TechRepublic, an IT resource of the publisher ZDNet, has a good summary of the security features of Windows 7 which are especially pertinent to system administrators.

While some features like BitLocker, a drive and volume encryption mechanism, and DirectAccess, a VPN-like remote access implementation, are available in the Enterprise edition only, Windows 7 generally adds more security measures than Vista in a less obtrusive manner. Although operating system security is no substitute for vigilance and user training, it's an important componet and defense against present and emerging threats.

Barbara has blogged here before about the new TechSoup Limited offerings available to nonprofits and libraries on a limited basis. It was just brought to my attention that there are four TS Limited products that organizations and libraries are allowed to re-distribute to their constituents, members, and individual supporters.

Our donor partner, PC Tools has made their Internet Security, Registry Mechanic, Spyware Doctor, and famous Spyware Doctor with Antivirus broadly available to nonprofits and libraries — and now to your members and users as well. 

Each of the three products includes 3 licences that can be installed on 3 different machines (for a total of 9 installations) so not only can your organization use their spyware, antivirus, and registry cleaning tools to keep your computers functioning well, but you can share them with the individuals you serve. According to the restrictions:

Back in March we blogged aobut how URL-shortening services could pose a threat on social networking sites such as Twitter. The Wall Street Journal blog is now reporting that they may be doing something about it.

Although Twitter hasn't officially responded, the blog is reporting that tweets with links to suspicious sites will be deleted, with a message "Oops! Your tweet contained a URL to a known malware site!."

The recent theft of confidential documents from Twitter's Google Docs account points out the dangers of insecure passwords. NTEN's blog discusses the details of the break-in and lessons we should learn from it. The chief lesson: good passwords are key to good security. 

A 2007 NTEN post provided suggestions and resources for creating strong passwords and establishing a password policy.  More recently, Slate.com published an article called Fix Your Terrible, Insecure Passwords in Five Minutes with general password tips and a clever algorithm for developing strong passwords. You can also look at TechSoup's Security Corner for more tips, articles, blog posts, and resources on securing your information. 

Photo: Paul Linton

The front-page headlines read "Hacker steals Twitter's confidential documents," but the real story isn't about Twitter — it's that the stolen documents were stored online, "in the cloud." This could happen to any nonprofit or company storing data this way. As we've seen over and over, it's amazingly easy to guess or steal passwords. And anyone who gets access to the password of an employee with access to those online files gets access to all files shared with that employee. This can happen with internal network passwords as well, but there are differences:

• IT staff can require secure passwords for their own networks and email systems. They can't control the password requirements for web-based email accounts or cloud computing apps.
• IT staff can require employees to change their network passwords regularly. They can't do that for cloud apps.
• IT staff can test the security of passwords on their own networks. Do they do that with their employees' Google Doc passwords?
• IT can disable email and network accounts for former employees. Does anyone think to disable those employees' access to docs in the cloud?
  
  • Read more

Yesterday, Microsoft launched Microsoft Security Essentials Beta, a free set of security tools for validated users of Microsoft XP SP2 or SP3, Vista, or Windows 7 in the US, Israel, China, and Brazil.

In what looks to be the successor to OneCare, it is said to be faster and less resource intensive. Early reviews of the beta have been positive, so if you are comparing different security packages or are a current customer of OneCare, check it out.

Did you attend last week's NTC and missed out on some sessions? I know I wish I could have been cloned.

Even if you didn't attend any of the sessions some of the speaker presentations are available on the NTEN Web site, including the one that Becky and I did, From Basic to Advanced: Trends, Tools and Tales to Ensure Basic Nonprofit Security.

So check it out and catch up on the topics that you may have missed at NTC. Maybe it will help tide you over until next year's NTC in Atlanta, Georgia.

The time has come. The 2009 Nonprofit Technology Conference (NTC) has begun. Sessions have started this morning
Twitterers and bloggers are live-blogging left and right. Some sessions are being broadcast live or presented via webinar through NTEN's site so even if you're not able to attend in person, you can still garner some useful info.

If you're in San Francisco for the event, be sure to stop by TechSoup Global's booth (#2) in the Grand Ballroom and check out the five TechSoup Global-led sessions taking place today and tomorrow (some of our regular TechSoup bloggers will be presenting!) Here are the details:

Sessions Today:

Building and Sustaining Vibrant Online Communities 1:30 p.m. Designed by Susan Tenby
Many organizations are looking beyond social networks to create their own private communities of supporters, advocates, or collaborators. Online community software is easy and plentiful, the process for cultivating real online community remains difficult. What are the characteristics of successful online communities? How do you plan them, market them, and staff them? And once they are set up, what sort of management and communication techniques keep people engaged? In this session, successful, veteran online community managers will report on what it takes to make an online community flourish.

Foundations for IT Decision-Making 1:30 p.m. Designed by Kevin Lo and Chris Peters
If you're the manager or director of a nonprofit organization, and you don’t feel confident about your IT background, what knowledge and skills do you need to make sound decisions? What are the best strategies for learning a new subject when you're in a hurry?

Yesterday at the RSA Security conference exhibitor's hall I came across Kaspersky's latest security package designed only for netbooks.

A few weeks ago I blogged about them as potential low-cost portable machines for the sector. I was dubious about the claims of the security package as I wondered, if they designed an efficient engine that is light enough for a weak netbook processor, shouldn't they use the same technology on the rest of their product line?

Check Point Software Technologies Ltd., makers of the popular ZoneAlarm security software products, is having a one day only special promotion of their Internet Security Suite for only $9.95 from 6 a.m. Pacific time April 14 to 6 a.m. Pacific time April 15. While you may have already used its award-winning free firewall before, this full suite includes antivirus and anti-spyware protection for up to 3 users. Best of all, 50% of the proceeds from the promotion will help TechSoup Global in our efforts to bring technology resources to social benefit organizations around the world. So if you still haven't had up-to-date protection on your PC's, check out this limited time offer, and help us help you!