Vista is here; Should SMBs care?

There's been a lot of hype about Windows Vista--from both advocates and detractors of the new OS--and many of those who make IT decisions for small and midsize companies are wondering whether they should be planning an upgrade to Vista soon, later or never.

Windows Vista, Microsoft's newest desktop/network client operating system, has been available to businesses for a couple of months now. The official full launch took place on January 30th. There’s been a lot of hype--from both advocates and detractors of the new OS--and many of those who make IT decisions for small and midsize companies are wondering whether they should be planning an upgrade to Vista soon, later or never.

In this article, we’ll take a look at some of the reasons an SMB might benefit from going to Vista, the costs and drawbacks of doing so, and some factors you should consider in planning a Vista deployment.

Just another pretty interface?

Much is being made in the tech press about Vista’s new user interface, Aero Glass. It features transparent window borders, impressive animations and other visual enhancements often described as "eye candy."  Glass won’t run on all computers; it requires a compatible video card and more system memory.

Glass adds a lot of "cool factor" to the user experience, but its benefits for business use are questionable, and it’s certainly not a compelling reason for most companies to upgrade.

On the other hand, contrary to some media commentary, the Glass interface is also not a reason not to upgrade to Vista. Although it’s true that the new interface uses more system resources, there’s no requirement to run it; you can easily turn it off and go back to a classic Windows interface without all the visual effects with just a few clicks of the mouse. And the Basic, non-glass interface runs on older or lower-end systems that can’t support Glass.

Click here for more info on the Basic and Aero Glass interfaces.

What about security?

I’ve seen a number of articles in the tech press downplaying Vista’s security improvements. No, upgrading to Vista won’t make your systems invulnerable to attack. But few serious technical experts dispute that Vista is the most secure version of Windows. It’s also true that XP, with the latest service pack and security updates, is also a pretty secure OS, but Vista has some definite advantages, such as:

User Account Control

UAC has emerged as one of Vista’s most controversial features because of its "in your face" method of operation. But by running most tasks with standard user privileges even when you’re logged onto an administrative account, and prompting for permission before doing anything that requires admin privileges, it goes a long way toward preventing many exploits that rely on elevation of privileges. For more info on UAC, see my article titled Working with (and around) Windows Vista User Account Control.

Internet Explorer 7 Protected Mode

IE 7 contains several security enhancements, including an anti-phishing filter, ActiveX opt-in and URL display protections, that are included in the version of IE 7 that you can install on Windows XP.  However, IE 7’s Protected Mode is only available when you run IE 7 on Vista. It works in conjunction with UAC to protect against elevation of privilege attacks through the browser. When running in Protected Mode, IE 7 can’t make changes to any user or system files without your consent. The only location to which web applications can write is a temporary folder. Click here for more information about IE 7 security in Vista,

BitLocker Drive Encryption

As the workforce becomes more mobile, businesses grow more concerned with the safety of data, especially on portable computers that can be easily stolen or lost. BitLocker (which only comes in the Enterprise and Ultimate editions of Vista) can protect against an unauthorized user booting into another operating system off a removable disk to access data files on the Vista computer. For more information about BitLocker, see

Networking made easier

Network connectivity is easy in Vista--almost too easy. Unlike with Windows 2000 and XP, in most cases when you install Vista on a networked computer, you find that you immediately have access to your network resources without having to do a lot of configuration.

The new Network and Sharing Center gives you a visual representation of the network, which can be useful in determining whether networking is configured properly. And there's a handy Network Diagnostics and Troubleshooting feature to help you identify any networking problems and correct them. For more information about this tool, see

Vista also contains a new peer-to-peer networking feature called People Near Me (PNM), which makes it easy for applications to discover other Vista users connected to the same subnet. For example, it can be used by the new built-in program called Windows Meeting Space to allow your employees to hold virtual meetings, give presentations, do demonstrations and share handouts. For more information about People Near Me, see

For more information about Windows Meeting Space, see

In search of better productivity

In the business environment, being able to find information quickly and accurately can mean the difference between being profitable and not. Vista’s vastly improved search capabilities make it much easier for users to find documents on their hard disks, email messages, programs they want to use, and more.

The Instant Search field in the Start menu is multi-functional. You can use it to find data files instead of navigating through levels of Windows Explorer or you can type in the name of a application instead of clicking through menus. It also serves as a Run box; just type the path of an executable into the field to open the program.

An instant search box is also incorporated into Windows Explorer and Control Panel, as well as some Microsoft applications such as Windows Media Player, Windows Photo Gallery and IE 7.

For more information about Vista’s Instant Search, see

But is it worth it?

These and other new features in Vista will prove useful to many businesses, but are they worth the cost of upgrading? The price of the new OS varies depending on the edition, but the upgrade versions suitable for businesses range from $199 for Business Edition to $249 for Ultimate Edition.

If you were considering upgrading to Vista, you may have been deterred by articles such as James Gaskin’s The Vista Budget Vacuum that claims upgrading will cost you $3250 to $5000 per user.

