IronKey

Mobile Data Security Blog

Home  »  Archive by category "BYOD"

by

Microsoft Licensing for Windows To Go – You Can Deploy It Now!

 

 

In my last blog post Ready for Windows 10? IronKey Windows To Go is Windows 10 Ready, I mentioned that I would cover Windows To Go licensing.  In this blog post, I’ll review three key points that I often cover for our customers when asked about Microsoft Licensing.

 

The key takeaway is that if you have a Volume License, you probably are already able to deploy Windows To Go today.  Now lets’ review those three key points: 

 

1.   Windows To Go is a “benefit” of Software Assurance

When you purchase a Microsoft Volume License, which most companies do for the cost savings over time, you either receive Software Assurance by default with all Enterprise Agreements (EA) or may purchase it as an addition. What I’ve learned after many conversations is that most SMBs and Enterprises already have a Volume License and more often than not have Software Assurance associated with it.

If you fall in to this category, then you’re all set. You can use the Windows To Go Creator included with your Enterprise Windows 10 or Windows 8 OS, or take advantage of IronKey’s mass provisioning tool or scripting capabilities for provisioning many devices.

 

2.   Not sure if you have a Volume License? It is easy to check.

You may be part of a company where you do not purchase your Microsoft licenses so here is what you can do. The first stop is to just check the operating system on your current PC by going to Control Panel, System and Security, and looking at the System details. If you have Windows 8/8.1 Enterprise, Windows 7 Enterprise, or Windows Vista Enterprise your company probably has an EA and therefore Software Assurance so you can go ahead and create IronKey Windows To Go devices today.

If you have other OS types like Pro, Professional, Ultimate or Business you may have a Volume License that allows it but you’ll want to ask. Your first stop is to ask your IT folks if they know, and if not, you can always track back to your reseller and ask for your companies Microsoft Licensing Agreement which will include what you need to know.

 

3.   Did anything change in Windows 10?

In terms of Windows To Go as a benefit of Software Assurance (and EAs)—  no change. The change that is coming with Windows 10 and Enterprise agreements is that Microsoft is making a new selection of features available only to purchasers of EAs and so I expect that we’ll see more people purchasing it over time. Some of the new Enterprise features will be fairly desirable—such as Long Term Servicing Branch will allow some PCs to remain on a stable OS for long periods of time (think kiosk) as is covered in Windows 10 for Enterprise blog post by Jim Alkove. Additionally there are a lot of new benefits to Software Assurance (as covered well by ZDNet here) such as the inclusion of Microsoft Desktop Optimization Pack (MDOP) and the of App-V functionality. As you’d expect, more features equal a higher price (making up for all the free Windows 10 upgrades Microsoft is providing to consumers) so we’ll see how it all shakes out.

 

IronKey’s Windows To Licensing Guide

I made a WTG licensing reference guide that our team has found useful in addressing the many questions that arise out in the field.  Check out the licensing guide and feel free to email me with any questions you might have or alternatively you can reach out to your local Microsoft reseller for details specific to your situation.

 

In summary – you’re Windows To Go ready!

You’ve probably have the license you need so there is no reason to not try it out today. We’ve got a large number of customers providing Windows 10 to a portion of their workforce today using IronKey’s Microsoft Certified Windows To Go devices.

graph

 

by

Ready for Windows 10? IronKey Windows To Go is Windows 10 Ready

 

Windows 10 is just around the corner— with Terry Myerson announcing on Blogging Windows that Windows 10 Enterprise will be available to Volume Licensing customers beginning August 1st. The release of Windows 10 appears to be one of the most exciting releases for enterprise customers with a long list of compelling new features for security, update, and management flexibility. There are lots of good posts out there detailing predictions on what will be delivered in Windows 10 Enterprise, but in tandem with end user experience updates like the return of the Start Menu, this is the version of Windows we’ll all standardize on over time.

Windows 10: Go Ahead and Give it a Try!

