Like TechNet UK on Facebook
TechNet Team Blogs
If you’re considering Office 365 or have started with the free trial then you’d be well placed to head over and check out the Office 365 Service Descriptions where you’ll find some really deep information about what’s included in each part of the service. I’ve seen some mention of Office 365 not providing two factor authentication (some competitors doo)…well actually Office 365 does too as it says in the Identity Service Description:
Two-Factor Authentication for Office 365 Two-factor authentication (also called strong authentication) provides improved security by requiring users to meet two authentication criteria such as a user name/password combination and a token or certificate. Planning for Two-Factor Authentication with SSO To use two-factor authentication, you must implement an single sign-on strategy using Active Directory Federation Services 2.0 with Office 365. When planning your implementation, consider whether users have a supported operating system, are inside or outside the corporate network, and are using rich clients or web browsers. Also consider the ability of your authentication provider to interoperate with other services.
Two-factor authentication (also called strong authentication) provides improved security by requiring users to meet two authentication criteria such as a user name/password combination and a token or certificate.
Planning for Two-Factor Authentication with SSO
To use two-factor authentication, you must implement an single sign-on strategy using Active Directory Federation Services 2.0 with Office 365. When planning your implementation, consider whether users have a supported operating system, are inside or outside the corporate network, and are using rich clients or web browsers. Also consider the ability of your authentication provider to interoperate with other services.
These guides are essential for anyone working their way through deployment of Office 365 in a large environment and probably for anyone considering the move
Consumerisation is an amazing trend; the idea that anyone can make choices about the way they work and the tools they use to get their job done. From an IT point of view it can, at first, look like a scary proposition. All those people bringing in different bits of kit and making you look after them, manage them and connect them to your network. Of course, consumerisation is about far more than just devices – it’s actually about new ways of working, not about specific bits of technology. It’s about what the technology enables.
One of the more interesting aspects of the consumerisation trend is that people are more willing to do more for themselves – providing the tools are right. Not convinced? Just have a quick think about the types of things you used to do that required someone else’s input in the past:
Whilst these are all examples of consumerisation (consumerisation being about convenience at its root) they aren’t really examples of the consumerisation of the services we provide as IT professionals. Sure, they have a technology element, but they don’t directly relate to the enterprise. Does the model that we see evolving above have a place, though? I think it does; I think there is a key to enabling consumerisation in those three examples. Self-service is one of the keys to the consumerisation of IT.
Self-service is nothing new; we’ve had it for decades. We’ve been attempting to create self-service portals for one thing or another for years and I see this as a positive. Self-service is such a key lever that we have been pushing for it for so long purely because we know it’s the right thing to do. Applying it to IT systems, though, has often been done for the wrong reasons, in my opinion. Every self-service project I’ve ever been involved in that the users hated was done with the wrong primary driver. Cost saving is not the primary driver of good self-service.
Again, if we take the above three examples we can reach the same conclusion about why have they evolved as we know them today:
Consumer convenience is the real driver. Cost reduction is a nice to have, but what does it mean to the consumerisation of IT? Here are my thoughts about where to bring a consumer-centric self-service model into play, why such models work and how they can help you save money.
Application market places
These days you don’t have to look far for an example of market places that have been a runaway success - application market places being an obvious one. That runaway success is an indicator that your users will be able to get their heads around the idea of a self-service market place to install their applications. Products like System Center can help you build an application catalogue that your end users can deploy for themselves. If you aren’t already doing enterprise application deployment (and most large enterprises are - I was employed to do this 11 years ago on SMS 1.2), then you must be under significant pressure for human-based installs. If you’re doing enterprise app deployment but there’s no self-service aspect, you have to ask yourself why you’ve not made that step.
If you think about what the end user wants when they ask for an application, they really just want to do a specific job. They need Visio to make a diagram, they don’t have Visio, they ask how to get Visio, they find the form, fill it out, wait, get told it’s not right, rework it, submit it, wait, then someone pushes out the package and then….well, by that time they don’t need Visio. It would be far more user-centric to have allowed them to self-select the product and install. Licensing just reared its head there and some will say that licensing gets in the way of this model – I agree it’s a challenge, but you need to work that out for your business – if someone needs Visio to do their job, they need it (or a similar tool to which you can guide them).
The advantage of an application market place is that it gives you the opportunity to demonstrate guidance to your users around the decisions they make.
