There's so much to cover here! AppLocker for enterprise control of what can or cannot run. BitLocker to Go (and Enhanced Storage Access) for full volume encryption of removable devices builds on top of tried and tested BitLocker which no laptop or a branch server should be without. Secure DirectAccess architecture on your servers to allow employees access to corporate resources without a traditional VPN (only Microsoft has this ground-breaking technology at the moment). Multiple firewall client profiles. Streamlined UAC for a better user experience and more control. Enhanced Auditing for simplified yet more informative compliance insight into who is doing (or trying to do) in your organisation. We also have a new control panel for Biometrics, HTTP enrolment for PKI certificates, support for PIV smartcards, Managed and Virtual Service Accounts. All of this on top of Kernel Patch Protection, Service Hardening, Data Execution Prevention, Address Space Layout Randomisation, Mandatory Integrity Levels and some other security features previously introduced in Windows Server 2008 (which are not discussed in much detail in this session, as we concentrate on the new features). Because of the speaker's passion for cryptography, this session also summarises the state of this technology as built into Windows 7 and Windows Server R2, such as changes to EFS (now fully supporting Suite-B!), guiding you to make the right and avoid the wrong choices while securing your assets. Because there is just so much to cover, we won't go into too much detail on each feature, but we cover so much we can be sure you will get a full "big picture" of how Windows Server 2008 R2 and Windows 7 provide user-friendly (and that includes administrators) security, making it perhaps the most secure OS platform on the market.