With the recent release of Windows Server 2012, Microsoft’s newest server operating system, many businesses have been considering whether or not the upgrade is right for them. Microsoft has listed over 300 improvements over Windows Server 2008 R2, and the security improvements are significant.
Early Launch Anti-Malware
Windows 8 and Windows Server 2012 both use a feature called Early Launch Anti-Malware (ELAM), which will allow only digitally-signed known good drivers to load on boot. Any known bad drivers will not be initialized.
While Windows Server 2008 R2 included DNSSEC functionality, it didn’t play very nice with non-Windows environments. The DNSSEC in Windows Server 2012 is now fully interoperable, with an easy-to-use GUI.
Windows 8 and Windows Server 2012 replace the BIOS with a new boot standard called Unified Extensible Firmware Interface (UEFI), which allows Microsoft to prevent boot code from running unless it’s digitally signed. This security can then extend directly into the Windows boot process–dubbed Secure Boot by Microsoft. This makes it significantly more difficult for malicious code to run at boot time.
Improved BitLocker Encryption
In the past, BitLocker implementation on a server meant the IT administrators needed to physically enter a password on each boot, making remote administration of encrypted systems a chore. The new version of BitLocker adds a network protector mode, which will unlock an encrypted drive if it’s connected to an authorized Active Directory domain. BitLocker also adds support for hardware-encrypted drives.
Is your small business considering the switch to the more secure Windows Server 2012? Minneapolis-based OAC Technology can help. For over 10 years, we’ve been helping businesses with Server Support, ensuring that their systems are up-to-date and secure. Give us a call at 952-548-5558 and we would be happy to sit down with you for no charge and assess your business’s needs.