This, for me, is the biggest no-brainer self-service system to support consumerisation. Where do you go to get help with a technical problem? You go to your favourite search engine (Bing, obviously) and search for it. Where do your users go when they need help? Do they call you, or do they Bing it first? If they’re calling you it’s probably because you’ve got a restrictive IT regime in place and they think it’s the only route. If they call you when they can’t find the information they need, how can you help them better?
Enterprise search in the form of SharePoint FAST is a pretty darn powerful tool, and it can, with almost no configuration, search within the content of all the documents you pop on your SharePoint. Why not just upload your technical library of word documents created by your IT team and let your end users search them? Granted there could be some dark secrets in there, like administrator passwords and secrets (e.g. you can still launch a command prompt from a help file, but your end users can probably find the latter from the internet anyway). If something needs to remain secret then apply appropriate content control.
You’ll find that all the good public cloud based services have great self-help built in, Office 365 being no exception.
Remember what the point of a good self-help system is; it’s to allow people to consume conveniently. You don’t need to start out with heavy taxonomy. Begin with a simple search and allow people to tag and organise the content themselves to reduce management burden – just manage the content, not the content discovery. This will save you money running your helpdesk and make your end users more efficient. If you don’t believe me, do a simple trial.
This is the biggie with private cloud: it needs to be self-service/no-service to make it a private cloud. Private clouds are about providing resources to end users who can do things with them that give the business an advantage in some way. What everyone is looking for in a private cloud is the ability to have as much of the operating model of the public cloud as possible. Let’s give people what they want - if they need a new VDI session for a new starter, give them a simple portal through which to request the desktop and have it auto provision in the back end. If they need a new SharePoint team site, let them provision it themselves – they know what they need, so ask what value you’re adding and step out of the equation.
Don’t forget that sometimes no-service infrastructure is better than self-service. If it’s the end of the month and the pay run is on, allow the payroll system to auto scale up – a simple example of no-service, or rather no- human-interaction-required-service. Of course no-service can be helpful in other places: the VDI session we created above can be de-provisioned after 30 days automatically to prevent VM sprawl and to save cost.
When dealing with self-service infrastructure on behalf of a person (or department or team), don’t forget to make it chargeable. Making things chargeable helps keeps a keen eye on preventing sprawl, and doing so up front, when the user is making a decision, triggers extra decision making to ensure they do the right thing.
The information you have within your business is a key asset (I actually rank it only next to people in that respect), so being able to make the most of that information is one of the most important things any business has in its arsenal. It’s no secret that data is getting bigger either, over time there’s more of it, so being able to store it is expensive. As a result, from a purely financial point of view, being able to make best use of it is critical.
Allow your people to be agile with the way they use data; let them break it down in interesting ways by giving them the tools for self-service BI. It’s actually quite simple to do, be it giving them Excel 2010 (which can process about 1m rows of data!), democratising data using SQL Server 2008R2, giving them cool tools like PowerPivot or even giving them a simple coding environment like LightSwitch. People will be able to do better things with data than even you can think of.
Of course you need to remain responsible, giving users appropriate access and protecting that incredible corporate asset.
Hopefully you can see that providing people with the tools to do things themselves need not be scary. Rather it’s a natural evolution of the way we’ve done things for years. It’s also something that your end users will not only be able to accept, but will actively want to adopt. The role of the IT professional is pretty clear – be a guide not a gatekeeper, provide appropriate access to the tools of work.
There are a few trends that are affecting IT in some hard hitting, demanding and, for many, (work) life changing ways. Cloud is the first obvious one, but causing more of a pain in the IT department's rear right now is probably consumerisation.
Consumerisation is a simple theory; that people want to be able to do things in the office with the same “ease” that they do at home. A couple of examples will help clarify: Jane wants to be able to search her email inbox and find the stuff she needs rather than having to file things. James wants to be able to use his iPad to get his work email – it makes it easier for him to process stuff whilst watching the telly at night. These both present problems for the traditional IT department. The email system might be out of date and iPad isn’t secure enough for your organisation's policy.
What a conundrum. What we’ve been asking the IT department to do for years is to “manage all this complicated stuff for us”. Of course, over time, some of it's become less complicated and we’ve all learnt a thing or two about working with technology, turning us all into techies. There was a time when being a techy meant being able to interact with a computer - now that’s just second nature.
This particular trend is hard for IT folks to assimilate because for years they’ve been placed in the position of being the people who would provide technology and, now it’s in abundance, it’s sometimes easier to circumvent the system just to get the job done. With that circumvention, however, comes a barrage of problems which eventually land on the poor IT manager to fix, and, obviously because it’s a problem, it’s the most urgent thing in the world. What a pain.