Windows To Go remains a bright spot and as a key benefit of Software Assurance (and VDA licenses), the momentum will continue. As we announced at Microsoft Ignite, IronKey Windows To Go devices are now fully ready for Windows 10!  So what exactly does that mean?  If you have an IronKey Windows To Go device, you can install Windows 10 now.  Whether you’re testing builds from the Windows Insider Program or waiting for the first releases on August 1, IronKey’s Windows To Go devices can be deployed straightaway. We’re using our IronKey W300 and W500 devices to explore and test Windows 10 functionality for ourselves so feel free to give it a try.

blogpic

If you’ve purchased our Mass Provisioning Tool and our scriptable Command Line Utility to produce many devices simultaneously, we are currently testing in this environment and will provide more information as we learn more. To date, the only restriction we’re seeing is that you’ll need to build Windows 8.1 devices from a Windows 8.1 PC, and Windows 10 devices from a Windows 10 PC.   From our testing efforts, and as we make use of the Windows DISM for some operations, we are seeing a need for version consistency with the current version of our tools. We’ll continue to investigate in order to make any updates as our testing proceeds. 

In short, IronKey Windows To Go is ready for Windows 10.

Haven’t Experienced Windows To Go? 

For those who haven’t yet experienced Windows To Go and want to give it a try, we’re offering a Windows To Go Intro Kit on our eStore.   Each Windows To Go Intro Kit features a 32GB IronKey Workspace W300 device with a 90-day trial version of Windows 8.1 pre-loaded, a right-angle USB adapter, and an IronKey lanyard for $89.00.  To purchase, visit IronKey eStore.  The kits will soon be available with Windows 10. 

Need to Learn More About Microsoft Licensing?

On an additional note, I’m often asked about licensing Windows for Windows To Go so I will be covering that in my next blog post. Here’s the simple summary— most Volume License holders have Software Assurance so they’re ready to deploy. If you’re not sure, I’ll be covering licensing in detail next month so please check back with us.  

by

The Age of Hacking

In today’s digital age, teaching children to code seems like a fantastic idea. Children are already spending huge amounts of time using technology, whether it’s a laptop, smartphone or tablet device and these IT skills can be essential in their future careers. However, whilst we must help a new generation of competent workers prepare for the digital world, how can we make sure that children will use their coding and programming skills for good and not evil?

Over the past years we’ve seen a number of technological innovations aimed at equipping children with basic programming and coding skills – from the Raspberry Pi to the recently launched Hackaball, a programmable ball aimed towards 6-10 year-old children. This demographic has been a key target for the UK government who have dominated the primary computing curriculum since September 2014.

However, with these skills being so easily transferrable to illegal activities such as hacking and cybercrime, how can we ensure that the lure of mischief, malice and money won’t sway children to ‘the dark side’? In January of this year, a seven-year-old girl hacked a public Wi-Fi network in just over ten minutes by learning how to set up a rogue access point to activate what is known as a ‘man in the middle’ attack. We know that this is already happening – hackers as young as 16 years old have been arrested for cybercrime, and the Home Office has warned that young video game hackers could be the next generation of cybercriminals.

So how can we tackle this? When it comes to children and young adults, the first place to start is at school and at home. Responsible adults, teachers and parents have a duty to ensure that their children, or pupils, are not engaging in criminal activity, and this is no different in the cyber world.

However, the problem we encounter here is the massive gulf between adults and children when it comes to understanding technology. An Ofcom survey released in August last year found that younger people have a far more advanced understanding of technology devices than adults – with 6 year olds having the same level of knowledge as the average 45 year old. In fact, teenagers aged between 14-19 years old are the most digitally confident in the UK.

If teachers and parents are to monitor and guide young people’s use of technology and make sure they’re not becoming involved in cybercrime, they must first be able to understand the technology themselves.

Secondly, we must consider the types of devices and technology that young people are using and put appropriate security measures in place to limit the possibility of malicious use. Technology like the Windows To Go USB Flash Drive would give young coders a replica desktop, just like the one they have at school, that they can take home and use on any device, without affecting or accessing the data and operating system sitting on that device. With a Windows To Go device it’s very easy to manage activity. The school can control the transfer of information and wipe, delete, monitor actions on the device, this way, the youngsters can hone their coding skills without being able to get in trouble by conducting activities outside the school’s remit.

What is clear is that we must not discourage children from learning these skills – they are absolutely essential for future employment and also play an important role in their everyday socialising with their peers. We must also accept that we cannot stop this evolution. Children are already learning these skills, with or without your knowledge and input, so the best we can do is to help shape that knowledge and put them on a good path.

by

OMG – eWaste?!

 

The guys in engineering hired some contractors in India and were ready to send them a few laptops :“Stop!” I said.

