BitLocker To Go: Encryption is a key component in any operating system security plan. With the help of the newly improved BitLocker, Windows 7 users can have more control over the encryption of their hard drives. Microsoft's BitLocker even automatically encrypts new data while it's running. It's a hands-off tool that should improve security in Windows 7.
If you encrypt a folder on an NTFS volume, all files and subfolder created in the encrypted folder are not automatically encrypted. However, you will be prompted whether you want to encrypt all the subfolders and their content. If you choose YES, they will also be encrypted.
Also note that you can't encrypt a file or folder that is compressed. If you want to encrypt a file or folder that is compressed, you need to first decompress the file or folder and then encrypt. Only NTFS volumes support file or folder encryption.
You can set the following attributes using ATTRB command:
'+' sets and attribute
'-' clears an attribute
Correct syntax is : ATTRIB [+R -R] [+A -A] [+S -S] [+H -H] [PATH] [FILESPEC] [/S] /s Processes files in all directories in the specified path.
Encrypting File System(EFS) keeps your documents safe from intruders who might gain unauthorized physical access to your sensitive stored data by stealing your laptop or Zip disk, or by other means.
Windows 7 BitLocker and the Encrypting File System (EFS) are two robust security features designed to protect the system and user data. When comparing BitLocker and EFS
1. BitLocker encrypts volumes, whereas EFS only encrypts files.
2. BitLocker does not require user certificates, but EFS does.
3. BitLocker protects the operating system from modification, whereas EFS does not.
Windows Security Center: By using latest Windows update, it is possible to secure the operating system from any known bugs. Windows Security Center also shows the status of software designed to protect against spyware, In addition to it's own software, Windows Security Center can monitor security products from multiple companies and show you which are enabled and up to date.
Login time restrictions: Even if the login and password are available, the user may be ignorant of the same. You need to take the login information from the user directly before proceeding with any work.
BIOS Password: In the BIOS the supervisor password will prevent someone from re-configuring the BIOS settings without the proper password. The BIOS password is stored in CMOS memory that is maintained while the PC is powered off by a small battery, which is attached to the motherboard. Refer to the motherboard manual to find the jumper that clears the BIOS password. Alternatively, if you remove this battery, all CMOS information (including the BIOS password) will be lost. The company policy requires that the password be changed every month. It is highly recommended that the password be remembered. It is a bad practice to alternate between two known passwords.
Account Management: On a stand-alone computer or a computer that is a member of a workgroup, a user account establishes the privileges assigned to each user. The three user accounts available are: Administrator, Limited, and Guest. The important features of these accounts are as given below:
Can create and delete user accounts on the computer.
Can change other users' account names, passwords, and account types.
A standard user account lets a person use most of the capabilities of the computer, but permission from an administrator is required if you want to make changes that affect other users or the security of the computer.
When you use a standard account, you can use most programs that are installed on the computer, but you can't install or uninstall software and hardware, delete files that are required for the computer to work, or change settings on the computer that affect other users.
Cannot install software or hardware, but can access applications that have already been installed on the computer.
Cannot change the guest account type.
You should disable any guest accounts on your system as they can provide information to hackers and increase your security risk.