4/16/2017 10:01 AM © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Vista & Security 4/16/2017 10:01 AM Windows Vista & Security Jason Johnson Account Technology Specialist j.johnson@microsoft.com Microsoft Corporation Joseph Lumia Account Technology Specialist jolumia@microsoft.com Microsoft Corporation © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda Windows Vista Overview Windows Vista Security 4/16/2017 Agenda Windows Vista Overview Windows Vista Security Fundamentals Threat and Vulnerability Mitigation Identify and Access Control Information Protection Desktop Optimization Pack for Software Assurance The primary focus of the launch event is Security and compliance, so these slides key off that. Overview We provide a quick over of Vista – we don’t want the audience walking away thinking that the only benefit of Vista is the security changes. There’s only a couple of slides in this section – and one Demo (search/Aero – eye candy stuff) Security The bulk of the presentation is around security: Fundamentals Changes that we’ve made to our development (Vista is the first OS released using the SDL process) Threat and Vulnerability Locking down IE7, Windows Defender, updated Firewall and updated GPOs (800+ more in Vista) Indentify and Access Control This bit focuses on really attacking the problem of users needing Admin rights because of applications – User Account Control will help a lot in letting people stay secure and compliant. Info Protection BitLocker, RMS, EFS, etc – protecting data from end to end, and Vista fits nicely for protecting data on mobile machines, as well as laptops. DOPSA Making people aware of the additional benefits of Windows Client SA and the abilities that DOPSA provides.

Windows Vista Overview Find and use information Improve security and compliance End Users IT Pros Key Message With Windows Vista, organizations can connect more quickly to information, collaborate more easily, reduce deployment and support costs, and provide a more secure and compliant desktop platform. Presenter Script We’ve identified four primary scenarios where Windows Vista provides value to business: by empowering today’s virtual workforce, by providing the next-generation desktop operating system, by giving IT professionals a desktop client that is easier and less expensive to deploy and support, and by providing a more secure desktop for the enterprise. Presenter Guidance Additional Presenter Information Infrastructure Optimization: Windows Vista enables IT professionals to reduce the time and complexity of deploying and maintaining infrastructure, and to provide a more manageable, reliable, and secure desktop client Empowered Productivity: The next generation desktop, Windows Vista, helps individuals find and organize information quickly, easily, and more securely on PCs, e-mail, corporate sources and the Internet Security and Compliance: Windows Vista reduces business risk, better protects data, and contributes to regulatory compliance in a more controllable and more secure environment that provides more robust reporting, rules-based access, and auditing capabilities Virtual Workforce: Windows Vista enables mobile professionals to access resources easily and more securely, synchronize information, and collaborate in remote locations and across corporate boundaries. Enable mobile workforce Optimize desktop infrastructure

Windows Vista Key Business Scenarios Find and use information Search – start menu, control panel, document folder Metadata tags - easy to Search and Organize Your Data Tabbed browsing – IE7 and web printing ReadyBoost – USB extends memory Windows Aero – tabbed browsing High Performing, Reliable PC NAP – ensures secure state before connecting to the network (more secure) Easier to Connect, Collaborate, and Share Mobility center – puts most commonly used controls in one location Sync Center – data and devices switch between online and offline states End Users This provides a small subset of the features in Vista geared towards the End Users. I like to highlight a couple that I think are really useful – like Search and tabbed browsing. You don’t have time to talk to each of these points. One thing that you should keep in mind is that although we have NAP (Network Access Protection) in the list, we won’t have full support for this until we ship Longhorn server. Enable mobile workforce

Windows Vista Key Business Scenarios IE7 Protected Mode – prevents silent install of malicious code Services hardening – prevents windows services from being used for abnormal activity UAC – admin vs. standard Anti-phishing Group policy – easier desktop management Fundamentally Secure Platform Cost Effective Networking – automatically optimizes file transfers by detecting how much network bandwidth is available Support Costs = network diagnostics/built-in diagnostics for self healing Reducing Deployment Costs & Complexity Improve security and compliance IT Pros This also is a small list of the many enhancements to Windows Vista geared towards IT Pros. This presentation will talk in more detail about IE7, UAC, Group Policy, Service Hardening and Anti-phishing. Like the previous slide, there’s not enough time to talk about each of these, so just highlight a couple, and let them know that you’ll be going into more detail later on in the presentation. Optimize desktop infrastructure

demo Windows Vista Search 4/16/2017 10:01 AM 7 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