“Contractors are a perfect use case for Windows to Go. Load up everything your contractors need on a secure PC-on-a-Stick™, including our IT-secured OS, applications, data, and VPN,  and then just mail them the devices – simple and quick. They can run from any computer they want. When they are done, you can remotely disable the device in case they “forget” to return them.”

“Naw, we’ve got a couple of older laptops sitting around and that’s the way we’ve always done it,” replied our head engineer.

“Well, do you what you want but remember I recommended that you switch to this cool, new technology.” I warned.

Two weeks later I checked with the guys and the computers were still hung up in customs. They had shipped them together and thought the total value had crossed some threshold that required more paperwork.

Another week passed and what do you know, the engineers were in my office.

One of the engineers asked, “can you put together a couple of WTG drives for us?”

“Sure can, will just take a few minutes. What happened to the laptops stuck in customs?” I inquired.

They stared at their shoes and looked a bit sheepish. Finally, one spoke up.

“Well, India has instituted a new regulation and they considered those laptops eWaste so they sent them both back to us”.

“E-Waste?!”  I laughed out loud. “So now you want to take my advice and send your contractors WTG devices – glad to see you have smartened up. And by the way, when those older “e-Waste” laptops get back here, they’ll run way faster with your WTG devices so don’t even think about asking for replacements. WTG adds years to a computer’s useful lifetime.” I said matter-of-factly.  E-Waste – ha!

by

Thwarting the Insider Threat

 

Autumn is returning, reluctantly we’re turning our back on summer, and we are looking forward to the Holiday season. Undoubtedly, this comes with increased people taking vacations, working remotely, and the unlucky few taking their laptops on holidays. For many organizations, this is pretty risky business because the sensitive corporate information is now travelling along with their employees. Although many organizations rarely expect their loyal employees to steal company data, many are prepared for security attacks.

Following the Edward Snowden revelations in 2013, IT departments are now tasked with monitoring potential insider threats. Snowden’s work with US intelligence agencies put him in the position of a highly trusted employee, providing him with everything he needed to accomplish what he set out to do. There were no measures in place to prevent what was possibly the biggest information leak in the history of the US.

The risks come from those who intentionally misuse their access to data to cause a detrimental impact on the confidentiality and integrity of sensitive information.

Although there are a number of routes to secure intellectual property, if the authorities, from whom Snowden was stealing from, had a manageable and encrypted flash drive, such as an IronKey™ Windows To Go drive, they could have tracked the information from anywhere. Any activity on the drive could have been monitored from an on-premise or cloud-based management service. This would have ensured them the ability to restrict where the device could be used, or resort to remotely locking it down, so no one could access the data.

If data isn’t encrypted, its integrity can easily and quickly be compromised, and therefore it is essential to know where, and who, is accessing information. This can be difficult across a fragmented IT environment, however, companies need to be confident that if a device is considered to be compromised, they can remotely lock it down, wipe it, or initiate a self-destruct sequence to remove the data, to protect themselves and their stakeholders.

Protecting intellectual property should be a priority for all organizations. Disabling outdated user accounts when employees exit an organization, implementing policies with privileged account passwords, updating them regularly and limiting access to corporate systems, are all crucial to keeping data secure. That’s where the Windows to Go Drive comes in:  a secure, IT-managed, Microsoft certified USB drive that contains a fully functional corporate Windows desktop. Employees insert the Microsoft certified USB drives into their home computers, hot desks, or tablets that feature USB ports, and receive a secure desktop  as well as secure access to all applications they use in an office setting.

Unlike a virtualized or online remote access solution, this portable workspace offers full host computer isolation, which means documents cannot be saved to the host machine, but are saved to the USB drive.

This way, all data will remain secure without the threat of a potential data breach ensuring safety for all!

 

IronKey Workspace W700

by

The Problem With BYOD (Computers)

Sure, everybody is excited about BYOD. You can use your personal phone to make business calls and read your corporate email. But the real cost savings for BYOD is “bring your own computer- BYOC”. There is no need to purchase, maintain, and upgrade computers; we just let the employees do that.

But wait; there are two BIG issues with Bring Your Own Computer.  The first is an IT issue. The IT team has to install applications, security tools, and management software onto each employee’s laptop. That means IT has to support a range of computer types (including Macs) and OS versions, and deal with incompatible applications running on the employee’s personal device.

