Six Myths of Windows RT Revealed!

Similar documents
Windows ierīces Enterprise infrastruktūrā. Aris Dzērvāns Microsoft

Phil Schwan Technical

Windows 8 Deployment Best Practices and Lessons Learned. Martin Weber Technology Solution Professional Microsoft Switzerland GmbH

Google Identity Services for work

Microsoft 365 Business FAQs

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

BYOD Success Kit. Table of Contents. Current state of BYOD in enterprise Checklist for BYOD Success Helpful Pilot Tips

Windows 10 Management Technologies: What s New. Michael Niehaus Senior Product Marketing Manager, Windows Microsoft

MD-101: Modern Desktop Administrator Part 2

Managing and Maintaining Windows 8

12/5/2013. work-life blur. more mobile. digital generation. multiple devices. tech. fast savvy

NotifyMDM Device Application User Guide Installation and Configuration for Android

Securing Office 365 with MobileIron

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

70-697: Configuring Windows Devices Course 7 Managing Apps

MCSA Windows 10. A Success Guide to Prepare- Microsoft Configuring Windows Devices. edusum.com

Microsoft licensing for the Consumerization of IT

Windows in the enterprise

Managing and Maintaining Windows 8

Microsoft IT deploys Work Folders as an enterprise client data management solution

Exam Name: Microsoft Managing and Maintaining Windows 8

Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge

PCI DSS Compliance. White Paper Parallels Remote Application Server

PLATFORM CONVERGENCE JOURNEY

ipad in Business Security Overview

VMware Horizon Client for Windows 10 UWP User Guide. Modified on 21 SEP 2017 VMware Horizon Client for Windows 10 UWP 4.6

benefits for customers with subscriptions in CSP

Going Mobile with Windows

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

VMware Enterprise Desktop Solutions. Tommy Walker Enterprise Desktop Specialist Engineer Desktop Platform Solutions

Deploying VMware Workspace ONE Intelligent Hub. October 2018 VMware Workspace ONE

Windows 8/RT Features Matrix

Colligo Briefcase. for Good Technology. Administrator Guide

CONFIGURING BASIC MACOS MANAGEMENT: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Service Description VMware Workspace ONE

Augmenting security and management of. Office 365 with Citrix XenMobile

PMS 138 C Moto Black spine width spine width 100% 100%

Sophos Mobile Control SaaS startup guide. Product version: 7

Accessing CharityMaster data from another location

Managing Windows 8.1 Devices with XenMobile

Sophos Mobile Control startup guide. Product version: 7

Configuring Windows 10 Devices (697)

2015 Mobiliya. All Rights Reserved Page 2

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

Windows 8 and Windows RT

Sophos Mobile Control SaaS startup guide. Product version: 6.1

Paperspace. Deployment Guide. Cloud VDI. 20 Jay St. Suite 312 Brooklyn, NY Technical Whitepaper

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On- Premises Tools

Google on BeyondCorp: Empowering employees with security for the cloud era

2013 InterWorks, Page 1

Planning for and Managing Devices in the Enterprise: Enterprise Management Suite (EMS) & On-Premises Tools

Windows 10. Tech Note. Open the Window to Endless Possibilities. Windows for the Enterprise. Universal App Experience

SECURE, CENTRALIZED, SIMPLE

preview.windows.com preview.windows.com

ForeScout Extended Module for VMware AirWatch MDM

Securing Today s Mobile Workforce

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

Six steps to control the uncontrollable

Using Mobile Computers Lesson 12

Yubico with Centrify for Mac - Deployment Guide

Office 365: Modern Workplace

Microsoft Upgrading Your Skills to MCSA Windows 8

Windows 10 edition. Find out which. is right for you. Core features. Familar, and better than ever Home Pro Enterprise Education Mobile.

Mobility has changed the way we live and work

Windows 10 Basics For Windows 7 and 8 users

EBOOK. Mobile Experience Virtualization: Extend Virtualized Windows Apps to Mobile

WebSphere Puts Business In Motion. Put People In Motion With Mobile Apps

Planning for and Managing Devices in the Enterprise: Enterprise Mobility Suite (EMS) & On-Premises Tools

Cloud Computing. An introduction using MS Office 365, Google, Amazon, & Dropbox.

Mobility Windows 10 Bootcamp

Use EMS to protect your mobile data and mobile app

BYOD: BRING YOUR OWN DEVICE.

Table of Contents. Installation and Software 1

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Android Enterprise Device Management with ZENworks 2017 Update 2

Exam Questions

Comodo IT and Security Manager Software Version 6.9

Managing Devices and Corporate Data on ios

SecureDoc: Making BitLocker simple, smart and secure for you. Your guide to encryption success

The information contained in this document represents the current view of Microsoft Corp. on the issues discussed as of the date of publication.

