Passwords. Users have a lot of them. Surveys have said that the average user has to maintain between 6 and 8 sets of username/password credentials. I think that seems quite low.
I have my Windows password. I have passwords for 2 different banks. I have passwords for various creditors and utilities (car loan, electricity, water, gas, mobile phone, cable/Internet, home phone, my son’s orthodontist, automobile insurance, dental insurance, web host). I have passwords for the various sites and blogs that I write on. I have passwords for Facebook, Twitter, Digg, Technorati, Fark, etc..
That’s a lot of passwords to maintain and remember. What you need is a way to log in once and have that single password unlock all of the rest automatically- single sign-on (SSO).
Enterprises have various appliances and applications they can employ to deliver SSO for users. Individual users have the tools available as well though with the Credential Manager feature. I wrote the following description of Credential Manager in an article:
“As you access resources for the first time, you will be prompted to enter valid credentials. Those credentials can then be securely stored in Windows and managed with the Credential Manager. Once the credentials are stored, Windows will automatically retrieve the relevant usernames and password data for subsequent access attempts.”
You can read the rest of the article and get more details about managing passwords and SSO here: How to Use Kerberos and Credential Manager for Windows Single Sign-On
I remember way back (I mean WAY BACK) in the early Windows days, like Windows 3.1 running on DOS 5.0, what a joy it was to deal with hardware devices. Adding hardware required an understanding of arcane, dark magic known as IRQ’s and DMA’s and conflicts between devices had to be resolved manually through some process of trial and error.
Using that as a reference point, the Device Manager that we have become accustomed to in Windows XP seems like pure genius. You have one place to go where you can see all of the devices and easily identify any devices that are having issues. As new devices are added they are automatically detected and added to the Device Manager inventory, and there are tools for troubleshooting issues and updating drivers. Seems functional enough.
The porblem is that its still a bit of uber-techie black magic from a novice perspective, and it approaches things from a device-centric perspective. With Windows 7, Microsoft shifts to an experience-centric solution for managing devices called Device Stage.
Device Stage provides a single console for managing devices such as printers, webcams, and mobile phones. The information displayed and functionality available in Device Stage are customized by the device vendor, so the features of Device Stage will vary from one vendor to another. But, the key thing is that Device Stage gives you a console to manage the experience with that device and actually perform functions, and not just a platform for updating device drivers.
As enterprises begin to examine deploying Windows 7 there are a variety of challenges IT administrators may face. Microsoft provides a variety of tools to help make deployment and management as smooth as possible such as MDOP (Microsoft Desktop Optimization Pack)
You can learn how to use MDOP with Windows 7 to simplify application deployment and desktop management while reducing IT costs by watching this webcast (or listening to the accompanying podcast) from Microsoft.
The discussion also covers Microsoft Application Virtualization with Windows 7-based clients to deploy applications on demand.
One of the biggest security concerns facing IT administrators these days is information leakage. Organizations need to ensure that confidential and sensitive corporate data doesn’t end up in unauthorized hands. Many companies are also under compliance mandates to protect company information as well as personal customer data like social security numbers and credit card numbers.
The prevailing method of restricting access to data is simple file and folder permissions. Those permissions don’t provide any assurance of the continued protection of the data once an authorized user downloads or accesses it though. Don’t panic though.
No need to rush out and buy new appliances or third-party tools. Microsoft has the functionality built in to Windows Server 2003 and Windows Server 2008 to enable you to control access to data on a much more granular level and even to revoke or expire access after an authorized user has already downloaded the data. Read Microsoft Windows RMS enables granular access control over sensitive data for more about the data protection offered by Microsoft.
BitLocker encryption was introduced with Windows Vista, but has been enhanced with Windows 7.
The rise in laptop usage and roaming/remote workers means that terabytes of sensitive information are potentially wandering the street at any given moment. Laptops are easily lost or stolen and steps need to be taken to protect the data they contain.
BitLocker provides the ability to encrypt all of the data on the drive and ensure that it can not be compromised even if the laptop falls into the wrong hands. Windows 7 extends the BitLocker protection to USB thumb drives and removable storage as well.
Check out Understanding the Basics of Microsoft BitLocker Encryption to learn more about this valuable feature.
Windows 7 is almost here. Enterprise customers will be able to get it soon and there are less than 2 months until it hits General Availability and lands on store shelves and pre-installed on PC’s and laptops. New features like Jump Lists and DirectAccess offer enticing incentive for enterprises.
There is some preparation and planning required before rolling out a new operating system in an enterprise though. One critical step is to validate that the applications the business relies on will work with the new operating system.
Microsoft has developed the Application Compatibility Toolkit (ACT) to help you do just that. The latest version, ACT 5.5, has been updated to perform application compatibility for Windows 7 systems. Download the tool and start assessing your applications so you can be ready for Windows 7. You can also check out this interview between Stephen Rose and Jeremy Chapman to learn more about the updates and changes in the most recent Application Compatibility Toolkit.
One of the most important features of Windows 7 for the enterprise is DirectAccess.
I have spent years working remotely from home or on the road as a consultant and having to deal with various VPN connection clients to be able to access internal data and network resources. I have also seen things from the side of the administrator trying to keep an accurate inventory of roaming systems and ensure they are all patched and updated.
DirectAccess will change the entire relationship between the internal network and the wandering laptops- essentially allowing them to be permanently connected as if they were physically located in the home office from anywhere in the world as long as there is an Internet connection.
You need more than just Windows 7 clients to achieve it though. You also need WIndows Server 2008 R2. Take a look at Paving the Way for DirectAccess to learn more about the feature and what you can do now to lay the groundwork to be ready to use it.
Ever since I started using Windows 7 in the pre-public Beta days one of my favorite features has been Jump Lists. It may not have the gee-whiz factor of AeroShake, but it is much more practical and enables me to work more efficently and save time.
With Windows Vista, I relied on the Recent Items list in the Start Menu. Recent Items linked to the last 10 or so files I had used. But, it only linked to certain file types and it wouldn’t take long to open 10 documents and run a file off the list. Then I’d have to open it the old-fashioned way by navigating through Windows Explorer file menus to find where the document is actually stored and open it back up.
Jump Lists takes the Recent Items concept and applies it on an application by application basis. Now Word, Excel, Windows Media Player, Quicken personal financial software, etc. all have their own list of most recently accessed files. I use the Jump Lists for accessing almost everything and find it to be a huge convenience and time saving benefit.
Check out this video clip to see Jump Lists in action.
Who doesn’t love a good Top 10 list? It has been a staple of the David Letterman Show for decades. People love lists. So- here is my contribution to your list addiction.
The good people at the Microsoft Springboard Series portal have put together a list of the Top 10 Things IT Pros Should Know About Windows 7. The list is based on the Windows 7 Beta version and has been around for awhile, but now that Windows 7 has hit RTM (release to manufacturing) and the clock is ticking on its GA (general availability) date in late October, it is more important than ever for IT pros to be sure they are familiar with what the latest flagship desktop operating system has to offer.