Windows 7 builds upon the strong security lineage of Windows Vista and retains and builds upon the development processes and technologies that have made Windows Vista the most secure version of the Windows client to date.
Fundamental security features such as Kernel Patch Protection, Service Hardening, Data Execution Prevention, Address Space Layout Randomization, and Mandatory Integrity Levels continue to provide enhanced protection against malware and attacks.
* Windows 7 is built upon the security foundations of Windows Vista while improving auditing and UAC experience.
* Windows 7 helps IT control what software can run in their environment with AppLocker™.
* Windows 7 enhances the core features of BitLocker™ Drive Encryption with the introduction of BitLocker To Go™ for removable storage devices.
Windows 7 provides enhanced audit capabilities to make it easier for an organization to meet its regulatory and business compliance requirements.
Streamlined User Account Control
User Account Control (UAC) was introduced in Windows Vista to help legacy applications run with standard user rights and help ISVs adapt their software to work well with standard user rights. Windows 7 continues the investment in UAC with specific changes to enhance the user experience. These changes include reducing the number of operating system applications and tasks that require administrative privileges and providing a flexible consent prompt behavior for users who continue to run with administrative privileges. As a result, standard users can do even more than ever before and all users will see fewer prompts.
Windows 7 re-energizes application control policies with AppLocker, which is a flexible, easy-to-administer mechanism that allows IT to specify exactly what is allowed to run in the desktop infrastructure and gives users the ability to run applications, installation programs, and scripts that they require to be productive. As a result, IT can enforce application standardization within their organization while providing security, operational, and compliance benefits.
BitLocker and BitLocker To Go
BitLocker Drive Encryption (BitLocker for short) helps prevent a thief who boots another operating system or runs a software hacking tool from breaking Windows 7 file and system protections or performing offline viewing of the files stored on the safeguarded drive. BitLocker To Go extends BitLocker support to removable storage devices, including USB flash drives and portable disk drives.
Read more at Technet.