Today at TechEd Europe 2009, one of our Windows 7 enterprise customers, Petter Wersland, Lead Architect at Statoil, participated in a panel discussion with Stephen Elop, President of Microsoft’s Business Division as a part of the keynote presentation. We caught up with Petter Wersland just before this appearance to get more information on their Windows 7 deployment.

Rich Reynolds: Tell me about Statoil and your role at the company.

Petter Wersland: Statoil is an international energy company based in Stavanger, Norway. We operate in 40 countries with 30,000 employees with an additional 10,000 consultants. With roughly 40,000 desktops under management, we have a significant IT team.

I’m the lead advisor within the IT infrastructure area covering the Windows ecosystem and storage solutions. I’ve been at the company since 1991, covering several positions in IT and Windows infrastructure.

We’re moving from Windows XP to Windows 7 and are looking forward to using the new functionality introduced in Windows 7. We’re preparing a rollout that includes a hardware replacement of most of the PCs in the entire company.

Rich Reynolds: How are you driving productivity in the organization? What results are you seeing with Windows 7?

Petter Wersland: We’re expecting productivity gains with Windows 7 and Unified Communication. The efficiencies we expect include enhancing the end users’ ability to collaborate across the organization and across borders. With Windows 7 we’re seeing three really great benefits: enhanced IT security, faster file access for traveling users within the company, and improved remote connectivity from Internet. For security, we’re implementing the Standard User security level and BitLocker for drive encryption. Because of these features, we’ll be able to eliminate the encryption software we currently use and expect to save $330,000 based on our current number of portable computers.

For our increasingly mobile workforce, we’re taking advantage of DirectAccess. With DirectAccess the users will have a seamless access to corporate services whether the users are connected to the corporate network or connected to Internet. We can therefore eliminate VPN for most users. Also the client management tool we use, System Center Configuration Manager, can maintain the PCs with updates and security patching while they are outside the corporate network.

We’re also hearing from employees that Windows 7 just makes their PCs snappier and more responsive– especially for laptop users. Employees who are already on Windows 7 are telling us that it is easier to move between meetings and start and stop laptops.

Rich Reynolds: What advice would you give to IT Pros?

Petter Wersland: I recommend IT professionals educate themselves on the enterprise functionality in Windows 7, Windows Server 2008 R2 and other Microsoft products. Features like DirectAccess, BranchCache, App Locker and other security features are important tools for implementation of Windows and can really benefit your organization.

Rich Reynolds: How do you approach getting approval on new projects? Any lessons learned?

Petter Wersland: In these economic times it is hard to get approval and it takes time for a significant project like this. We have noticed financial restrictions on new projects and in some cases projects have been postponed, but we’re balancing that with investments for the future of our IT infrastructure. For example, the PC replacements we are planning company-wide were originally scheduled for this year, but now we have postponed them to next year. When moving to a new version of the Operating System, you’ll need to plan time for application testing. We have about 1000 applications we support on the Windows Client and all of them needed to go through a formal testing process.

Now that Windows 7 is available, a recent blog by Chester Wisnieski (who works at security vendor Sophos), entitled Windows 7 vulnerable to 8 out of 10 viruses, which has stirred some interest.

Here's a quick summary for those who missed Chester's blog. During a test SophosLabs conducted, they subjected Windows 7 to "10 unique [malware] samples that arrived in the SophosLabs feed." They utilized a clean install of Windows 7, using default settings (including the UAC defaults), but did not install any anti-virus software. The end result was 8 of the 10 malware samples successfully ran and the blog proclaims that "Windows 7 disappointed just like earlier versions of Windows." Chester's final conclusion? "You still need to run anti-virus on Windows 7." Well, we agree: users of any computer, on any platform, should run anti-virus software, including those running Windows 7.

Clearly, the findings of this unofficial test are by no means conclusive, and several members of the press have picked apart the findings, so I don't need to do that. I'm a firm believer that if you run unknown code on your machine, bad things can happen. This test shows just that; however, most people don't knowingly have and run known malware on their system. Malware typically makes it onto a system through other avenues like the browser or email program. So while I absolutely agree that anti-virus software is essential to protecting your PC, there are other defenses as well.

Let me recap some of the Windows 7 security basics. Windows 7 is built upon the security platform of Windows Vista, which included a defense-in-depth approach to help protect customers from malware. This includes features like User Account Control (UAC), Kernel Patch Protection, Windows Service Hardening, Address Space Layout Randomization (ASLR), and Data Execution Prevention (DEP) to name just a few. The result, Windows 7 retains and refines the development processes, including going through the Security Development Lifecycle, and technologies that made Windows Vista the most secure Windows operating system ever released.

Beyond the core security of Windows 7, we have also done a lot of work with Windows 7 to make it harder for malware to reach a user's PCs in the first place. One of my favorite new features is the SmartScreen Filter in Internet Explorer 8. The SmartScreen Filter was built upon the phishing protection in Internet Explorer 7 and (among other new benefits) adds protection from malware. The SmartScreen Filter will notify you when you attempt to download software that is unsafe - which the SophosLabs methodology totally bypassed in doing their test.

So while I'm not a fan of companies sensationalizing findings about Windows 7 in order to sell more of their own software, I nevertheless agree with them that you still need to run anti-virus software on Windows 7.  This is why we've made our Microsoft Security Essentials offering available for free to customers. But it's also equally important to keep all of your software up to date through automatic updates, such as through the Windows Update service. By configuring your computers to download and install updates automatically you will help ensure that you have the highest level of protection against malware and other vulnerabilities.

Volume seven of the Microsoft Security Intelligence Report (SIRv7) - part of Microsoft's  commitment to providing an unparalleled level of security intelligence to help keep individuals and organizations better informed and to maximize security investments - was released today and there are a couple of tidbits in the report that caught my attention that I thought I would pass on. As a reminder, the SIR is published by Microsoft twice per year and looks at the data and trends observed in the first and second halves of each calendar year.

The first thing that struck me while reading through the report is that for the first time, the SIR shares some high-level security best practices from countries that have consistently exhibited low malware infection. For example, Japan, Austria and Germany's infection rates remained relatively low during the first half of this year.

So how do these regions keep their customers and resources safe from cyber threats?  Japan's infection rates remain relatively low is due in large part to collaborations like the Cyber Clean Center. The Cyber Clean Center is a cooperative project between ISPs, major security vendors and Japanese government agencies aimed at educating users on how to keep their PCs infection free. Austria has implemented strict IT enforcement guidelines to lower piracy rates and this, along with strong ISP relationships and fast Internet lines, has helped ensure the ecosystem is kept up to date with security patches. Germany has also leveraged collaboration efforts with its CERT and ISP communities to help identify and raise awareness of botnet infections and, in some cases, quarantine infected computers.

The other thing that stood out to me was the graph below. This graph shows the effectiveness of automatic updating and shows what happened to the trojan downloader family Win32/Renos once Microsoft released a signature update for Windows Defender via Windows Update and Microsoft Update. Within three days, enough computers had received the new signature update to reduce the error reports from 1.2 million per day to less than 100,000 per day worldwide! To me this shows how important it is for users and organizations to utilize automatic updates to help prevent the spread of malware! 

The report also underscores some of the trends that we have seen from previous versions of the report: for example, the infection rate for Windows Vista is significantly lower than that of its predecessor, Windows XP. It also tells me that the higher the service pack levels of an OS, the lower the infection rate. Once again, these items help point out that you need to keep your software up-to-date. With Windows 7 now available it might be a good time to look at upgrading your OS!

Take a look at the full report at http://www.microsoft.com/sir and use the information to help protect yourself, your networks, and your users.