Seen through different eyes, though – those of the end user – things have become brilliant. No longer do you need to go begging to your IT manager for budget for a new PC - you just use your own, and as a result you no longer have to ask permission to do something, which saves you time and lets you get on with making money. It’s also pretty cool to be down the pub with your mates and pull your phone out of your pocket, then check that you haven’t had any mail since you snuck out 30 minutes early to have a beer. How cool!
So we have a situation where what’s cool for the users is a pain for the IT department, which is not so good…but the IT department is there to endure pain, isn’t it? Not in my book. There’s a better way. We’re starting to see that companies embracing consumerisation are enjoying some great benefits.
Benefit A – Happy people
Using equipment that you care about makes you care about your equipment more. Find any craftsman who cares about his work and you’ll find a rack of well-oiled, well-loved tools. In return their kit breaks less and they get more done. Allowing your end users more choice over the type of computer they use can lead them to care more for it, so that upfront investment you make in a shiny PC might result in fewer keyboard replacements, for example. Of course the ultimate end is that they may wish to purchase their own PC, and depending upon your size and type of business, that could be cheaper for you. Heck, they might even hunt more for a bargain and end up spending less.
The IT manager needs to act with one of my five imperatives, Be a guide not a gate keeper and help users make an informed decision. That might mean creating an internal site where they can “shop” for their next PC. It won’t take long before your users start to think of their kit as their own and even as an extension of themselves - a virtuous circle that might just make them happier.
They will be happier because they have choice and flexibility and fewer hoops to jump through. You’ll probably be happier as the IT manager - you get to be the good guys (as CBR says)
Benefit B – Lower costs (potentially)
That care and respect and the subsequent translation into a happy work environment will translate into lower costs as users not only care more for their kit and even hunt for better priced kit, but they stop calling IT to fix every little thing. With trust – in this case the trust to self-select – comes responsibility, and people don’t like to appear unable to handle responsibility. This doesn’t mean that they won’t need help but it may well mean that IT will get fewer calls asking “how do I…” Instead, they’ll probably turn to the Internet for help.
Embrace, Address, Block?
I think it’s going to be hard for organisations not to address consumerisation, but deciding if an organisation should embrace, address or block consumerisation is a tough call. I figure it’s going to (and in many cases already does) depend on the size of the organisation. It’s easy to see how smaller organisations will benefit from consumerisation when you consider such things as users possibly buying their own kit and paying for their own mobile data tariffs, for example, so I think we’ll see them embrace the trend very quickly.
Larger organisations will probably move to the position of addressing the trend by developing their own principles and practices to support consumerisation, but at the same time by ensuring that the organisation is safe and control remains central. User (customer) demand within their organisation is what will drive adoption of the trend, and therein lies the kernel of this trend – consumerisation is just demand-driven computing.
Many people argue that in a large organisation we might well see the provision of a “technology allowance” similar to a car allowance, giving users the opportunity to source their own kit. That’s a nice idea but anyone with a company car will know the taxation mire that this approach causes, and I think it’ll be years before the tax man catches up with the trend.
What we see day-in-day out is that it’s very hard for an organisation to throw away its old ways; there are just too many business reasons to not to do so. So how do you stick on the side of your users, not blocking them but retaining some control? You need to move to an operational model that allows you to address consumerisation, embrace it, extend access to consumerised devices and services, yet protect business interests – add value.
Here’s a little recipe of ideas that might help IT pros up against the wall with consumerisation:
You have a web-based HR portal and you’re concerned about the security of other browsers: Use a system like ForeFront Unfied Access Gateway to read the browser header and allow access only on devices with trusted browsers, directing other users to instructions for accessing the system.
You have a need to provide access to your productivity applications on a multitude of devices but don’t want the data to end up on those devices: Deploy RDS and provide remote desktop sessions or virtual desktops to those users, there are solutions from the likes of Citrix to help with that.
You’ve got a hot desk environment where users can use their own laptops but there are ground level windows and you don’t want passers-by snooping on people sat with monitors facing the window: There’s a solution from Quest that can help address that by being location-aware and allowing access to RD sessions from only specific locations.
There are loads of options depending on what you need to do, and large organisations will love the added flexibility that the consumerised approach gives them. What’s clear from commentary in places like CIO.com is that consumerisation needs to be managed (at least in large orgs).
If this has got you more interested in the consumerisation debate, there's an event coming up later in July that should be in your diary. Hosted by Play.com, the event's theme is 'How is service-oriented architecture changing to deal with an increasingly complex, multi-channel world?' Our very own Simon Ince is one of the speakers. You'll get the chance to network and find out how other large organisations are addressing this challenge, happily fuelled by drinks and pizza. Here's the agenda:
Play.com’s Cambridge Office, 14 July 2011
For more information, contact the event's organisers: email@example.com/ +44 20 7333 1825.