The Problem in A Nutshell Ready For a New Day Launch Tour 2007 4/16/2017 10:01 AM The Problem in A Nutshell ACTIVITY e Gov Services and Access Hacker hits Georgia state database Confidential information on more than 570,000 people exposed Computerworld, March 2006 ACTIVITY e Gov Services and Access Ohio secretary of state sued over ID info posted online Computerworld, March 2006 It’s important to take a moment to examine why we’re all here today. While there is certainly a lot of new functionality in Vista, one of the primary areas where users, analysts and customers have been seeing value for the enterprise is in the area of security. Our State and Local customers face a number of unique opportunities and challenges in this area. Opportunity More of those citizens will have access to those services through a wave of new municipal and other broadband initiatives Every state and local strategic IT plan promises more eGov services for citizens The Problem Security and IT mgmt improvements are simply not keeping pace The gap between these two trends is filled with a whole lot of financial and political risk for State and Local customers: loss of trust with citizens, financial cost of security breach notification, etc… Changing threat landscape: moving from broad-based worms to more targeted malware attacks Understandable reasons for this: history of IT decentralization, funding challenges, politics, etc… A few examples of recently publicized breaches/incidents in State and Local government are listed here. And so a lot of time was spent in the design of Vista attempting to deal with these and other security challenges. We’re going to look at some of these today. ACTIVITY e Gov Services and Access Hacker Breaks Into Nebraska Child-Support Database SSNs for 300,000 people potentially impacted Fox News, June 2006 ACTIVITY e Gov Services and Access Financial and political risk Security / IT governance improvements TIME © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Specific Business Challenges Ready For a New Day Launch Tour 2007 4/16/2017 10:01 AM Specific Business Challenges Keep systems secure from malware/spyware Rootkits, keystroke loggers, bots Worms, viruses Phishing attacks Keep inside information inside Lost/stolen laptops and desktops Hacking Accidental/intentional information leaks Decommissioned/donated PCs Simplify identity and access management functions Let’s take a bit of a closer look at the challenges Vista is designed to address. Malware/spyware Typical attack: phishing attack via spam tricks user into visiting a malicious site, malware is silently downloaded through the browser (user has local admin so can install software), malware begins to monitor user keystrokes for interesting info like bank account data, etc… that can be used later This is easily the most important battleground for control of our PCs Keep inside information inside After the recent Veterans Admin stolen laptop incident most people seem focused on this scenario but information is also lost in far more mundane ways – lost backup tapes, improperly decommissioned and then donated PCs ending up on eBay or in a high school still with PII on them The other way identity theft can occur is via the whole sale loss of theft of data stores containing PII (personally identifiable information) such as SSNs, credit card numbers, etc… Managing the complexity around the “islands of identity” that exist in every enterprise application environment is becoming paramount and the lack of such an efficient ID infrastructure is impeding or completely halting the development of the next generation of eGov applications Simplifying Identity and Access Control © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Fundamentals Securing the codebase and services 10

Security Development Lifecycle It is imperative that all software vendors, including Microsoft Corp., address security threats. In fact, along with increasing the trustworthiness of computing generally, security has become a core customer requirement. There are both business reasons (e.g., competitive advantage) and other reasons (e.g., social responsibility) to create more secure software that requires less updating through patches and less security management. There are three facets to building more trustworthy software: best practices, process improvements and metrics. To deliver on the security and privacy pillars of Trustworthy Computing to customers, Microsoft has transitioned to a more stringent software development process that increases focus on these elements. This process is intended to minimize the number of security related bugs injected into the design, code and documentation in the first place and to detect and remove those bugs as early in the development life cycle as possible. The benefit of these process improvements is the reduction in the number and severity of security vulnerabilities in products and services provided to customers as well as producing software that better protects the privacy of our customers. The process is applicable to all software released by Microsoft, but mandatory for software that is intended to be used in these ways: ·        Used in a business environment ·        Used to process Personally Identifiable Information or other sensitive information ·        Used to regularly communicate over the Internet or other networks Product Inception Assign security advisor Identify security milestones Plan security integration into product Design Define security architecture and design guidelines Document elements of software attack surface Threat Modeling Standards, best practices, and tools Apply coding and testing standards Apply security tools (fuzzing tools, static-analysis tools, etc) Security Push Security code reviews Focused security testing Review against new threats Meet signoff criteria Final Security Review Independent review conducted by the security team Penetration testing Archiving of compliance info RTM and Deployment Signoff Security Response Plan and process in place Feedback loop back into the development process Postmortems

Windows Service Hardening Defense in depth Services run with reduced privilege compared to Windows XP Windows services profiled for allowed actions to the network, file system, and registry Designed to block attempts by malicious software to make a Windows service write to an area of the network, file system, or registry that isn’t part of that service’s profile Service Hardening File system Let me talk a little bit more about another great Windows Vista security feature which is something that we call “Windows Service Hardening.” Windows Service Hardening is all about our Defense In Depth strategy. What we’re doing in service hardening is making sure that even if there is a vulnerability in a service, and that vulnerability is compromised by exploit code, that exploit code isn’t allowed to propagate to other machines on the network. If you look at something like the Blaster Worm that happened a couple years ago, what it did was exploit vulnerability in the RPC Service and it forced RPC to write a file to the file system that RPC shouldn’t be able to do. It actually wrote a Run Key in the Registry to make sure that it would persist after a reboot. And also actively talked outbound on the network and tried to infect other machines. With service hardening, we reduce the size of high risk layers in other words protecting the kernel and system files. We do that by profiling the entire core Windows services and determining access boundaries such as what part of the file system, registry and ports the service can write to or manipulate. We will enforce that behavior at run time. If necessary we segment the services to ensure pieces of the services that need to run with higher privileges are separated from the one which doesn’t require that level of privileges. In addition we are also introducing a layer and concept called user mode drivers. So even if there’s vulnerability in a Windows service, and it’s compromised by exploit code, that exploit code can’t make that service do something that it wouldn’t ordinarily be allowed to do. This is really intended to reduce the risk of mal-ware quickly spreading to other machines. That’s a huge focus of the Windows Service Hardening Platform. The great thing about service hardening is that besides hardening core Windows services we’ll make this available to third parties to opt into the service hardening platform as well. So that third party applications will be able to take advantage of this. Registry Active protection Network

