There's BitLocker that lets administrators encrypt and set policies for removable drives, like USBs.
"This is a new feature for mobile devices, that combined with Group Policy is worthy of noting for IT'," said Rob Helm, an analyst with Directions on Microsoft, an independent consulting firm in Kirkland, Wash.
Then there's AppLocker, a tool in Windows 7 that lets IT administrators choose which applications can be used by which users and on which machines.
"[AppLocker] is based on policies set by IT to decide which apps are allowed and it goes down to a granular level to say, Adobe is allowed, but only Adobe 8, for example," said Ward Ralston, group product manager, Windows Server division.
Another feature for IT administrators is Direct Access. It gives Windows 7 clients access to corporate networks without a VPN connection. The experience is similar to going from Outlook to Exchange, Ralston said. "It doesn't matter if you're at home or not, the security is as if you are on the corporate network."
This feature along with others in Windows 7 allows IT to track users.
"Being able to detect where users are and what they're using will make it a lot easier for IT to support remote users," said Chris Coneybeer, a lead developer with Micro Electronics Inc. out of Seekonk, Mass.
Microsoft has also made it clear that it is not making any major changes to the kernel, which translates to fewer compatibility issues as was experienced with Vista. "Hardware manufacturers should be caught up by the time Windows 7 ships," Helm said.
Other notable Windows 7 features include Branch Cache, which gives users only the information they need from the local server. A WAN connection is only established if the information has yet to be requested by another user at the branch office.
Windows 7 will also allow for native virtual hard disk support. The client operating system is due to ship in either late 2009 or early 2010.