Upgrading Your Skills to MCSA Windows 8 by Hikmat Nomat with 111 q

1

exam.21q Mobility and Devices Fundamentals

Quo vadis? System Center Configuration Manager Full managed desktop. Mobile device management Light managed device policies, inventory,

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

NotifyMDM Device Application User Guide Installation and Configuration for ios with TouchDown

Professional Development

Table of Contents. Page 1 of 6 (Last updated 27 April 2017)

Flyer 1. Meet evolving enterprise mobility challenges with Samsung KNOX

EXAM Upgrading Your Windows XP Skills to MCSA Windows 8.1. Buy Full Product.

Comodo IT and Security Manager Software Version 6.4

VMware AirWatch Symbian Platform Guide Deploying and managing Symbian devices

Introducing Windows 8 7

Comodo IT and Security Manager Software Version 6.6

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

VMware AirWatch Integration with Apple School Manager Integrate with Apple's School Manager to automatically enroll devices and manage classes

Windows 10 Pro device opportunity

GSE/Belux Enterprise Systems Security Meeting

Transcription:

Si Myths of Windows RT Revealed!

Si Myths of Windows RT Revealed! There has been a lot of (mis)information being circulated about capabilities of Windows RT, the new Microsoft tablet operating system for tablets. This article should dispel a number of those myths and will highlight the robust capabilities of this new and eciting operating system powering the net generation of Dell Tablets. Myth # 1 Windows RT is not manageable Although Windows RT is not as openly manageable as a Windows 8 Pro or Windows 8 Enterprise enabled PC, IT Administrators will still be able to remotely manage many aspects of a Windows RT device. SCCM and InTune Microsoft System Center Configuration Manager (SCCM) and Microsoft s SaaS product, InTune, are widely adopted systems management solutions. Utilizing Echange Active Sync etensions, Windows RT will have built in hooks so that it is manageable by SCCM and InTune. For eample using Echange Server, SCCM and, InTune, the IT admin is able to configure a set of policies including: Allow Convenience Logon Maimum Failed Password Attempts Maimum Inactivity Time Lock Minimum Device Password Comple Characters Minimum Password Length Password Enabled Password Epiration Password History It also has the ability to query and report back: Drive Encryption Status Auto Update Status Antivirus Status AntiSpyWare Status This is just a start and in the future, there are many opportunities for Microsoft to open up additional management capabilities beyond these critical ones listed. As Windows RT becomes more mature, we epect Microsoft to continue epanding the list. Page 1 of 10

Myth #2 Windows RT is not secure Out of the bo, Windows RT is loaded with a number of built in security features that will appeal to a broad set of customers with varying levels of security enforcement policies. Secure Boot Secure Boot effectively locks down Windows RT devices by preventing it from loading (or booting for that matter) non-windows operating systems. This effectively stops users from loading rogue or pirated copies of OS onto Windows RT devices. This maintains the integrity of the operating system so that it can always be trusted. This same system also helps enforce that all applications be digitally signed using a trusted certificate before being installed into the device. It ensures authenticity (knowing where the app came from) and integrity (verifying the app hasn't been tampered with since its publication) of each application on a Windows RT device, preventing unauthorized applications to be installed. Windows Defender Although the Secure Boot system will prevent the majority of unauthorized applications from being installed, the net line of defense will be built-in Windows Defender, protecting the system against spyware and unwanted software. Windows Defender will continuously monitor and help remove malicious and potentially unwanted programs from the device. Full Device Encryption Protecting data on the system is important for a number of reasons, and encrypting the data on the end point is the most widely accepted method of securing private information. Windows RT comes preinstalled with full volume data encryption, which is based on their own Bitlocker technology (although will not be branded Bitlocker by Microsoft). This ensures that any sensitive data on the system will be inaccessible in the event the device is lost or stolen. The recovery key is stored on the users Skydrive account for easy access if needed. Remote Wipe of Company Sensitive Data In the event that a Windows RT device is lost or stolen, the user or IT Administrator with the proper credentials has the ability to remotely wipe EAS managed data (like email, contacts, and calendar events) on the device, even though the data is encrypted (just to be safe!). If the applications were installed through the Enterprise Application Store, IT Admins will also be able to disable access to these LoB apps (see Myth #5 below). Multi-Factor Authentication Windows RT supports many forms of secure login, including picture password, typed password, biometric (fingerprint) and smartcards (PIV, GIDS) utilizing firmware TPM (depending on the hardware configuration). Through the InTune management console, IT Page 2 of 10