Threat And Vulnerability Mitigation Protect against malware and intrusions

Internet Explorer 7 Social Engineering Protections Phishing Filter and Colored Address Bar Dangerous Settings Notification Secure defaults for IDN Internet Explorer 7 is a significant rewrite from IE6, per the secure development life cycle that significantly reduces the attack surface by which many kinds of malware can enter a computer. Malware can install in two ways, by tricking users and by exploiting vulnerabilities in the OS or applications. Previous versions of IE were the vehicle for multiple social engineering tricks and exploits. (Sometimes, an exploit was used to enable a social engineering trick.) There have been a tremendous number of improvements, to name a few: Phishing Filter helps users identify malicious websites that might seek to extract personal information or install malware. The Phishing Filter uses heuristics (ie, images hosted on another server, IP address instead of domain name) to identify suspicious websites. It also checks sites against a list of known phishing sites Colored Address Bar & Improved SSL In IE7 we use the address bar as a visual queue to convey information about the intent of a website: green (known good), yellow (suspicious), red (known bad) Secure defaults for blocking International Domain Name spoofing IE7 supports international characters in domain names, which opens a variety of spoofing options for malicious actors. While www.example.com might have been spoofed as www.examp1e.com, Replacing an o with an ö creates more options for attackers. Unified URL Parsing Many previous exploits were found in IE6’s URL parsing capabilities. They have been rewritten and unified as one Active X Opt-in Since IE6, we have been progressively tightening down freedoms we gave to Active X. Now, we require users to opt-in to use any pre-installed ActiveX control as well as new controls. Protected Mode Protected Mode in Internet Explorer 7 limits Internet Explorer to just enough privileges to browse the Web but not enough to modify user files or settings by default. As a result, even if a malicious site attacks a vulnerability in Internet Explorer, the site’s code will not have sufficient privileges to install software, copy files to the Startup folder, modify registry settings, or hijack the settings for the browser’s homepage or search provider. One example I like to use here, is the Office 2003 update while running Vista. To update Office 2003, there’s an ActiveX control that interrogates your system to find out which version of Office is installed, as well as which patches have already been applied. Under Vista, you can’t run this ActiveX control, since it doesn’t have the rights to talk to your registry or file system to perform the necessary tasks. This illustrates that we take locking down and securing the browser very seriously. Protection from Exploits Unified URL Parsing Code quality improvements (SDLC) ActiveX Opt-in Protected Mode to prevent malicious software

Windows Defender Improved Detection and Removal Redesigned and Simplified User Interface Protection for all users This is another tool in our “defense in-depth” strategy. Windows Defender is available on all Vista SKUs, but doesn’t provide some of the enterprise features that most agencies would look for (like centralized logging, report, etc). However – it’s a great way to combat malware/spyware if they don’t already have a tool in place. One of the key points is that it provides real-time scanning of certain parts of the registry and file system to make sure that malware/spyware don’t infiltrate the system. It will also do a nightly scan. All actions performed are logged into the event viewer – so when it comes to compliance, there’s still an audit trail to know if/when some spyware was installed.

Client Anti-Malware Offerings Windows Live Safety Center Windows OneCare Live Microsoft Forefront Windows Defender MSRT Remove most prevalent viruses Remove all known viruses Real-time antivirus Remove all known spyware This slide is an up sell to Forefront – since it provides the enterprise features that Defender does not provide. The key thing here is that if customers don’t want too much control over Defender (there are a couple of GPOs), then there’s no harm running it in their agency. But if they want centralized management, reporting, etc, they need to look at Forefront. Real-time antispyware Central reporting and alerting Customization Cost No charge No charge No charge $50/3 PCs TBD FOR INDIVIDUAL USERS FOR BUSINESSES

demo Thwarting Malware 4/16/2017 10:01 AM 17 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Windows Vista Firewall Combined firewall and IPsec management New management tools – Windows Firewall with Advanced Security MMC snap-in Reduces conflicts and coordination overhead between technologies Firewall rules become more intelligent Specify security requirements such as authentication and encryption Specify Active Directory computer or user groups Outbound filtering Enterprise management feature – not for consumers Simplified protection policy reduces management overhead The firewall in Vista has some improvements as well… The key thing is we just want people to use *a* firewall! One of the big changes to the firewall is support for outbound filtering. Suppose there’s a virus, called the “ET Phone Home” virus, that you know needs to talk to the mother ship on the Internet. Instead of just enabling filters on your border firewalls or routers, you can set a GPO that will enable this on all machines. Through our logging, we can than determine which machines try phoning home, and you can go repair them. We’ve also added location aware policies. If a machine is authenticated to the domain, then we apply one set of policies, if it’s in a public location, we do a different set of policies, and if it’s in a private location, a 3rd set of policies. This ties in real well with the way we handle network connections and “profiles”.