Those figures seem daunting, but they’re based on the presumption that upgrading to Vista will require all new PCs for every user. In fact, many newer existing computers will run Vista, Aero Glass and all. My Dell, a little over a year old, had no problem with it. But even more importantly, as discussed above, most businesses don’t really need the Glass interface. Many more existing systems can run Vista without Glass. Gaskin’s article also presumes you’re buying the "professional packages" and having them tested and installed. That may be standard operating procedure for enterprises, but not necessarily for small and midsize businesses. He’s also figuring in the cost of new back-end servers to support sophisticated collaboration features, but your business may not need those. The Vista operating system and Office 2007 work fine in our small company with Windows 2000 and 2003 servers and Exchange 2000.

On the other hand, you shouldn’t overlook the hidden costs of any software upgrade. There’s likely to be extra costs for user training and/or lost productivity while users get up to speed, administrative overhead and possibly network downtime.

A planned deployment

Your best bet may be to wait a while before upgrading. Despite extensive beta testing, there are bound to be a number of bugs in any new OS, and a lot of fixes that will appear in the coming months. Rumor has it that Microsoft is already preparing to release Service Pack 1 for Vista before the end of this year, and many organizations will be waiting for the service pack before they upgrade.

Meanwhile, your IT personnel (even if that’s just you) can set up one or more Vista test machines and get familiar with it before you have to start supporting users. And there’s no rule that says you have to upgrade the entire office at once; Vista and XP get along well on the network. Your plan might include upgrading a few power users first, and bringing the rest along later.


Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 add...


unless they are so stupid as to beleive that running software that violates privacy protection laws is a good thing. [ all MS products violate privacy protection laws, they ALL use activex, the 100% non secure web enabled core of os exploit vector ]


What are you talking about? The EULAs? Microsoft has stated repeatedly that their EULAs do not violate privacy laws because they do not collect any personal information. And in case you don't know, you can disable activex or restrict it to only trusted sites. Just takes some basic administration that any competent IT should be able to do. You're really stretching.


and watch windows crash. it is a core part of the os, and web aware, therefore it is a critical security risk and a gaping hole. because of that, Windows is a violation of privacy protection laws around the world. then look at the stupidity of the RPC going online, to get CODE THAT IS ON THE HOST SYTEM. it should default to the loopback interface, not to the internet. [ though MS seems to think loopback is the "NOT TO BE USED" ip number instead of the true ip of ] disable it completely, activex is a critical security risk, usually with at least two exploits active, then delete all activex code from the system crash, dead windows computer.

Tony Hopkinson
Tony Hopkinson

If you agree to the EULA you have no privacy. Whether MS choose to exercise the right you gave them to collect whatever they want off their software (you are leasing it) is immaterial. The EULA is so MS can't be prosecuted under privacy law, because you just agreed that nothing on your windows PC is private from them. So how do I identify trusted sites then, what I am I trusting them with, who are they, how can I guarantee that they are still trustworthy, who is saying they are trustworthy, are they the entity I think I'm trusting? No security system based on trust is secure. Having a mechanism that merely marks someone as trust or untrustworthy is not security, it's a bad joke. How about Sony, trustworthy or not?


had that popup that stated that No information of any kind was being transferred to MS? I was using 95 & 98, and NT4 at that time. If that was true, how did Win update know what needed to be installed??? MS does not always tell the truth! But, for the question about businesses deploying Vista. NO! -- not for at least 6 months or until the release of a service pack and more HW/SW vendors to have updates/new versions Vista capable. I foresee that before the end of the year, that many small, med, and large businesses will have started deployment of Vista. I do not think that many of these deployments will be finished until 2-3 years afterwards (med and large businesses).


What? If you believe that you just gave away the key to your house to a stranger, and believe he won't use it, after he told he would.... I've got some bridges to see you. -d


I have seen the glitz of the new presentation manager offered by vista. Yawn... And networking is much easier (humm just like a MAC). Nothing new here. Will this be Microsofts last gasp before Linux and OpenSource takes over the market. We have outgrown the MS hype and as consumers, we are not buying it any more.


During the Microsoft Vista Launch, I looked for the functions that would make a CEO say "buy it." There was something that I predict will sell the product more than any other feature. But it's not ready yet. If your shop runs the new Longhorn server and uses Office 2007 and Vista, than you can control email. Well that's the promise, anyway. Users can read but not print or forward. Server-side rules for email processing offer better snooping and archiving controls. I predict that the legal departments will fall in love with the promise of controlling email. They will tell the CEO to buy this for Sarbanes-Oxley, damage-control, lawyer-snooping, CYA, etc. Just don't tell the lawyers about screen-printing. :-)


All i've heard for the past ten years is: "Microsoft's dead! Windows suxx0rz! Mac and open source are taking over d00dz!!1!" Are they, now? Really? Not to say that i'd LOVE to see Linux become more available to home users, but you still have major obstacles as far as application and hardware compatibility, usability, and adoption. As far as Mac goes, talk to me when Macs have more than 15% market share. In other words, talk to me when Steve finally licenses the OS to third-party installation. In other other words, never. As long as Apple requires you to buy Apple hardware to run MacOS, mac users will always be the five guys sitting in the corner of the cafeteria who thinks they're cooler than everyone else, but won't socialize because they're above everybody. Mac will NEVER get major market share until they let go of their grip on the hardware. Steve'll have to die first. So go ahead and trash Vista, but it's a great improvement over XP and it's not going anywhere. Take my word on it.