Windows Vista will not ship without robust security, Microsoft tells business

Microsoft has told business users the security of its next generation Windows operating system is such a priority that it will push back the launch date if necessary.

Microsoft has told business users the security of its next generation Windows operating system is such a priority that it will push back the launch date if necessary.

Detlef Eckert, Microsoft's chief security adviser, said Windows Vista will not be released until it completes testing to ensure the code is robust and security vulnerabilities have been identified.

"Unless Vista passes the final security review, it will not ship," he said. "We are still in early beta testing. The components will be checked and checked again. If it is not working, it will not ship."

Vista is the first Windows operating system to be designed from the ground up using Microsoft's secure design methodology, introduced in 2002. It will offer security enhancements to make it compelling for many firms, Eckert told Computer Weekly.

"One thing is clear - Vista has a better security architecture than XP," he said. "It will need fewer updates and patches, and will be vulnerable to fewer viruses. And even if there are vulnerabilities, Vista will mitigate the damage."

A range of improvements designed to make it easier for companies to control and manage mobile workers could appeal to businesses that want to replace passwords with smartcards or two-factor tokens, said Eckert.

Vista will make it easier for firms to use smartcards, such as building access cards or the government's proposed ID cards, as secure tokens for logging into corporate systems. It will also make it easier for them to manage IDs when staff join or leave.

The operating system will also protect corporate networks by checking that laptops have the latest security updates before they are allowed access to a corporate network - plugging what Eckert describes as one of the biggest weakness in corporate security.

"There are hundreds of thousands of people with laptops who connect to the corporate network. This is one of the most dangerous issues for companies. They have firewalls and anti-virus, but if you have an infected laptop connected to your network you bring the infection inside."

Vista will also support hardware encryption designed to ensure that data and software will not fall into the wrong hands if a laptop is lost or stolen, said Eckert.

Other features include an updated version of Internet Explorer capable of isolating malicious code, plus an improved firewall that should make it easier for companies to implement corporate security policies.

Windows Vista security features

  • First operating system to be designed using Microsoft's secure lifecycle. Incorporates "layers of security" designed to block malicious code
  • Makes it easier for companies to use smartcards and two-factor authentication for single sign-on to IT systems
  • Bitlocker technology will encrypt system and data files, protecting confidential data if laptops are lost or stolen
  • Can detect whether key files have been modified by malicious code or hackers.
  • Better support for identity management, allowing companies to set up and revoke access rights to employees.
  • Able to check whether laptops have firewalls and anti-virus software installed before allowing them to access a corporate network
  • Firewall monitors outbound as well as inbound traffic, which enables organisations to implement corporate security policies
  • Security enhancements to Internet Explorer 7 to limit impact of malicious code
  • Clearer distinction between user and administrator rights to improve user security

Gartner cautious on promise of better security

Read more on IT risk management