Group Policy Device Restriction 4/16/2017 10:01 AM Continuing the theme of Security and Compliance, the additional 800+ GPOs that we added to Vista really help lock down systems. Here’s an example screen shot where we can control the installation of a device – based on it’s Device ID. Don’t oversell this – this only works if the device isn’t already installed on the system. We do have other GPOs that will let us control which devices can/cannot be written to. The important thing about this screen is our commitment to giving the IT Pros the necessary tools to make certain their systems stay compliant and secure. Group Policy Device Restriction © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary. 19

Identity And Access Control Enable Secure Access to Information

Windows Vista Solution User Account Control Windows Vista Solution Challenges Most users run with full administrator privileges all the time At risk from malware Can’t manage desktops or enforce policy Expensive to support Difficult to run a standard user User can’t perform many tasks Many applications don’t run Easier to Run as Standard User Users can do more on their own Change time zone, power settings, VPN, and more Install approved devices Admin commands clearly marked Higher application compatibility File and registry virtualization Everybody understands these challenges – on an XP system, if you have Local Admin/Power User rights, you can pretty much destroy the system. The reason you have those rights is there’s an application that requires administrative privileges. There’s also some tasks that a standard user can’t perform that they should be able to do. The solution is User Account Control The biggest advantage of UAC is that those applications that think they require administration rights are still able to run just fine – transparent to the application we redirect their access to virtualized locations. Over 90% (if not 99%) of the applications we’ve tested work just fine under UAC. We also have tools like AppVerifier and SUAnalyzer (Standard User Analyzer) that will help people determine which applications may/may not work well under UAC. UAC is enabled by default – and we recommend to *not* disable it. Greater Protection for Admins Software runs with lower privileges by default Administrator provides consent before elevation

Standard Users Can Do More View system clock and calendar Change time zone Configure secure wireless (WEP/WPA) connection Change power management settings Create and configure a Virtual Private Network connection Add printers and other devices that have the required drivers installed or allowed by IT policy Disk defragmentation is a scheduled background process Shield icon consistently marks what actions a standard user cannot perform This is a list of tasks a standard user can perform.

demo User Account Control 4/16/2017 10:01 AM 23 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Improved Auditing More Granularity New Logging Infrastructure New subcategories for Logon, logoff, file system access, registry access, use of administrative privilege New Logging Infrastructure Easier to filter out “noise” in logs and find the event you’re looking for Tasks tied to events: When an event occurs, such as administrative privilege use, tasks such as sending an Email to an auditor can run automatically The improved auditing really ties into the compliance story for Vista. We’ve worked hard to make the Event Viewer a lot more useable. The key point here is that we track when rights have been elevated (as well as many other things), so that if there’s a requirement to track down when something may have taken place on the system, there’s a good chance we’ll have the information the Event Viewer. The improved Event Viewer also provides the capability to forward events to other Vista machines (and I’m assuming Longhorn servers). If somebody wants more control, they should look at the MOM MP for the desktop. The Event Viewer also provides some proactive capabilities – by leveraging the ability to tie a task to an event. For example, if we detect that the hard drive is starting to fail on the machine, we could fired off the backup software, or send an email to the helpdesk, or pop up a message for the end user. Additional info Windows Vista supports more granular auditing with a new event log infrastructure and new auditing subcategories. Specific auditing categories and subcategories include the list below. In Windows XP, only the top-level categories are available for auditing, not the subcategories. Category   Subcategory ------------------- System   Security State Change (System)   Security Extension (System)   Security Integrity Violation (System)   Others (System)   IPSec Driver Events (System) Logon/Logoff   Logon   Logoff   Account Lockout   IPSEC Main Mode (Logon/Logoff)   Special Logon   Others (Logon/Logoff)   IPSEC Quick Mode (Logon/Logoff)   IPSEC User Mode (Logon/Logoff) Object Access   File System (Object Access)   Registry (Object Access)   Kernel Object (Object Access)   SAM (Object Access)   Others (Object Access)   Certification Services (Object Access)   Application Generated (Object Access)   Handle Based Audits (Object Access)   IPSec Packet Drops (Object Access)   Filtering Platform Packet Drops (Object Access)   Filtering Platform Connect Events (Object Access) Privilege Use   Sensitive Privilege Use   Non Sensitive Privilege Use   Others (Privilege Use) Detailed Tracking   Process Creation   Process Termination   DPAPI Activity   Others (Detailed Tracking) Policy Change   Audit Policy Change   Authentication Policy Change   Authorization Policy Change   Others (Policy Change)   MPSSVC Rule-Level Policy Change   WFP/IPSec filter-level Policy Change Account Management   User Account (Account Management)   Computer Account (Account Management)   Security Group (Account Management)   Distribution Group (Account Management)   Application Group (Account Management)   Others (Account Management) DS Access   Directory Service Access   Directory Service Changes Account Logon   Credential Validation (Account Logon)   Kerberos (Account Logon)   Others (Account Logon)