[foot note: I use consumerisation without a Z because I use British English]
Take a look at ITworld’s pick of incredibly useful (and free) Microsoft tools for IT pros. There are 15 on the list – do you have more? Share them with other readers in the comments box below.
You’ll find many a download here in the Download Centre on TechNet.
While raiding the archives of TechNet magazine I found this nice long list of 77 Windows 7 tips. Ranging from making Windows 7 run faster to the best shortcuts, there’s bound to be something new in the list for you. If you know of any more, pop them in the comments box below.
If you’re a fan of the TechNet library you’ll know there’s a lot of good stuff in it to read. The TechNet team has introduced some cool new functionality that allows you to build your own custom set of articles from across library topics that you can then export or print. It’s like having your very own TechNet book.
Read this post for more information, or head straight to TechNet to get started on your article collection.
Windows Azure Connect provides a simple mechanism to set up IP-based connectivity between on-premises and Windows Azure resources, making it easier for you to migrate existing applications to the cloud. You can explore, deploy, manage and maintain the technology and products that bridge on-premises and Windows Azure systems with these step-by-step resources on TechNet.
Mike Halsey, MVP
Mike Halsey is a Microsoft Valued Professional (MVP) and the author of “Troubleshooting Windows 7 Inside Out” from Microsoft Press. You can keep up to date with him on Facebook and Twitter.
Is your reluctance to deploy Windows 7 a ticking time bomb?
Now the reasons are changing, partly because of the harsh economic times in which we find ourselves; with businesses only wanting to upgrade to a new OS when they finally replace ageing hardware, and because of the limited amount of time that Microsoft will continue to support Windows XP and Internet Explorer 6.
While it’s reasonable and rational for companies to sit on old operating systems and software “that just work”, are you aware you could be sitting on a time bomb?
There are now less than 1,000 days of support remaining for Windows XP and Internet Explorer 6. Microsoft say that when this happens, they will “no longer provide automatic fixes, updates, or online technical assistance. Without Microsoft support, you will no longer receive security updates that can help protect your PC[s] from harmful viruses, spyware, and other malicious software.” But what does this mean in the world of business and how concerned should you be about it?
In recent months we’ve seen many major companies hacked by criminals who want access to sensitive customer information. These criminals, who have broken into every type of business and even governments worldwide, have stolen between them tens of millions of people’s personal records. Don’t think either that the cases you hear on the news are the only ones. You may have had reports from your within your own company that haven’t been shared with the wider world.
This isn’t the only threat facing your company though. Are you properly defended against threats from inside? The good news is that Microsoft’s newest products provide excellent defences against both internal and external attack. It’s simply not just about the extended support life, there’s so much more to it than that.
Failure to properly defend against external and internal attack is an offence in many countries where customer data is put at risk. The result can be huge fines, significant public embarrassment and loss of customer trust. All of this is made worse by an ever more vocal public using ever-increasing numbers of online social forums.
Despite rumours to the contrary, Windows 7, especially when paired with Windows Server 2008, provides Enterprise-level legacy compatibility for businesses of all sizes. Couple this with the added benefits of tight integration with the latest cloud services, including Office 365 and Windows Intune, means that even the smallest business can save time, money and greatly boost security.
As the author of Troubleshooting Windows 7 Inside Out from Microsoft Press I’ve heard all the horror stories from businesses large and small about data loss, hacking and downtime. I find the largest irony being that the very thing they’re trying to protect the most, dependability, would be the first thing an upgrade would improve.
It seems crazy then not to begin migrating your systems to Windows 7, especially when your company may well already have paid for licences through the Software Assurance programme. If you’ve not made the leap yet, don’t wait too long. That time bomb isn’t going away, and criminals are just waiting for you to hesitate.
Windows 7 Springboard pages on TechNet
If you’ve been asking yourself any of these questions about the recent release of Office 2010 SP1, you’ll find this post over on the Microsoft Office Updates blog most useful.
There’s an abundance of Office info available to help you get started with deployment and your answer technical questions. Find it all at your fingertips on the TechNet Springboard pages.
The new Office 365 for the IT Pro Microsoft Virtual Academy track covers some of the collaborative aspects of Office 365, including Lync and SharePoint online, as well as best practices for an Office 365 migration/deployment.
Find out more about the Microsoft Virtual Academy.