Admins can also force policies such as strong password, password epiration, inactivity time lock, etc. Separate user profiles are also supported which isolates and protects user s data from being accessed by other users logged into the device at the same time. Note: although separate local user profiles are possible, only one Enterprise Application Store credential is supported (i.e. authentication via AD). Firmware Trusted Platform Module (ftpm) Trusted Platform Modules are where devices to securely store cryptographic keys, such as password and login credentials (typed and smartcard based) and encryption keys. Windows RT support a firmware based TPM so that user s passwords and credentials remain secure and protected. Myth #3 Setting up Windows RT to work in an enterprise environment is difficult Windows RT comes with a number of built in, out of the bo tools that allow the device to easily connect the user to their enterprise environment and download LoB applications. So even though Windows RT does not directly support features like Domain Join, it is eceptionally enterprise ready. VPN Virtual Private Networking (VPN) creates a secure, reliable tunnel directly through a company s firewall that allows users to access corporate data and email. Windows RT has a built in VPN that is compliant with the majority of advanced VPN systems in the marketplace today: Inbo VPN client included for Microsoft, Cisco, CheckPoint, and Juniper servers VPN protocols supported: L2TP, PPTP, SSTP, Ipsec (IKEv2) Multiple ways of configuration (client UX, scripts, or management infrastructure) Encryption protocols: WEP, WPA, WPA2, WPA-Enterprise, WPA2-Enterprise, 802.1X Certificate based authentication Using the built in management agent, Windows RT allows automatically configuration of VPN profiles for the user, so that Windows RT devices easily connect to a corporate network requiring little user action. Page 3 of 10

VDI Support For companies utilizing Virtual Desktop Infrastructure (VDI), Windows RT allows the user to connect directly to their full Windows Desktop and access legacy applications using the built in VDI receiver application. This allows for: Full VDI eperience Rich eperience everywhere (RemoteFX, USB redirection, Multi-touch remoting) Best value for VDI (Fairshare) Efficient management So even though legacy native apps written purely in native WIN32 code cannot eecute directly on Windows RT devices, these apps may still be accessible to the user through a connected VDI session. Plus, all the advantages of VDI such as session mobility, security, IT image management, etc. will be available to the Windows RT user through the built in VDI receiver. Myth #4 It s difficult to install Line of Business (LoB) apps on Windows RT Enterprise customers have many options available to distribute line of business applications to their employees (or students). One way is through the Windows Store or through the Dell Shop (store within a store) application. Although this method is a convenient way to discover and download most popular off the shelf apps, it does requires the user to log on using their personal Microsoft Live ID, which may not be appropriate for companies or school systems that have developed or negotiated separate volume license agreements for their LoB applications. Enterprise Application Store So by using the built in Windows RT Management Agent and Enterprise Application Store, a curated set of company approved LoB apps can be easily discovered, downloaded and installed directly to the device. Microsoft allows the user to browse and discover these types of LoB apps that have been made available to them by the IT admin: Internally-developed WinRT apps that are not published in the Windows Store Apps produced by independent software vendors that are licensed to the organization for internal distribution Web links that launch websites and web-based apps directly in the browser Links to app listings in the Windows Store. This is a convenient way for IT to make users aware of useful business apps that are publicly available. Discovering and downloading LoB applications on Windows RT devices is quite simple. The Windows RT Management Agent and Enterprise Application Store allows the user to simply enter their corporate email address and password and the device will automatically present a set of LoB available for the user to download and install. Page 4 of 10

This same system also allows the IT Administrator to populate, manage, and audit which applications are available to each user. This is accomplished by simply adding the user s credentials to the Active Directory (AD) service in the SCCM or InTune console. By specifying which AD domain a particular user is a member of, IT Admins can offer different applications to different sets of users. For eample, they can offer epense management, contact management, and sales tracking applications to their road warriors and offer quality control, inventory management, and logistics applications to team members on the factory floor. Page 5 of 10