Information Protection Protect Corporate Intellectual Property and Customer Data

Information Protection Threats Internal threats are just as prevalent as external threats Accidental Intentional Targeted Loss due to carelessness Data intentionally compromised Thief steals asset based on value of data Information protection is not a single box solution – meaning that to truly protect your information, it takes looking at all your systems – email, desktop, network, etc. As information protection relates to Vista and compliance, we’re talking about BitLocker Drive Encryption. This provides security of data-at-rest – so if a laptop/desktop is stolen, you don’t have to worry nearly as much about the data on the system. For the other pieces of Information Protection, you need to look at making certain that Exchange has policies to lockdown what types of messages can be sent out of the network, that GPOs are in place to prevent data being copied off to a mass storage device, etc. Careless forwarding of documents and Emails Machine disposal or repurposing without data wipe Data lost in transit Confidential data copied via USB and other mobile devices Untrusted network administrator accesses unauthorized data Offline attack on lost/stolen laptop Forwarding of internal-only Email and documents to external parties Branch office server containing directory or database CxO or government official laptop or mobile device Thief plugs external storage device into machine to copy data

BitLocker™ Business Value BitLocker Drive Encryption enhances the security value of all registry, configuration files, paging files, and hibernation files stored on the fully encrypted volume Encryption of the hibernation file Protects against hibernation of laptop with sensitive docs open Recovery available to any customer with access to a phone and their Administrator Destroying root key allows for the safe re-deployment of corporate hardware by making previous data inaccessible Not an end-user feature Strong interest in enterprise IT BDE provides the confidence that your systems are secure – should they be stolen. BDE works on both laptops and desktops. For newer desktops, as long as they can read a USB key upon startup, you can enable BDE on them. Unless a machine is in a secure environment (and that’s not always enough), you should look at BDE. We’ve put a lot of thought into different scenarios for BDE (like how to recover from a hardware failure in the field). It can all be managed through GPOs – making deployment that much easier Enabling BDE requires re-thinking your password policies. If a machine with BDE enabled is stolen, then the only real option for hacking it is trying to crack the password. BitLocker Drive Encryption: Protects data while the system is offline because it: Encrypts the entire Windows volume, including both user data and system files, the hibernation file, the page file, and temporary files. Provides umbrella protection for third-party applications: third-party applications benefit automatically when installed on an encrypted volume. Ensures boot process integrity because it: Provides a method to check that early boot file integrity has been maintained, and there has been no adversarial modification of those files, such as with boot sector viruses or root kits. Protects the system from offline software-based attacks: any alternative software which might boot the system will not have access to the root keys that protect this Windows volume. Locks the system when tampered with: if any monitored files are tampered with, the system will not boot. This alerts the user to the tampering, since the system will fail to boot as usual. Eases equipment recycling by: Reducing the time to permanently and safely delete all data on the drive. Data on the encrypted volume can be rendered useless by simply deleting the keys that are required to access the drive.

Spectrum Of Protection BDE offers a spectrum of protection allowing customers to balance ease-of-use against the threats they are most concerned with. ****** Basically, the more confidence you want in the security of your systems, the more intrusive it will be on the end user. Using a TPM only chip is easiest – but if you want to do mutli-factor authentication, look at also using a PIN/Dongle Customers have several choices of how to deploy BitLocker, with a range of Ease of Use/Security choices: From an ease of use standpoint, the TPM-only solution is completely transparent to the end user. There is no special end user interaction necessary in this mode. The decryption key is released if the operating system hasn’t been tampered with, based on operating system measurements that are stored in the TPM chip. If you want to deploy BitLocker to a machine without a TPM chip, the dongle-only solution is the only choice. The key to decrypt the volume is stored on a USB flash device with this deployment method. The end user has to plug in the USB dongle each time the machine is booted, so ease of use isn’t as good as with the TPM. The major downside to this deployment method is that it’s reliant on human behavior. If the end user leaves the USB flash drive with the decryption key in their laptop bag, and the thief gets the laptop bag, he can decrypt the user’s data. With this deployment method, the user needs to keep the USB flash device separate from their laptop, perhaps on their keychain. A TPM + PIN solution is the best balance between security and usability. With this solution, the user simply has to enter a PIN each time the system is booted. That is low overhead on the end user, and the system won’t boot at all unless the PIN is entered. The most secure, and least usable, way of deployment is TPM + Dongle. With this deployment method, the system will only boot if the OS hasn’t been tampered with while offline, and if the user inserts the correct USB flash device. This is more of a three-letter government agency solution than it is something that the average corporation would deploy. Is a brute force attack possible? Brute force attacks against the volume encryption keys are currently computationally unfeasible just as with any other AES 128-bit or 256-bit protected data.   BitLocker also has an optional PIN or USB ‘multi-factor authentication’ feature that can be used in conjunction with a TPM for added layers of security. What other types of attacks is BitLocker susceptible too? That depends on the configuration of BitLocker that the user implements. Using the PIN or USB multi-factor authentication options along with the TPM provides higher security, though it also requires that users not leave a PIN written down or the USB key left with the computer. Configurations that don’t take advantage of these external key authentication options may be susceptible to hardware based attacks, though that would be dependent on the hardware configuration of the computer. Also, when using BitLocker with Windows Vista, the security of the OS still relies on users choosing strong passwords for logon, so weak passwords are still a concern.

