CESG brands Windows 7 safest Microsoft OS yet

Windows 7 has been branded the safest Microsoft operating system yet by the governmental information assurance organisation, the Communications-Electronics Security Group [CESG], although some industry experts have disagreed.

Microsoft said today that the CESG is actively encouraging government departments to choose the latest OS over other versions, because of features such as Bitlocker full disk encryption, which has been deemed suitable for use up to Business Impact Level 3 by CESG, meeting the needs of most governmental users.

Jonathan Hoyle, director general of information security and assurance, CESG, explained that a strategic partnership with Microsoft has led to the creation of a Government Assurance Pack (GAP) which details best practice in configuring Windows 7 for government use. This means departments don’t have to wait for Common Criteria Certification to use Windows 7.

“Working with CESG on the security of our products is an ongoing engagement that reaffirms our commitment to UK government as a strategic partner,” added Nicola Hodson, general manager of Microsoft Public Sector UK.

“We are making considerable investments to increase the security of our technology and to provide implementation guides and training based on industry best practices.”

Others disagreed that Windows 7 is safer than its predecessors, however. Trend Micro senior security advisor Rik Ferguson argued that independent research had shown it to be less secure out of the box, “not because of any code level changes, but because of the default configuration choices”.

“In many cases it feels like security was sacrificed on the altar of usability; no file extension hidden warnings, and the user account control (UAC) has been turned down from Vista as well, so some important changes will not trigger a notification,” he told V3.co.uk.

“While I am sure it is a code level improvement on Windows Vista, surely that is something we could take as a given, security is just as much about users as it is about code.”

Garry Sidaway, director of security strategies at security vendor Integralis, was a little more forgiving of the new OS.

"We will have to see if it really is the safest operating system yet, but having security built in and easy to use is a great start," he added.

"As far as we can see, many people still accept and click on things without realising the consequences and this is still part of the problem, although Windows 7 is a good place to start tackling the security issues."