Computerworld - Microsoft execs are fond of the term "people-centric IT" -- it's their way of saying that workers are using whatever devices they want to, and are using them at home, on the train, in a hotel, on the beach, while skiing.... You get the idea. But IT needs a way to at least make sure this explosion of user choice does not put corporate data at risk.
Four of the features in Windows Server 2012 R2 are meant to bridge the gap between yesterday's world, where users have a corporate-issued laptop and a BlackBerry, and today's new BYOD environment, where users bring their own phones to work, use their personal tablets, work from a variety of locations and generally have a varied approach to how they engage with computer resources.
The new workplace join feature
Up until now, a Microsoft machine -- laptop, desktop, server, tablet or anything else -- was either a member of a domain and therefore able to be managed by the enterprise tools available inside the Windows Server ecosystem, or was a member of a workgroup and thus did not participate in the security profile of another group of computers. Home machines were typically in workgroups and corporate machines were usually members of a domain.
To continue reading, register here to become an Insider
It's FREE to join
Computerworld - Microsoft execs are fond of the term "people-centric IT" -- it's their way of saying that workers are using whatever devices they want to, and are using them at home, on the train, in a hotel, on the beach, while skiing.... You get the idea. But IT needs a way to at least make sure this explosion of user choice does not put corporate data at risk.
Four of the features in Windows Server 2012 R2 are meant to bridge the gap between yesterday's world, where users have a corporate-issued laptop and a BlackBerry, and today's new BYOD environment, where users bring their own phones to work, use their personal tablets, work from a variety of locations and generally have a varied approach to how they engage with computer resources.
The new workplace join feature
Up until now, a Microsoft machine -- laptop, desktop, server, tablet or anything else -- was either a member of a domain and therefore able to be managed by the enterprise tools available inside the Windows Server ecosystem, or was a member of a workgroup and thus did not participate in the security profile of another group of computers. Home machines were typically in workgroups and corporate machines were usually members of a domain.
In Windows 8.1 and Windows Server 2012 R2, however, that line is now blurred by the introduction of workplace join.
Workplace join is essentially a subscription that a device makes within a corporate domain. Administrators on the domain side can select a group of resources like applications, file shares and other pages that can be accessible to devices not owned by the company.
When a device enrolls in workplace join, it inherits some ability for corporate IT to govern what happens to the workplace data on the device. For example, your administrators can choose to wipe the corporate data that resides on a personally owned device when your relationship with that user terminates, without messing with personal data like photos and videos.
How does this work behind the scenes? The workplace join feature leverages Active Directory Federation Services (ADFS); see the section later in this piece for more details.
In Windows Server 2012 R2, ADFS integrates an option called the Device Registration Service that is enabled through PowerShell; some DNS and certificate magic happens here as well. The preview release is a little touchy to get working in that there is a lot of manual setup without much documentation available, and in particular some functions seem not to work. (One assumes the bugs will be worked out before the product is finished.)
On a user's RT 8.1 or plain Windows 8.1 device, the user first accesses Start / Settings / Change PC Settings, and then under Network and Workplace, the user enters his corporate credentials. The device looks for a host enabled for enterprise registration and then completes the process.
Work Folders
Think of the Work Folders feature as enabling a Dropbox or SkyDrive type of function in an organization's private cloud or data center solely for its employees and contractors. Consumer services such as Dropbox or SkyDrive offer storage space for files, pictures, programs, documents and basically anything else a user wants to upload, and these files are synced to whatever devices the user owns.
Users love these cloud storage services because, no matter where they are or what device they're using, their files are with them as long as they have an Internet connection -- and in some cases, they do not even need that if synced files are cached on their devices. But since these services are aimed at ordinary users, they do not include support for IT department control over what gets uploaded, how it is secured, what devices can access it, and so on.
Work Folders enable this "cloudy" storage and sync scenario, but in a more secure way.
ann coulter minecraft Ben Wilson Latest Presidential Polls trump debate presidential debate
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.