Decommissioning ******* Normal versus “Force Recovery” Nothing With BDE, decommissioning hardware is simple – throw away the keys. There are numerous agencies that either have no policies for decommissioning hardware, or go through a lengthy process of formatting the drive for many hours. ******* Delete keys Reformat drive Admin wipes drive

Windows Vista Information Protection 4/16/2017 Windows Vista Information Protection Who are you protecting against? Other users or administrators on the machine? EFS Unauthorized users with physical access? BitLocker™ Scenarios BitLocker EFS RMS Laptops Branch office server Local single-user file & folder protection Local multi-user file & folder protection Remote file & folder protection Untrusted network admin Remote document policy enforcement This slides tries to complete the picture of Information Protection by talking about the different scenarios. This is also a great chance to talk up RMS for protecting documents in transit. Most agencies need RMS, but aren’t aware of it. Some cases can result in overlap. (e.g. Multi-user roaming laptops with untrusted network admins)

Desktop Optimization Pack

The Next Generation of SA Technologies Dynamic Desktop Solutions Accelerate deployment and increase manageability Dynamically deliver the virtual application solution Minimize application compatibility issues Transform applications into centrally managed services available when and where needed Translating Software Inventory into business intelligence Powerful tools to accelerate desktop repair Enhancing group policy with change management Microsoft SoftGrid: Application Virtualization Microsoft Asset Inventory Services The reason for mentioning DOPSA is that DOPSA will help drive Windows Client SA – which in turn will help everybody with their quota. There’s four technologies in DOPSA – Asset Inventory Services (from AssetMetrix acq.) SoftGrid Application Virtualization (from Softricity acquisition) Group Policy Management (from DesktopStandard acq.) Diagnostics and Recovery Toolset (from Winternals acq.) Of these technologies, the one that will make the biggest impact is SoftGrid – it changes the game on how applications are delivered to users. It virtualizes applications, so that any applications in the past that had DLL conflicts, can run just fine using SoftGrid. The example I like to use is that you can run Office 97 and Office 2003 on the same machine at the same time – you could never do that before. 2. Microsoft Asset Inventory Services which was formerly part of AssetMetrix, which is a hosted service that runs a complete scan of the software installed on every PC in your environment and provides the customer with intelligent reports and analysis to understand and better manage their software assets Microsoft SoftGrid is formerly Softricity SoftGrid and is an application virtualization and streaming solution – this application transforms applications into centrally managed services that are available when and where needed 4. Microsoft Advanced Group Policy Management which was the GPOVault product from Desktop Standard which enables group policy object versioning, change management and delegation 3. Microsoft Diagnostic and Recovery Toolset which is formerly the Winternals IT Admin Pak which are powerful tools to accelerate desktop repair Microsoft Diagnostic and Recovery Toolset Microsoft Advanced Group Policy Management 32

Optimized Infrastructure Desktop and Infrastructure Optimization Infrastructure complexity drives need for management technology Many organizations require a more robust asset, application and end to end infrastructure administration definition Optimized Infrastructure Complexity We’re talking to our customers about the IO story, so this slides talks to the point that the IO journey includes leveraging Enterprise, DOPSA, and SMS. I don’t spend too much time on this slide myself. Size Optimized Desktop Most Enterprise organizations require more formal procedures for application lifecycle, problem, change and asset management Standard Business OS Some organizations may benefit from just using Vista Business with minimal application compatibility testing +Application Compatibility Toolkit

