Quadra

Connecting Technology and Business.

Manage Identity, Mobility and Information the Modern Way

Some of the IT challenges faced by business today are listed hereunder:

  • Businesses need to unify their infrastructure technology environment with a common identity across on–premises Active Directory Domain Services (AD DS) and the cloud, with deeply integrated capabilities for PC and mobile device management.
  • Users expect to be productive across a variety of device types, with access to the applications they need.
  • Businesses must protect their data, so they require a comprehensive set of access control and data–protection capabilities.

Microsoft cloud has a single solution to meet these challenges head-on with its Enterprise Mobility Suite. The three components of this solution are:

  1. Azure Active Directory (Azure AD) Premium for Hybrid Identity management
  2. Windows Intune for mobile device and PC management
  3. Azure Rights Management for information protection

Hybrid Identity and Access Management

Azure AD Premium delivers robust identity and access management from the cloud, in sync with existing on-premises deployments:

  • Cloud–based self–service password reset for employees
  • Group Management, including user self–service management of groups
  • Group–based provisioning and access management for hundreds of Software as a Service applications
  • Machine learning–driven security reports to show log–in anomalies and other threats
  • Rich and robust synchronization of user identities from on–premises directories, including write back of changes
  • Reduce risk and support compliance requirements with comprehensive Multi–Factor Authentication (MFA) options

Mobile Device Management

Windows Intune enables you to manage PCs and mobile devices from the cloud. People can use the devices they love for work while protecting corporate data and adhering to security policies:

  • Deliver and manage apps across a broad range of devices.
  • Manage variety of device types, from Windows, Windows RT, and Windows Phone 8 to Apple iOS and Google Android.
  • Configure and deploy policies, and inventory hardware and software.

Data protection

Azure AD Premium and Azure Rights Management can help protect corporate assets:

  • Deliver information protection in the cloud or in a hybrid model with your existing on–premises infrastructure.
  • Integrate information protection into your native applications with an easy–to–use software development kit (SDK).

Windows To Go with you wherever you go

You can carry your workspace in your pocket today. No. I am not talking about your smartphone that runs Windows Mobile. It is "Windows To Go with you everywhere you go".

Users of Windows 8.1 Enterprise (corporate customers who have Software assurance coverage) today have the luxury of creating a complete corporate image of their desktop - with apps and data – in a USB drive and carry it along wherever they go. Users can boot from this USB device into any compatible hardware (that has the configuration enough to run Windows 7) and start working on their applications, create files and manage their data. The host computer's underlying hardware and compute power is made use of by the OS and works in a sandboxed atmosphere – the internal/local hard -disks will be considered offline by the guest system. (Alternately, if a W2G device is inserted in a running system, it will not be listed by Windows explorer).

All of the great technologies available with Windows 8.1 Enterprise work with Windows To Go: Group Policy, BitLocker, BranchCache, AppLocker, App-V, User Experience Virtualization, and DirectAccess. Windows To Go is literally Windows 8.1 Enterprise in a pocket.

People who

  • want to work from home
  • want to use their own devices (BYOD scenarios)
  • want to evaluate the Windows 8.1 OS
  • want to remain productive in the unexpected events of PC crashes

might consider this WTG a very powerful feature.

Fortunately, there are a number of Windows to go certified USB devices the will give the user this wonderful mobile experience. Not using a Microsoft-certified USB disk comes with a few, potentially deal-breaking shortcomings: It's not an official Windows To Go image, and you don't get your personal (purchased) apps or other personalization on installation. Although you can install applications on the disk, you have to sync your purchased apps manually. What you do have is a fully functional Windows 8 system that's bootable from the USB drive. If you're using it as a portable desktop system, you have achieved your goal.

Apart from the local internal disks not being accessible, there are a few more things that we need to note while using WTG.

  • The Bitlocker dirve encryption will not use the Trusted Platform module (TPG) but only a pre-operating system boot password will be used for security.
  • Hybernate is disabled by default – can be enabled using group policies
  • Windows recovery environment is not available – a new image has to built again in the device in the event of a crash
  • Refreshing or resetting a Windows To Go workspace is not supported -
  • Windows store is disabled by default – can be enabled if the device will be locked to a certain hardware device

Windows To Go drives can be booted on multiple computers. When a Windows To Go workspace is first booted on a host computer it will detect all hardware on the computer and install any needed drivers. When the Windows To Go workspace is subsequently booted on that host computer it will be able to identify the host computer and load the correct set of drivers automatically.

The applications that you want to use from the Windows To Go workspace should be tested to make sure they also support roaming. Some applications bind to the computer hardware which will cause difficulties if the workspace is being used with multiple host computers.