The second issue is all about end-user satisfaction. I can hear the screaming now.  “What do you mean you are going to install monitoring software, file scanning, corporate applications, and Internet proxies on MY PERSONAL COMPUTER??   How much space is that going to take? Does this mean Corporate can see my personal files?” My users will rebel.

Good news for IT and the end user –  both of these issues can be easily addressed with Windows To Go.  Let them use their personal hardware – Macs, PC laptops, tablets – but have them run their corporate workspace from an IronKey ”PC-on-a-Stick”  Windows To Go USB flash drive. They run IT’s corporate Windows image with locked-down security controls and policies, applications, and data, but IT never touches their personal hard drive. Complete isolation between work and personal environments!

If you want happy employees, let them use their personal PC, but have them use an IronKey Windows To Go drive and don’t touch their personal system.  This is truly win-win. IT saves a boatload of money and users have a portable corporate workspace they can plug into their personal laptop, a home computer, or a computer they borrow at work.  When was the last time you rolled out a major cost savings initiative and got happy users at the same time! BYOC – bring it on!

by

Travel Light and Secure

 

Hi, I’m Peter. I’m a Senior IT guy working for a big, growing enterprise.  I set the strategy and I’m responsible for the execution of IT infrastructure in my organization.   I need to worry about cost, security, and keeping my customers happy. We have pretty solid IT processes leveraging Microsoft tools, so I’m not about to set my IT team on some wild new solution that requires years to integrate. Recently, after a big meeting with the execs on cutting costs, I came across Windows to Go from Microsoft. Here is a solution that is secure, can save tons of money, make my customers happy, and fits into my IT workflow – Freakin’ SWEET!  My CISO stood up and applauded when I presented this to senior MGMT.  Needless to say I’ve become a big fan. In fact, they call me Windows To Go Guy around here. There are so many ways to apply this technology across my organization. I don’t get a commission on this stuff – I just love cool technology that makes sense. Here’s my blog entry:

Disclaimer: This blog is based on real Windows To Go ® use cases.  The character is fictitious to protect the names of our customers.  Any resemblance to actual customers is coincidental and not intentional.

I’m a Windows to Go guy. I carry my workspace around with me in my pocket, wherever I go. I don’t have to worry about hiding a laptop under the car seat. I don’t have to worry about it sliding off the seat during a sudden stop and I don’t need to try fit it under my coat during a sudden downpour.

One evening after work I had promised to stop at the local store to pick up some groceries. In line ahead of me were some military personnel dressed in camo. I noticed one person was carrying her laptop.
“Hey folks, I really appreciate what you guys do for our Country, but tell me, what’s with the laptop in the grocery store-are you expecting an email from the president?” I joked.

The corporal replied, “Military rules- laptops can’t leave our side. We even take them into the bathroom”.

“That stinks,” I replied.  “Let me show you something,” I replied. I whipped out my IronKey Workspace W500™, my PC on a Stick™ and explained that this was my laptop, FIPS secured against the worst imaginable attacker. It is virtually indestructible too, and I intentionally dropped it onto the hard tile floor to make my point.

“I have got to get my hands on one of those” she said.

“You are right about that, we can make your next bathroom or grocery stop a much more pleasant experience.” I replied.

by

Will the World Cup Result in a Red Card for your Business?

 

With the ‘Hacktivist’ group Anonymous having announced they were preparing a full scale cyber-attack on the World Cup’s corporate sponsors during the tournament, and an influx in World Cup related malware, security threats are likely to be the topic of choice for all those looking to protect against potential breaches and attacks during the tournament.

IT managers will have been steeling themselves for a potential spike in lost corporate devices, such as USB’s, tablets and mobile devices, during the World Cup. Whether it be a flight to Brazil, a booze fuelled train journey home, or live streaming a match from your laptop, the potential for a security breach, and the resulting consequences, could be more excruciating than a bite from Luis Suarez!

Whilst the tournament might be coming to a close, the risks associated with remote workers and mobile devices are still an inherent danger to corporate data. Many of us undertake work while commuting, with little regard for the security of the information we are working on, so whether you are lucky enough to have flown out to watch a match, or simply travelling home after watching the game in the pub, the need to secure your devices is never more crucial.