Summary

Windows Vista Security Summary Recap of what we talked about – basically, we’ve made a lot of security changes. Pick one of each topic to highlight. Additional information below… Windows Vista has architectural improvements and end user improvements – both with features that are in the product itself and in services, such as the phishing filter and Windows Update. Our re-engineered development practices have had a big effect here. Vista Security and Safety Story When Windows Vista arrives later this year, there will be over 1 billion PCs in use worldwide[i]. Not only are there more PCs, but people are doing more with them. Businesses depend on PCs for their core business processes, they store more information digitally, and employees rely on their PCs to communicate with each other. Among home Internet users in the US, broadband connections[ii] and online banking are more common than not, and the PC has become the entertainment hub for photos, music, gaming, and video. Unfortunately, with more valuable information being stored and transferred online, computers have become an even greater target for hackers, identity thieves, and other criminals. Originally, most virus-writers were motivated by curiosity and personal fame. Today, they are motivated by money. A stolen credit card number can be worth as much as $100 on the black market, as a result phishing web sites grew nearly 500% in one year[iii] and more than 25 percent of help-desk time today is spent dealing with spyware[iv]. With so much motivation to compromise computer systems, users require computers with magnitudes of new levels of protection. In creating Microsoft Windows Vista, we took a holistic approach to security that will produce a fundamentally more secure operating system than any previous version of Windows and is designed to operate in today’s computing environment. I want to walk thru the three main areas of focus for Windows Vista: Fundamentals Building on the significant security advances in Windows XP Service Pack 2, Windows Vista includes fundamental architectural changes that will help make customers more secure from evolving threats, including worms, viruses, and malware. Windows Vista was designed and developed using Microsoft’s Security Development Lifecycle (SDL), a rigorous process that significantly reduces the number and severity of security-related design and coding defects. These improvements minimize the operating system’s attack surface area, which in turn improves system and application integrity and helps organizations more securely manage and isolate their networks. In addition, other fundamentals technologies include: Service Hardening Windows Service Hardening is an approach for ensuring that critical Windows services only perform expected activity relating to the file system, registry and network. Core services run with lowered privilege and provide profiles of areas of the file system, registry, and network ports that the service should be allowed to access. If the firewall detects abnormal behavior as defined in the service hardening profile, the firewall will attempt to block it. In addition, Service SIDs and restricted tokens are used to restrict file system and registry access. This will help prevent a compromised service from changing important configuration settings in the file system or registry or infecting other computers on the network. For example, the Remote Procedure Call (RPC) service can be restricted from replacing system files or modifying the registry. Code Integrity Verifies the integrity of each OS file code image as it is loaded throughout the lifetime of the operating system. This helps to detect whether a system binary file has been modified by malicious code that might have been run by an administrator Threat & Vulnerability Mitigation – Protect against the latest security threats and reduce the risk of business interruption IE Protected Mode Protected Mode in Internet Explorer 7 limits Internet Explorer to just enough privileges to browse the Web but not enough to modify user files or settings by default. In the Internet zone, IE is restricted to writing to only the Temporary Internet Files directory, unless the user gives consent in order to save a file or modify IE settings. As a result, even if a malicious site attacks a vulnerability in Internet Explorer, the site’s code will not have sufficient privileges to install software, copy files to the Startup folder, modify registry settings, or hijack the settings for the browser’s homepage or search provider. Anti-Malware Malware, such as viruses, worms, spyware, and other potentially unwanted software, can cause a wide range of problems, including theft of personal information, slower PC performance, and the appearance of unwanted advertising (such as pop-up ads). The effects of malware can range from mere annoyances to significant problems that take a considerable amount of time and money to fix. Microsoft believes the best approach to stopping malware is to layer security features. Windows Vista contains many security features that help prevent malware from installing, and that help find and remove malware if it has already been installed: Automatic Updates and Windows Security Center can help you keep your PC up to date with the latest security patches, and also alert you when your PC needs to install an update. Windows Vista firewall helps protect you from hackers, viruses, and worms that try to reach your computer over the Internet. Internet Explorer protected mode runs the browser in a read-only mode (allowing writes to the temporary internet files folder only without user consent) to help protect against drive-by installs and home-page hijackings Windows Defender helps protect you against spyware and other potentially unwanted software. And the Malicious Software Removal Tool (MSRT) periodically scans your PC looking for known prevalent viruses. (The MSRT is not part of Windows Vista but may be downloaded from Microsoft at no additional cost.) IPSec (TCP/IP Security) allows organizations to communicate more securely and to only allow access to computers from other authorized machines. In Windows Vista, the settings for both the Windows firewall and IPSEC are consolidated into a single, easy-to-use console that allows corporate firewall policies to be set in a central location. Outbound firewall filtering allows organizations to set policies which restrict the ability of applications from communicating on the network. For example, an organization may use Office Live Communicator as their preferred instant messaging platform, and want to restrict the use of other instant messaging applications. With the new outbound filtering capability in Windows Vista, which is controllable via group policy, an organization could set up policies restricting the ability of other messenger services from being used on their corporate network, thus ensuring only corporate-standard network applications are used. Network Access Protection (NAP) allows organizations to restrict