Things to keep in mind while using mobile phones

  1. Buy a branded phone.
  2. Ensure that the phone has a proper IMEI number, which is a code that identifies each phone. Check that the number on the phone corresponds to that on the box and receipts.
  3. It is considered wise to check the accessories such as earphones, battery and charger.
  4. Make sure the battery description such as voltage value matches with that of the charger to avoid overcharging which sometimes lead to explosion of handset.
  5. Avoid using the phone while the battery is being charged. If you wish to receive a call during this time, disconnect the phone from charger before connecting the call.
  6. Ensure it is not over-charged by removing the electric supply when the battery is fully charged.
  7. If your battery seems to have swollen, replace it immediately.
  8. The anti-virus software for mobile phones are not very effective today. That is why one should avoid downloading anything from a third party vendor, ie directly from the internet browser. Instead use the in-built store or market application provided by the operating system.
  9. Malware, which is software that takes advantage of a bug in the operating system of the phone, often gets downloaded with third party tools.
  10. Make sure the sites that you visit using the phone must start with an https (which means they are encrypted or safe sites).
  11. Avoid using public or unsecured Wi-Fi connections. A hacker could access the mobile device through a port that is not secured.
  12. Make sure the Bluetooth connectivity is not switched on in public places as it can be used to send malicious files which corrupt the operating system.
  13. While communicating using your cell phone, try to keep the cell phone away from the body as this would reduce the strength of the electromagnetic field of the radiations.
  14. Whenever possible, use the speaker-phone mode or a wireless blue tooth headset. For long conversations, use a landline phone.
  15. Avoid carrying your cell phone on your body at all times. Do not keep it near your body at night such as under pillow or a bedside table, particularly if pregnant. You can also put it on 'flight' or 'offline' mode, which stops electromagnetic emissions.
  16. Avoid using your cell phone when signal is weak or when moving at high speed, such as in car or train.
  17. If your phone gets wet, dismantle it by removing battery, SIM and memory cards and switch it off (only SIM card in case of an iPhone). Dry each component thoroughly (but gently) with a towel until the phone is dry to the touch. Avoid using it for 12 – 24 hrs and put it in a bowl that contains silica gel packets during that time to demoisturize it.
  18. Never use a hair dryer to dry the phone quicker.
  19. Avoid using mobile phones too close to your mouth regularly or holding cell phone in your mouth frequently. This might lead to malignant salivary gland cancer and tumours in the mouth. (There is no conclusive evidence that mobile phones are safe and don't cause cancer).
  20. Regular cell phone users who speak with the phone held too close to the face are prone to problems like sleep disturbance, migraine and headache.

-Inputs from Techera Securities

BitLocker and BitLocker To Go

​Today, more laptops are sold than are desktops. And tablet PCs have exceeded sales than all PCs put together. The reason – Mobility. People are expected to provide data wherever they are – whether in Office or outside. And how can they do that if they don't have access to data? Data is expected to travel with the user and has resulted in a crawl of devices.

"A desktop on every desk" was the vision of Microsoft's Bill Gates which today seems a puny aspiration. Most of the users handle more than two devices at any given time. So the data that is being carried in the laptops and tablets are prone to mishandling or pilferage. Moreover, since these devices are portable, it is carried everywhere and the risk of losing them by misplacing them or being stolen is very high and real. This is when we need to seriously look at protecting the data in these devices.

Microsoft has included a very powerful feature in its new client OS called the BitLocker to prevent loss of data due to the loss of the device. (This was available even in the Windows Vista OS but has picked up popularity lately with the Windows 7 and Windows 8/8.1 OSs flooding the scene within a short span of three years). BitLocker protects the data in a hard disk from unauthorized access by encrypting it and enabling decryption of data using a password. Here are some additional details:

  • Prevents unauthorized access to data on lost or stolen PCs
  • Supports full volume encryption of OS and Data volumes
  • Offers variety of pre-boot authentication options:
    • TPM*-only, PIN/Password, Network Unlock, USB storage
  • Supports PCs, Servers, and "Slate" form factors

TPM - Trusted Platform Module - an additional security hardware chip built inside the PC system.

Since external storage devices like pen drives and other USB devices are extensively being used, the need for protecting the data in these devices was also felt. Windows 8/8.1 has this additional security feature in place in the name of BitLocker to Go. Here are some additional details on this feature:

  • Used to protect data on removable drives
  • Able to deny or grant write access to volumes by organization
  • Enables read-only access on Windows Vista & Windows XP

Smartphone user, are you being watched without your knowledge?

​Are you a smartphone user? Is your phone's Wi-Fi turned on always or at least most of the time? Are you in the habit of connecting to Wi-Fi in public places to download an app update or a mail or a video? Are you in the habit of updating your Facebook or Twitter accounts every now and then? Or do you just click a "Like" or make a short comment like LOL there? While doing so, remember that you are continuously broadcasting your location from these phones. Beware of all the secrets your smartphone is sharing about you. A lot of information can be gleaned with the help of your phone without your knowledge or without even asking you a single question.

Today wireless sensors are placed in business districts to track shoppers as they move out in the shopping malls and bazaars. Even if you don't connect to the locally available Wi-fi, these sensors follow signals emitted from our Wi-Fi enables smartphones which allows them to create profiles of people and their habits as they go about their everyday lives travelling from one place to another. Shopping malls can use sensors to analyse foot-traffic patterns, largely within the premises to glean insight about customer behaviour.

Location data is valuable to businesses. Instead of offering a general promotion, businesses can promote their products specifically depending upon their customers' tastes. It can help retailers see which neighbourhoods shoppers arrived from or limited information about their habits, such as restaurants they drive past. Even Apple has technology which can be integrated into sensors to read customer's smartphone signals in shopping malls and stores.

Business have begun using the technology more broadly to follow people where they live, work and shop. They can use that information, along with the wider foot traffic data, to come up with dozens of lifestyle categories, including yoga-goers, people who like theatre, and gizmo hunters.

For example, a business that knows which sports team is most favoured by its clients could offer special promotions on game days. Another example: A company could track people's visits to specialist doctors or hospitals. Marketers can in turn can infer that a person has a certain disease from their Internet searches. A geo-location company can actually see the person visiting the doctor, making the inference that the individual has this disease probably even more accurate.

Geo-location companies can build detailed dossiers of people's lifestyles by merging location data with those from other sources, including marketing firms. They can also buy bulk phone-signal data from cell phone carriers, and then break those users into lifestyle categories based on their daily travels.

Today, with their Android and iOS mobile operating systems, respectively, Google and Apple know the location of every customer's Wi-Fi-enabled phone—far more location data than any geo-location company could access. If you have also switched on the "Trace my phone" safety feature, it is all the more easy for the other number to track not only your phone but in most cases YOU. And if you are using apps like True Caller, you are exposing the names of people you know who are in your contact list to others who are willing to share their caller ids also in the shared network and thus you open up possible vulnerebilities, risks and threats for your contacts.

Places where people didn't think they were being watched are now repositories for collecting information and companies are increasingly able to connect between our online and offline lives.

Is your privacy becoming cheap?

Microsoft Outlook Web Apps (OWA) in iPad and iPhone as a native application!

Microsoft threw open its Outlook Web App to users of its lifetime rival Apple in their iPhones and iPads as well. Moreover, this OWA app is available from the Apples App Store for download for free.  

A stunning move by the rivals! 

Apple took the lead in the devices market with the iOS to run them and is now closely fought by Samsung with the now open Android OS in its phones. But users of email have been familiar with Exchange and Outlook for quite a long time now – even longer than the iPhone and the iPad. With the, it was a long felt need of these users, especially the iOS users, to have access to their familiar email applications accessible from these non-windows devices. While there was already an app from the Android apps store (Google Play) for this OWA, it was a question in debate whether a native app would be made available for the iOS users. While OWA was certainly accessible through the Safari browser, a native app would make a huge difference to the user experience. Microsoft has finally answered positively to the aspirations of a large subset of email users who want to keep their device and still access their mails in a familiar fashion. 

How does Microsoft benefit? 

This move is also aimed at increasing the reach of the O365 online services offered by Microsoft. Exchange mail is a vital component of the O365 offering and has gained substantial ground recently with the launch of Office 2013. Now users of Apple's devices also can subscribe to Microsoft's online services, especially the Exchange Online and benefit from the offering. The $2 offering for the light users of mails are given access to their mails through the OWA with a storage of 1 GB in the cloud. So, this attempt might be a subtle strategy of Microsoft to break in to the Apple users market. 

How does Apple benefit? 

Apple might also benefit from the move as it can aim at selling its devices to users who tend to use MS Exchange for their mails and have always felt a need for a native app for easy access and so had put off their purchase decisions until one arrived. 

The Application 

iPhone and iPad's OWA app lets one know how many items are unseen (not unread) from the last time the user opened the app. When tapped, it opens to a log in screen for the O365 subscriber. Once logged in, an icon at the bottom left corner, when tapped, blows up and allows the user to switch between mails, calendars, people (contacts) and options to customize the app. (Credentials are stored once in the device and then needs no login thereafter). It offers almost a similar experience to the users of both the kind of devices. Holding the same icon (at the bottom left of the screen) for a little longer initiates a voice input session for the user. The folder pane, the list view and the reading pane are available to the user (though only two are open by default in iPad and one by default in iPhone but can be further opened) giving him/her a familiar user experience through the interface. 

Mails 

Even IRM protected emails can be created and accessed through the app. Out of office messages and the most productivity enhancing Mail tips are also available at the new mail composing window. Even apps for Outlook like Bing maps are available for the users on the app bar. Search can also be initiated from within the OWA. Offline access to mails and the ability to compose mails even one is not connected to the internet are some of the most welcome features for the users of this app. 

Calendars 

Calendars with day, week, month and agenda views categorized by using various colours are all available in the OWA app. New appointments can be created and the Scheduling assistant can help in knowing the availability of a one or more individuals for a meeting in a given time slot on a given day. Event locations can also be added using Bing maps. Even reminders pop up even when the app is closed. 

People (contacts) 

OWA contacts can be synced to the device's address book and can be controlled by the Exchange administrator. 

Options 

Out of Office (OOO) messages, automatic replies and signatures can be set in the OWA. A remote wipe of the contents in the device can also be done by the administrator when situation warrants it. 

Note: This OWA is useful only if the user has a live O365 subscription. Normal Exchange on premises users might have to wait.