Archive

Archive for the ‘BYOD’ Category

I want you to go read the In the Cloud Blog

I am channeling my early days living and breathing as a U.S. Army Officer.  I can’t be any more clear about what I am asking you to do. So, here is your mission:

Subscribe to this this nine-part Blog Series called:          What’s New in Windows Server & System Center 2012 R2.

In all seriousness… This 9 post blog series has had many eye balls from pretty much every organization across the company. It is a culmination of all the content that we discussed at events like TechEd in New Orleans and Madrid.  The intent is to boil down the core scenarios or pillars for our Windows Server and System Center 2012 R2 release into Four Distinct Groups of articles that if you read them all, you would actually be able to light up each one of these scenarios….

I’m not kidding.

Today, we published the second blog post in the series called, What’s New in 2012 R2:  Making Device Users Productive and Protecting Corporate Information.  This is part 1 of 2 where we talk about lighting up Bring your own device, (BYOD) or what we call People Centric IT (PCIT).

This series of posts feature Brad Anderson our VP for Windows Server and System Center along with his leadership team and also the engineering teams that are still hard at work on releasing R2. There is a section at the bottom of every post called NEXT STEPS to all the underlying engineering blogs that light up the scenario.

I really hope you all take the time to go read these posts. We based this plan on tons of feedback that you wanted more integrated content from our Product Teams.

Thanks and I hope you find these posts useful and if you don’t please let me know what you think we should be doing differently,

Kevin Beares
Senior Community Lead – Windows Server and System Center

Bring Your Own Device (BYOD) – New Windows Server 2012 R2 Device Access and Information Protection

As you will have seen at Microsoft TechEd North America and Europe, we have just delivered the Preview Release of Windows Server 2012 R2 with a stunning amount of new capability that is Cloud First.

My name is Adam Hall and I look after one of the solution areas within People-centric IT that we call “Access & Information Protection”. In this post I will provide more information about what this actually is and the focus areas we have around Bring Your Own Device (BYOD) and the Consumerization of IT.

People-centric IT is about helping organizations empower their users to work on the devices they choose without compromising their information integrity or compliance. The challenge this presents to customers is that as soon as their user works on a device that they do not manage or even have any knowledge of, it becomes very difficult to retain control of sensitive corporate information, and to be able to respond to situations such as the device being sold, lost or stolen.

With our Access & Information Protection solutions, we deliver capabilities that help our customers solve this very challenging problem in the following ways:

Simple registration and enrollment for users adopting Bring Your Own Device programs (BYOD).

Users can register their device using Workplace Join which creates a new device object in Active Directory and installs a certificate on the device, allowing IT to take into account the users device authentication as part of conditional access policies. Users can also opt-in to the Windows Intune management service for consistent access to applications (including internal LOB apps and links to public app stores), management of their own devices and to gain access to their data.

Users can work from the device of their choice to access corporate resources regardless of location.

New in Windows Server 2012 R2 are the Web Application Proxy and Work Folders. The Web Application Proxy provides the ability to publish access to internal resources and perform Multi-Factor Authentication at the edge. Work Folders is a new file sync solution that allows users to sync their files from a corporate file server to all their devices both internally and externally.

 

IT can better protect corporate information and mitigate risk by being able to manage a single identity for each user across both on-premises and cloud-based applications.

As users blend their work and personal lives, and organizations adopt a mixture of traditional on-premises and cloud based solutions, IT needs a way to consistently manage the user’s identity and provide users with a single sign-on to all their resources.  Microsoft helps our customers by providing users with a common identity across on-premises or cloud-based services leveraging existing Windows Server Active Directory investments and then connecting to Windows Azure Active Directory.  In Windows Server 2012 R2, we have significantly enhanced Active Directory Federation Services (ADFS) to be easier to deploy and configure, tightly integrated with the Web Application Proxy for simple publishing and federating between Active Directory and Azure AD. 

 

IT can access managed mobile devices to remove corporate data and applications in the event that the device is lost, stolen, or retired from use.

Whether a device is lost, stolen or simply being repurposed, there will be times when IT needs to ensure that the corporate information stored on the device is no longer accessible. With Windows Server 2012 R2, System Center configuration Manager 2012 R2 and Windows Intune, companies have the ability to selectively wipe corporate information while leaving personal data intact.

IT can set policy-based access control for compliance and data protection.

With users working on their own devices, the accessing of corporate resources and storage of information on these devices presents some challenges for ensuring compliance needs are met and information remaining secure.  Windows Server 2012 R2, through the Web Application Proxy, ADFS and Work Folders provides compelling and powerful solutions to make it easy for our customers to make resources available but also remain in control of information.  As we showed in the TechEd Europe keynote in Madrid this week, Work Folders is integrated with Dynamic Access Control, providing the ability to automatically classify information based on content, and perform tasks such as protecting with Rights Management Services, even for data that is created and stored on clients!

 

To see People-centric IT, including System Center 2012 R2 Configuration Manager, Windows Intune, and Windows Server 2012 R2 in action, you can watch a complete presentation and end-to-end demonstration from the TechEd North America Foundational Session. You can also learn more about People-centric IT by downloading the People-centric IT Preview Guide.

Be sure to download System Center 2012 R2 Preview Configuration Manager and Windows Server 2012 R2 Preview today!