Windows 7, the safest Microsoft operating system yet…


CESG recently said of Windows 7 that it was “the safest version of a Microsoft operating system” and “encouraged Her Majesty’s Government to adopt Windows 7 when choosing a Microsoft Operating system”.

Security secure Download all no shadowAs some of you may know we work with CESG to produce a best practice framework for configuring Windows 7 for its use within UK Government. We call this guidance the Government Assurance Pack (GAP), and is made freely available to all UK government departments via CESG.  It does not require the use of expensive third party software and builds on Microsoft’s investments in developing secure  code (SDL) and features like AppLocker, Group Policy, ASLR, DEP,  x64,  etc… to provide a low impact, supportable security configuration for UK governments use.

The approach of the GAP is to utilise the basic features of the operating system to provide a common starting point in making risk management decisions, from a “default deny” perspective.   In doing so it allows business owners  to make a positive risk management decision between  the use of a particular feature or application and the business requirement for its use.

In addition Microsoft BitLocker and BitLocker to Go can be used be used by UK Government departments to protect information at rest up to Business Impact Level 3, with appropriate guidance from CESG, which will meet or exceed the requirements for most government users,

people operator hard hat construction iconSome people have asked why would you do something special for government?   I don’t typically go to work wearing a hard hat and safety boots, but, I know that in certain environments it is appropriate to wear them.  Windows is a general purpose operating system, and while it is secure by design, by default and in deployment, government in general faces a higher level of risk than most consumers and even enterprises and so it is appropriate to take additional measures to mitigate those risks.  The measures we use are built into the operating system, though they are regarded as a configuration not generally required by most businesses and consumers, but, the advantage this gives is that the GAP configuration is fully supported .

The GAP was created in conjunction with CESG and with Microsoft’s Security Centre of Excellence a true joint effort between government and industry, if you are a  UK government department requiring information on the use of Windows 7 please contact your CESG representative for more details.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: