., at home or in the office), if you don’t have a hardware router but instead are directly connected to the cable modem, or if you are connecting to a public network like a Wi-Fi hotspot or a hotel or conference Ethernet. This will ensure that no local sharing is allowed.

In general, disable any services and remove programs you don’t need. For example, if you’re sure your applications won’t need it, you may want to uninstall Java. If your machine has Internet Information Services (IIS) running but doesn’t need it, disable that, as well.

8th commandment: Secure your Web browser and other applications

Web browsers access Web sites that neither you nor your company control (and these sites, in turn, may have ads or link to other content that they don’t control). Any of these may try to inject malware onto your computer.

[Also read 10 ways to secure browsing in the enterprise]

Today’s browsers include more security, like “private browsing” session modes that prevent any personal information from being stored, or don’t save cookies or history for a session. However, this may interfere with productivity.

Check each browser’s security options and select the ones that look useful, like Firefox’s “Warn me when sites try to install add-ons” and “Block reported attack sites.”

Set Microsoft Internet Explorer to have the highest security setting you can tolerate (since higher security often means you have to click more often), suggests Tom Henderson, Managing Director of ExtremeLabs.com, an Indianapolis, Indiana technology testing lab.

Additionally, look for browser “extensions” and add-ons that increase your browser’s security, in a more per-tab, per-site or per-tab-session way. For example, the popular NoScript Firefox add-on allows JavaScript, Java, Flash and other plug-ins to be executed only by trusted Web sites of your choice.

PDF readers may also be vulnerable to JavaScript attacks within the documents they’re rendering. Make sure your PDF reader is secure; consider disabling JavaScript within it.

9th commandment: Rope in Autorun

AutoRun is a major threat vector for viruses and other malware in Windows XP and Windows Vista. [Editor’s note: Simson Garfinkel called Autorun an “OS design flaw” all the way back in 2006.] With this function, the operating systems automatically begins executing a program when it sees an autorun.inf file in the root directory of a new drive, such as a network drive, a CD or a flash drive. So, if you haven’t yet moved to Windows 7, make sure you’ve got all the security updates for the OS version you are running. (See MS Security Advisory: Update for Windows Autorun.

With Windows 7, all the security settings are “No Autorun.” When you attach external media like CDs, DVDs, SD cards and USB flash drives, they will give you a dialog box offering to run a program, but by default, nothing happens automatically.

10th commandment: Consider application whitelisting and other controls “Whitelisting” refers to a list of everything you allow on your computer, including e-mail addresses your mail program can accept, Web sites your browser is allowed to connect to and applications the operating system is allowed to run. Whitelisting may not be a match for e-mail or Web browsing, but for preventing unwanted applications from running–such as malware or zero-day attacks–it may be a good additional tool.

Windows 7 includes AppLocker, a whitelisting utility, or you can buy third-party white-listing products for either individual computers or groups of networked computers. For home users, Windows 7 has fairly robust parental controls that can restrict access by time-of-day or by site, and log Web access, Bott says.

Conclusion: It’s easy to become more secure

As you can see, there is a lot you can do affordably, even to existing Windows systems, to increase their security. It shouldn’t take a lot of time or money to do; however, it may take a lot of both if you don’t do anything and something avoidable goes wrong.

To View Entire Article Click Here

Protect Your Data. Stay Connected. Save Time and Money.

Get ready to take your business to the next level. With Windows Small Business Server 2011 Standard (SBS 2011 Standard) you can get business done faster, be more productive, and stay better connected. For a greater business capacity and a new competitive edge, the time for upgrading to Windows Small Business Server 2011 Standard is now.

Top Ten Reasons to Upgrade

Enjoy updated component technologies, increased data protection, and new tools to help you grow your business capacity.

1. Get a Comprehensive, All-in-One Solution:

Get the newest releases of all the SBS 2011 Standard technology components that are designed to deliver an optimal experience for small businesses in an affordable all-in-one solution. The solution suite includes Windows Server® 2008 R2 technologies, Microsoft® Exchange Server 2010 SP1, Microsoft SharePoint® Foundation 2010, and Windows Software Update Services. Also, Premium Add-on includes Windows Server 2008 R2 Standard and Microsoft SQL Server 2008 R2 for Small Business.

2. Simplify IT Management:

Manage common IT tasks and address technology issues before they occur with a unified view of the health and security of your computers and servers in the network from one administrative console.

3. Run Line of Business Applications:

Get access to the large Windows Server 2008 R2 ecosystem of applications as the SBS 2011 Standard is built on Windows Server 2008 R2 code base.

4. Stay Connected to the Business:

Provide your users the freedom to securely access all of their communications—e-mail, voice mail, instant messaging, and more—from virtually any platform, Web-browser, or device to get more done wherever they are with the integrated Exchange Server 2010 and Microsoft Outlook® Web Access (OWA) capabilities.

5. Access Business Information from Virtually Anywhere, Anytime:

Get direct, secure access to your files, calendars, tasks, and contacts through any common browser, from virtually anywhere.

6. Built-in document collaboration:

SBS 2011 Standard features Microsoft SharePoint® Foundation Services 2010 – the newest version of Microsoft Windows SharePoint Services. It powers exciting new features and capabilities that help you collaborate securely online—no matter where you are.

7. Simplify IT Management:

Reduce the cost of deploying and maintaining your network with streamlined setup and deployment for both the server and clients

8. Easy Migration:

Easily migrate to the new platform with enhanced migration tools, extensive pre-migration checks, and prescriptive guidance.

9. Simplified Back-up for Business Data:

Help protect your vital business information from loss with automatic backups and recover accidentally deleted files in the event of disaster. With easy-to-use interfaces and backup capabilities, you or your IT consultant can gain better control of your data, PCs, and network.

10. Keep your Network Healthy and Up-to-Date:

Help ensure the health of your network and keep your PCs and servers current with easy-to-read “green check” reports that give you a quick view of PC and server status, antivirus status, Microsoft software updates, and backup progress.

Takeaway: On February 22, 2011, Microsoft released Service Pack 1 for Windows 7 to the general public. Should you download and install it?

As of February 22, 2011, Service Pack 1 for Windows 7 is available to the general public from the Microsoft Service Pack Center. Windows 7 SP1 includes previously released security, performance, and stability updates, plus some improvements to features and services.

Microsoft suggests that individuals just let the normal Windows update system handle installation of the service pack. However, if you’d like to accelerate the process you can download the file and install it manually. The install will take around 30 minutes and you will have to reboot the PC during the process.

Depending on what method is used to install the service pack, you will need anywhere from 750MB to 7400MB of available disk space storage to complete the installation procedure, so plan accordingly. If you have a pre-release version of SP1 installed, you will have to uninstall it before you install the latest version.

Also note that some antivirus software will prevent SP1 from being installed properly, so you may want to temporarily turn off your antivirus while the installation takes place

To view the original article in it’s entirety Click Here