|
|
Control Panel - Security Microsoft has tried to group all the security related functions for Vista into this one Control Panel category. For the most part I think they have succeeded, at least for the average user that pays little to no attention to security issues unless there is a problem that impacts system usage. One of the common complaints about Control panel is you are never sure where you will end up when clicking a link in Control Panel. I'm not sure how Microsoft defines the layout, but I define the primary headings such as Security Center and Windows Firewall as 'Main Categories' and the links under each main category as 'Category Links'. Sometimes you'll be taken to what looks like another Main Category window, other times a click will lead you to a completely separate window opening up, so the consistency is a bit shaky. The bottom line is, if you see a Category Link that looks like it will do what you're trying to accomplish, give it a try first. You can always come back to the Main Categories. So, let's take a look at the Main Categories.
Security Center - Clicking on Security Center will open [no big surprise] Windows Security Center. Microsoft has determined that Firewall, Automatic Updating, Malware Protection, and Other Security Settings are the four essentials you should be concerned about on your system. Whether you agree with that determination or not, those are the categories that are displayed. The section on the right of Security Center is nothing more than a status monitor for the different categories. It does tell you what applications are installed on the system if you click the 'Show me' links while the 'How does' links open to explanatory pages in Windows Help and Support. In the left side panel of Windows Security Center there are links to Windows Update, Windows Firewall, Windows Defender, and Internet Options. These links are also available on the main Control Panel > Security page, so where you click them is a matter of choice. The redundancy factor.
What 'is' available on this page alone, and I suspect will be important to many users as they use Vista over time, is the 'Change the Way Security Center Alerts Me' option. When a security issue is noted and the system found to be at risk, Security Center wants to alert you in the notification area of the taskbar. The default notification consists of a text balloon and an icon in the notification area. One step down from that is just the icon without the text balloon. The third choice is no notification at all. I don't particularly mind the icon notification, but the text warnings become very annoying.
Finally, the link about the latest security and virus information online takes you to the Microsoft Security Central page. I've included the link to it in case you need to research an issue.
Windows Firewall - Clicking the main Windows Firewall category in Control Panel > Security brings you to this screen, another 'step' in getting to a screen where you can actually do something that impacts the system, with one notable exception. If you click on the 'Update Settings Now' link in the pale yellow caution area, rather than direct you to the Windows Firewall Settings screen, it will automatically enable Windows Firewall; no warning and no questions asked. If that's what you want to do, it's fine, but for more control there are other alternatives.
Using the [Turn Windows Firewall On or Off], [Allow A Program Through Windows Firewall], or the [Change Settings] links will take you to one of the tabs in the Windows Firewall Settings window shown below.
Windows Update - As expected this opens Windows Update where you can manage how updates are handled on the system as well as initiate the update process. There are a number of links in the left pane for selection. Check for Updates does exactly that; it checks for any new updates without any further user input. Selecting Change Settings allows you to control how Vista checks for and installs updates as well allowing you to turn off updates completely. View Update History and Restore Hidden Updates are the lesser used options, but still handy if you need to go back and check on an update.
Windows Defender - Windows Defender is a spyware detection program supplied with Vista. If you have it running, clicking the [Windows Defender] link will bring up the program. If you click the [Scan for Spyware ...] category link under the main category, a spyware scan will be initiated immediately.
Internet Options - This is a strange one that sort of makes me shake my head and ask where is the consistency. In all the Main Categories up to this point, when they are clicked you get a dual pane type window that has a number of helpful links in the left hand pane. Yet for Internet Options, where there are any number of extra links that could prove very useful to less technical users, the Internet Properties window opens. Why wasn't this given one of those splashy sub-category windows like the others? At any rate, clicking Internet Options in Control Panel > Security opens Internet Properties to the General tab. As for the Category Links, [Change Security Settings] opens to the Security tab, [Delete Browsing History and Cookies] opens to the General tab, and [Manage Browser Add-Ons] will open to the Programs tab. I just find it hard to believe there weren't any situations identified that warranted any links to the Privacy and Content tabs.
Parental Controls - According to Windows Help and Support, Parental Controls can be used "to help manage how your children use the computer. For example, you can set limits on your children's access to the web, the hours that they can log on to the computer, and which games they can play and programs they can run." That's all well and good and Parental Controls does indeed allow that to be done. And in spite of the name Parental Controls, I've actually seen quite a few small businesses that lack the personnel and technical expertise to lock down their office computers using Parental Controls. I won't get into the dynamics of how children and employees may react to being under the scrutiny of Parental Controls, but it can be a very useful tool, especially the program blocking and activity report capabilities.
BitLocker Drive Encryption - It's pretty much a given that everyone wants to keep their system and data secure. Encryption has long been the preferred method for data security and BitLocker is the latest method to encrypt your hard drive. The Encrypting File System (EFS) has been around for NTFS drives for quite some time. BitLocker is different from EFS in that it uses a TPM (Trusted Platform Module) hardware chip. Chances are pretty good that your current system doesn't have a TPM chip, and as you can see in the screen capture below the system I'm using for this article falls into that category. You can't just go out and buy a TPM chip. The system has to be designed for it from the beginning. So, does that mean if the TPM chip is missing that BitLocker is out of the question on your system? Actually, no, you can run BitLocker without having a TPM chip by using a USB memory key or supplying a password each time the system boots, but the boot files integrity will not be assured as it is on TPM chip enabled systems. Plus, if you manually supply the password, be prepared for some heavy duty typing as we aren't talking about a [myfavoritedessert] type password. Before BitLocker can be enabled you need to prepare the drive. It requires at least two volumes before BitLocker can be installed. Read through the Description of the BitLocker Drive Preparation Tool to see what is involved and make sure you can meet the requirements. One last thing I forgot to mention; BitLocker is only available in Vista Ultimate and Enterprise editions.
Secure Online Key Backup - Once you move into the world of file encryption, be it EFS or BitLocker, you need to make damn sure you are able to get to your files or drive. Without the BitLocker Recovery Password or EFS Recovery Certificate, essentially you are dead in the water, screwed, finished, kaput, or any other term you choose. I'm not going to go through the whole process here, but don't ignore this screen. Make backups of your passwords and certificates. Make multiple backups - and keep them safely stored away. They will be the only thing that allows you to get to your data. If you're the type of person that loses your car keys on a regular basis or has to dig through a mountain of papers on your desk to find the password you were 'absolutely sure you'd remember but now you've lost or forgotten it', perhaps file encryption isn't for you. You've been warned.
|
|