the access of machines to the network based on corporate health policies, such as the use of anti-virus software with up-to-date signatures, the use of a firewall, up-to-date patches, etc. The benefit of this technology is that it can be used to keep an infected machine that is plugged into the corporate network from infecting other machines on the network. Machines that do not meet the corporate health policy can be quarantined to a separate network where remediation to get the machines to current patch level can occur. This quarantine functionality applies to wired, wireless, and VPN connections. The NAP client is built-in to Windows Vista and is reliant on NAP functionality that is part of Windows Longhorn Server. More information on this technology is at http://www.microsoft.com/nap . Identity & Access Control – Enable more secure access to information User Account Control makes it possible for organizations to deploy a more manageable and secure desktop in which end users can run as standard users (not administrators) and still be productive. Common tasks that require administrative privileges under Windows XP, such as installing printers, changing the time zone when traveling, changing power management settings, and adding a WEP key to connect to a secure wireless network, are now allowed for a standard user in Windows Vista. Deploying desktops with standard user privileges helps organizations move closer to the lower TCO of a managed desktop. The Gartner TCO numbers for an unmanaged desktop are $5520/year, while a managed desktop is $3319/year. Smartcards Windows Vista includes a common CSP that makes Smartcards easier to deploy and support, out of the box. Granular auditing Windows Vista supports more granular auditing with a new event log infrastructure and new auditing subcategories. Specific auditing categories and subcategories include the list below. In Windows XP, only the top-level categories are available for auditing, not the subcategories. Simplified Logon architecture The Winlogon re-architecture allows independent software vendors and organizations to implement their own authentication methods, such as biometrics or tokens, by writing credential providers. The credential provider model is much simpler than Graphical Identification and Authorization (GINA) replacement, and multiple providers will be able to function side by side. Information Protection Companies are increasingly concerned about the company and customer data that is on lost and stolen laptops. There are stories in the news almost every week about a laptop stolen from a corporation or government agency that had sensitive data on it. For example, a laptop stolen from UC-Berkely in 2005 had 98,000 unprotected names and SSN records on it, which left many Berkely alums vulnerable to identity theft. Windows Vista has many technologies to help protect corporate data: BitLocker™ Drive Encryption protects the entire system volume by encrypting the data. This feature, which is part of the Enterprise and Ultimate SKUs, stores the encryption key in either a v1.2 Trusted Platform Model (TPM) chip or on a USB flash drive. It prevents a thief from accessing the data on a stolen laptop. Info on people building TPM chips is at https://www.trustedcomputinggroup.org/groups/tpm/TPM_FAQ_2005.pdf .  HP has shipped the first desktop machine, model DC7600, with TPM v1.2 support.  Others have committed to us internally that they’ll ship via TPM v1.2 machines, but have not publicly announced that yet.  The Encrypted File System (EFS) provides user-level file and folder encryption. It’s most useful on shared machines and the ability to store EFS keys on a smart card is new to Windows Vista. Rights Management Services (RMS) provide the ability to protect documents and Emails to ensure that only the intended recipient can view them. Windows Vista includes an integrated RMS client, and has a dependency on Windows Server 2003. Control over device installation: A top request from enterprises has been the ability to have control over the use of removable storage devices such as USB flash drives. Windows Vista gives administrators the ability to restrict the ability of users to install removable storage devices. Policies can be set that restrict any devices from being installed unless an exception has been configured. Exceptions can be configured by device class and device ID. For example, an organization could set up a policy that blocks all devices except printers, mice, and keyboards from being installed. Additional Stats Collected Spyware: AOL/NCSA Online Safety Study, December 2005: 61% of home users had known spyware/adware programs installed on their computer?” http://www.staysafeonline.info/pdf/safety_study_2005.pdf “Spyware was found on 88 percent of consumer computers and 87 percent of business computers scanned by Webroot between January and April.” Unsubstantiated #s from WebRoot http://www.cybercrimelaw.org/blog/138/Some+Spyware+Stats.html Phishing Gartner estimates 2.4 million adults in the US lost money because of Phishing attacks with estimate losses at $929 million 42% of the 5000 consumers surveyed say their concerns about online attacks like Phishing affected their online shopping behavior, with ¾ more cautious about where they purchase online, and 1/3 buying fewer items online Consumer Trends from CMG Research Orange Book [iv] “According to Gartner, more than 25 percent of help-desk time today is spent dealing with spyware. (Gartner Dataquest, November 2004)” Threat and Vulnerability Mitigation Identify and Access Control IE –protected mode/anti-phishing Windows Defender Bi-directional Firewall IPSEC improvements Network Access Protection (NAP) User Account Control Plug and Play Smartcards Simplified Logon architecture Bitlocker RMS Client Fundamentals SDL Service Hardening Code Scanning Default configuration Code Integrity

Ready For a New Day Launch Tour 2007 4/16/2017 10:01 AM Some early feedback… “The bottom line: we give Vista a thumbs up — at least pending the acid test of attempts by hackers and virus writers to locate and penetrate the operating system’s vulnerabilities. If your agency or department has a pressing need for greater security, you should move to Vista as soon as possible.” -Federal Computing Weekly (12/18/2006) Great quote from a Public Sector focused weekly. © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Thank You www.microsoft.com/business/uslaunchevent2007 4/16/2017 10:01 AM Thank You www.microsoft.com/business/uslaunchevent2007   It’s been an honor to speak with you today. When you and your people use Windows Vista, the 2007 Microsoft Office system, and Exchange Server 2007, they’re not simply helping themselves, they’re helping your whole organization compete and win. We have fantastic content the rest of today and in the tracks and sessions. Enjoy the event and learn more about the technologies. 37 37 © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4/16/2017 10:01 AM © 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.