The Windows RT Management Agent also performs daily maintenance tasks updates downloaded applications and checks for new apps available to the user. It will also report back which apps are installed on which machine for inventory and software license audits. The result is a system in which enterprise customers can populate a set of curated LoB applications they want their users to discover, download, and use. Refer to the following blog for more information about managing LoB apps using the Enterprise Application Store. Ref: Managing "BYO" PCs in the enterprise (including WOA) http://blogs.msdn.com/b/b8/archive/2012/04/19/managing-quot-byo-quot-pcs-in-the-enterprise-including-woa.asp Myth #5 Windows RT is not good for BYOD users The consumerization of IT trend in the marketplace is driving companies to adopt Bring Your Own Device (BYOD) policies. These companies in turn have been trending away from wholly managing devices to more monitoring and maintaining access controls to their applications and services, while leaving the user s personal applications and private data alone. Windows RT is a perfect complement to the Bring Your Own Device (BYOD) trend in the marketplace today, primarily because it has the consumer features end users desire and the enterprise enablers corporate customers require. Its main focus is on security, manageability, productivity, and application access, when and where appropriate to the company or user. If the company or end user (if in a BYOD environment) chooses to disconnect from the control and compliance of the enterprise, the IT Admin simply initiates a disconnection and the device which will: Remove the activation key that allowed the agent to install LoB apps. Once removed, any WinRT apps that were installed via the SSP and management client are deactivated. Remove any certificates that the agent has provisioned. Cease enforcement of the settings policies that the management infrastructure has applied. Report successful deactivation to the management infrastructure if the admin initiated the process. Remove the agent configuration, including the scheduled maintenance task. Once completed, the agent remains dormant unless the user reconnects it to the management infrastructure. This process will not touch the personally loaded applications the user purchased or downloaded through the Marketplace, but will effectively remove all corporate assets off of the employee owned device. Ref: Managing "BYO" PCs in the enterprise (including WOA) http://blogs.msdn.com/b/b8/archive/2012/04/19/managing-quot-byo-quot-pcs-in-the-enterprise-including-woa.asp Page 6 of 10

Myth #6: Windows RT is not like having a full Windows OS The new Windows RT is a purpose built operating system designed specifically to be used on ARM based mobile and tablet devices. Its design intent was to leverage many of the advantages of that Windows 8 brings, but optimized for an ARM based processor. The WinRT Interface (formally known as the Metro UI) The new WinRT interface is the largest technology shift in the PC industry since Microsoft move away from DOS. But most legacy 86 software has a UI designed for keyboard and mouse interaction and therefore, customers would have to redesign the software for optimal finger touch eperience to be used on a tablet. WinRT apps are by default designed specifically for finger touch using the new WinRT interface. This new interface allows developers to design lightweight apps that are optimized to run connected or cloud based apps written in HTML5 instead of heavy C++ native applications. And since Windows RT can ONLY run WinRT apps, any application that is written for a Windows RT device can be easily ported to run on a full Windows 8 PC or in cases, eecute on either with no changes required. VDI As eplained earlier, there is yet another alternative to running 86 software on the tablet itself! When intermittent access to legacy 86 software is required on a tablet, consider VDI AND a Dell keyboard dock that comes with a touchpad. Windows 8 Feature Comparison Below is a line by line comparison of Windows RT versus the other versions of Windows 8. As you can see, Windows RT stacks up pretty well against its brethren: Feature name Windows 8 Windows 8 Pro Windows RT Upgrades from Windows 7 Starter, Home Basic, Home Premium Upgrades from Windows 7 Professional, Ultimate Start screen, Semantic Zoom, Live Tiles Windows Store Apps (Mail, Calendar, People, Messaging, Photos, SkyDrive, Reader, Music, Video) Microsoft Office (Word, Ecel, PowerPoint, OneNote) Internet Eplorer 10 Device encryption Page 7 of 10

Connected standby Microsoft account Desktop Installation of 86/64 and desktop software Updated Windows Eplorer Windows Defender SmartScreen Windows Update Enhanced Task Manager Switch languages on the fly (Language Packs) Better multiple monitor support Storage Spaces Windows Media Player Echange ActiveSync File history ISO / VHD mount Mobile broadband features Picture password Play To Remote Desktop (client) Reset and refresh your PC Snap Touch and Thumb keyboard Trusted boot VPN client BitLocker and BitLocker To Go Boot from VHD Client Hyper-V Domain Join Encrypting File System Group Policy Remote Desktop (host) Page 8 of 10

Ref: Announcing the Windows 8 Editions http://windowsteamblog.com/windows/b/bloggingwindows/archive/2012/04/16/announcing-the-windows-8-editions.asp Summary In summary, the new Windows RT operating system powering Dell Tablets will allow users to work smarter by allowing easy, secure access to company applications & services while enabling rich content creation & consumption with built in Microsoft Office Suite - even in a BYOD environment. Key security features include built in secure boot, encryption, multi-factor authentication, and the industry acclaimed built in anti-spyware application, Windows Defender. Windows RT is manageable by the widely adopted Microsoft SCCM and for those companies who opt for a full SaaS systems management solution, Microsoft InTune. It is proven to be enterprise ready with out of the bo support for VPN, VDI and a system to discover, download, and install a curated set of Line of Business (LoB) applications. It is easy to use, thanks to the new WinRT touch optimized UI and its built in features compare well to the full version of Windows 8. Page 9 of 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback