WindowsNetworking.com Monthly Newsletter of December 2011
Sponsored by: ManageEngine
<http://www.manageengine.com/network-monitoring/?utm_source=wown&utm_medium=newsletter&utm_campaign=textlinkOPM&utm_term=dec11>
-----------------------------------------
Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder <http://www.windowsnetworking.com/Deb_Shinder/>, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: dshinder@windowsnetworking.com
1. Smartphones and Tablets on your Network: Resistance is Futile
---------------------------------------------------------
Maybe, up until now, you've been able to bury your head in the sand and ignore this whole "consumerization of IT" thing. You believe personally-owned devices should stay at home where they belong, and stay off your network. After all, not only is it a nightmare to try to manage and support all those different brands and models of smart phones and tablets and employee-owned laptops and netbooks, but it poses an enormous security challenge, too.
Unfortunately, despite the headaches it causes for network admins and the very real risks that come along with allowing workers to connect all manner of devices to the corporate network, current trends are going against you. More and more companies are, if not outright embracing the practice, at least tolerating it. A survey by IDC done last March revealed that 95% of responding information workers said they have used technology they purchased themselves on the job:
http://www.readwriteweb.com/enterprise/2011/03/consumerization-of-it-95-of-in.php
It might not make sense to the control freak admin in you, but it makes perfect sense to the bean counters over in the accounting offices, the efficiency experts, and (most important) the higher-ups who keep their eyes on the bottom line. If employees buy their own devices, the company doesn't have to spend that money to buy devices for them. And there's also a recognition that the new generation of "digital natives" who are entering the workplace are not going to be happy campers if they can't use their iPhones/iPads and Androids and Windows Phones at work.
So companies are relaxing their rules regarding consumer products in the workplace, and that means you have to find a way to safely incorporate them into your network. One of the most interesting tidbits from the aforementioned IDC study is that employers don't seem to know about all the consumer devices that are being used in their workplaces, and 70% of responding employers said they want to provide standardized technologies for their workers. There seems to be a real disconnect, then, between the workers' attitudes toward consumerization and that of the companies.
So the first step is for you to find out just how consumerized your workforce already is. You can't manage and secure devices that you don't even know about. How do you do that? If you continue to ignore the whole issue, or hand down iron-fisted edicts prohibiting all consumer devices, it's likely that employees will still use them – but they won't be telling you about them. That's a recipe for disaster. The IT department needs to accept the inevitable and partner with workers to help them make their consumer devices more secure from malware, attackers and other threats. And you'll help increase worker productivity if you can provide them with mobile apps for getting their work done when they're on the go.
Meanwhile, you should help to educate them regarding the relative security of different types of devices, and how to configure their devices for maximum protection of both your network and their own data on those devices. The IT department should also work with management to develop policies governing the use of consumer devices, and implement a mobile device management platform that will allow you to remotely wipe devices that are lost, enforce strong password protection and apply standard controls across a range of different device types.
Consumerization isn't the "next big thing" – it's already here. Like it or not, it's going to increase the complexity of managing your network and keep it safe. It's a lot to have on your plate at a time when budgets are cut to the bone and most network admins are already shouldering a bigger workload than ever before – but it helps if you can see employees using consumer technology as business resources, rather than just as "problems."
Let us know how consumerization is affecting your IT department, and the steps you're taking to respond to it.
See you next month! - Deb.
By Debra Littlejohn Shinder, MVP
dshinder@windowsnetworking.com
=======================
Quote of the Month - Act as if what you do makes a difference. It does. – William James
=======================
2. ISA Server 2006 Migration Guide - Order Today!
---------------------------------------------------------
Dr. Tom Shinder's best selling books on ISA Server 2000 and 2004 were the "ISA
Firewall Bibles" for thousands of ISA Firewall administrators. Dr. Tom and his
illustrious team of ISA Firewall experts now present to you, ISA Server 2006
Migration Guide
<http://www.amazon.com/exec/obidos/ASIN/1597491993/isaserver1-20/>. This book
leverages the over two years of experience Tom and his team of ISA Firewall
experts have had with ISA 2006, from beta to RTM and all the versions and builds
in between. They've logged literally 1000's of flight hours with ISA 2006 and
they have shared the Good, the Great, the Bad and the Ugly of ISA 2006 with
their no holds barred coverage of Microsoft's state of the art stateful packet
and application layer inspection firewall.
Order your copy of ISA Server 2006 Migration Guide
<http://www.amazon.com/exec/obidos/ASIN/1597491993/isaserver1-20/>. You'll be
glad you did.
3. WindowsNetworking.com Articles of Interest
---------------------------------------------------------
Catch the latest installments in these great multi-part series:
* Managing PCs using Windows Intune (Part 5) – Remotely Assisting Users
http://www.windowsnetworking.com/articles_tutorials/Managing-PCs-using-Windows-Intune-Part5.html
* Introduction to System Center Operations Manager 2012 (Part 3)
http://www.windowsnetworking.com/articles_tutorials/Introduction-System-Center-Operations-Manager-2012-Part3.html
* IPv6 Multicast Background Traffic (Part 6)
http://www.windowsnetworking.com/articles_tutorials/IPv6-multicast-background-traffic-Part6.html
* Strategies for Monitoring Failover Clusters (Part 4)
http://www.windowsnetworking.com/articles_tutorials/Strategies-Monitoring-Failover-Clusters-Part4.html
* A Complete Guide to UAG DirectAccess (Part 4) – Infrastructure Requirements
http://www.windowsnetworking.com/articles_tutorials/archive/502/
And be sure to check out this useful standalone article:
* Controlling Windows 7 logon options
http://www.windowsnetworking.com/articles_tutorials/Controlling-Windows-7-Logon-Options.html
4. Administrator KB Tip of the Month
---------------------------------------------------------
*Using BitLocker to securely store data in the cloud*
BitLocker is an excellent tool for encrypting whole volumes in Windows 7, but today everything seems to be about the cloud. What good can BitLocker do you there? Well, you might be surprised to learn that you can use BitLocker to protect your data when you store it in a cloud storage service such as Windows Live SkyDrive.
This month's handy Admin Tip from Mitch Tulloch tells you how to do just that:
Say you have a laptop running Windows 7 that has a lot of sensitive personal data stored on it, say several hundred megabytes of personal files. The data on the laptop is encrypted using BitLocker, and you want to safely store your personal data in the cloud using Windows Live SkyDrive. Unfortunately, if you simply upload the encrypted data using SkyDrive, it will be stored in the cloud in unencrypted form, which means it could be read by whoever has administrative access to the cloud where SkyDrive data is stored. How can you make sure SkyDrive administrators can't read your personal data?
You could do something the following:
1. Use the Disk Management snap-in of Computer Management to create a virtual hard disk (VHD) of size 1GB.
2. Use Disk Management to initialize the VHD, then create and format a new simple volume enabling file and folder compression on the volume.
3. Open the BitLocker utility from Control Panel and protect the volume using a password.
4. Create a daily or weekly task using Task Scheduler that dismounts the VHD and uploads it to the cloud using SkyDrive.
Note that Skydrive can maintain up to 20 backups of your VHD before your backup job starts discarding the oldest backup.
5. Windows Networking Tip of the Month
---------------------------------------------------------
A while back, I had the opportunity to do some extensive testing and write a review of Netwrix's excellent change auditing software. One of the most impressive parts was the module that monitors changes to Active Directory, since AD is really the heart of a Windows business network environment. What's really cool is that they offer a freeware version so you can track changes to users, groups, OUs, etc. without having to spend a lot of money to do it. Now they have released an updated version with some big improvements. You can find out more about it and download the freeware version here:
http://www.netwrix.com/active_directory_change_reporting_freeware.html
6. Windows Networking Links of the Month
---------------------------------------------------------
* EHA-to-Office 365: Understand your licensing options
http://social.technet.microsoft.com/wiki/contents/articles/6262.aspx
* Active Directory: LDAP Syntax Filters
http://social.technet.microsoft.com/wiki/contents/articles/5392.aspx
* The Cloud on your Terms (Part 28 of 30): Cloud PowerShell
http://blogs.technet.com/b/matthewms/archive/2011/11/28/the-cloud-on-your-terms-part-28-of-30-cloud-powershell.aspx
* "They say they want a resolution" (White paper on how to optimize your Project Schedule)
http://technet.microsoft.com/en-us/library/hh703265.aspx
* Multiple Updates to Windows Azure
http://blogs.msdn.com/b/windowsazure/archive/2011/12/12/improved-developer-experience-interoperability-and-scalability-on-windows-azure.aspx
7. Ask Sgt. Deb
---------------------------------------------------------
QUESTION:
Hi, Deb. I keep hearing about Office 365 and it seems Microsoft is really pushing it these days but why would I want to encourage my company to use something that's going to make my own job obsolete? This whole cloud thing has me worried that my company isn't going to need me anymore. I've read several articles that say the cloud is going to cause IT pros to get laid off. Do you have any encouraging words for me or should I start preparing for a mid-life career change to dogcatcher or something? – Tim T.
ANSWER:
For every article you read about how the cloud is going to destroy the careers of IT pros, there's another detailing the new opportunities that will come with the cloud. Like any disruptive technology, the cloud is sure to bring changes in staffing in some companies. But for those who like to learn new things, the cloud can open up doors to new and better jobs. In regard to Office 365, for example, what it does is let you continue to use all those skills you've already gained in administering your Exchange and SharePoint servers, but without having to deal with the "grunt work" of maintaining and troubleshooting hardware.
But never fear – cloud based services don't really "run themselves." Cloud providers don't read minds and can't know what permissions to assign, how to manage your specific environment, or how to educate your users on how to use the new features. You still deploy and manage Office, SharePoint, Lync, etc. In fact, this excellent article over on the TechNet blogs site addresses this very question, which shows you certainly aren't alone in wondering about these things:
TechGenix Sites
---------------------------------------------------------
MSExchange.org <http://www.msexchange.org/>
WindowSecurity.com <http://www.windowsecurity.com/>
ISAserver.org <http://www.isaserver.org/>
VirtualizationAdmin.com <http://www.virtualizationadmin.com/>
--
Visit the Subscription Management <http://www.techgenix.com/newsletter/>
section to unsubscribe.
WindowsNetworking.com is in no way affiliated with Microsoft Corp.
http://www.techgenix.com/advert/index.htm for sponsorship
information or contact us at advertising@windowsnetworking.com
Copyright c WindowsNetworking.com 2011. All rights reserved.
No comments:
Post a Comment