With shrinking boundaries between work devices and work-enabled personal devices, the risk of corporate data falling into the wrong hands is a huge possibility. Employees dropping memory sticks, leaving files on trains, and laptops in bars, are all high probabilities, and inevitably, these devices will contain data not meant for prying eyes.

Failing to protect the vast volumes of information they carry and not equipping employees with the IT tools required to securely manage and handle information while travelling could result in a ‘red card’ for your business.

No computer or tablet not ‘locked down’ by IT should ever be connected to the corporate network, either from inside (fixed line or BYOD) or outside (VPN of VDI). Allocating employees a corporate computer for use inside the network and an IT secured USB device for outside would simplify security and avoid frustrations typically related with tight security policies such as these.

Whether your data is in transit or at rest, encryption is absolutely essential to safeguarding confidential company information. Whether you use strong authentication or hardware encryption will very much depend on your organisation, you need to be able to manage encrypted devices in order to ensure that if there are any concerns that data integrity has been compromised it is possible to remotely wipe the device.

Accidents will happen, but being vigilant in your security practices, and, educating and enabling your employees could be as easy as knocking England out of the Cup altogether.
redcard

by

IronKey Workspace W700 Drives with FIPS 140-2 L3 Set New Standard in Mobile Workspaces

 

Great news for government and other highly-regulated enterprises that require a FIPS 140-2 Level 3 Windows To Go drive— IronKey Workspace W700 ™ drives are now available!   Our W700 PC on a Stick™ drives are the first Microsoft-certified Windows To Go devices to be FIPS 140-2 Level 3 validated. Now you can enjoy all the benefits of Windows To Go while meeting strict data security mandates.

Why is this Significant for Government Agencies?

If your agency is looking to provide mobile workspaces for your contractors, field workers, employees who want to BYOD or telework, this solution is a “no brainer”.  The Windows To Go approach is up to 90 percent more cost effective and more secure than issuing a new laptop or using VDI.  Visit our use case section to learn how agencies are using Windows To Go today (link to Use Case section).

What is Windows To Go?

Windows to Go is an enterprise feature of Windows 8.1 that lets people be productive from almost any location they choose to work by inserting the Windows To Go USB drive into any compatible PC of their choice. An organization’s corporate image, operating system, applications and data are all contained on the Microsoft-certified IronKey Workspace USB drive. The host PC boots completely off the Windows To Go drive using local resources such as monitors, CPUs and network connections.  The Windows To Go drive can be centrally managed and offers remote wipe features to protect against loss and theft. The Windows To Go solution is ideal for mobile workers, teleworkers and contractors, fueling secure “Bring Your Own Device” (BYOD) strategies that allow employees to use their home PCs for work.

IronKey Workspace W700

by

Securely Working from Home – Freakin’ SWEET!

 

Hi, I’m Peter. I’m a Senior IT guy working for a big, growing enterprise.  I set the strategy and I’m responsible for the execution of IT infrastructure in my organization.   I need to worry about cost, security, and keeping my customers happy. We have pretty solid IT processes leveraging Microsoft tools, so I’m not about to set my IT team on some wild new solution that requires years to integrate. Recently, after a big meeting with the execs on cutting costs, I came across Windows to Go from Microsoft. Here is a solution that is secure, can save tons of money, make my customers happy, and fits into my IT workflow – Freakin’ SWEET!  My CISO stood up and applauded when I presented this to senior MGMT.  Needless to say I’ve become a big fan. In fact, they call me Windows To Go Guy around here. There are so many ways to apply this technology across my organization. I don’t get a commission on this stuff – I just love cool technology that makes sense. Here’s my blog entry:

Disclaimer: This blog is based on real Windows To Go ® use cases.  The character is fictitious to protect the names of our customers.  Any resemblance to actual customers is coincidental and not intentional.

Perhaps I’m a bit of a workaholic, but I don’t think I’m alone. After the kids go to bed, I read email, work on reports, look at presentations, and study excel spreadsheets. I’ve tried webmail  and VPN access to file shares from my home computer, but it is just not the same as having your own workspace at home with you. For the past 20 years, I’ve had to lug my laptop between work and home. But laptop screens are tiny when you are looking at a 50-column spreadsheet or comparing two documents side by side.  My home computer on the other hand, has a 27” monitor, surround sound, and fast direct Ethernet connect. In addition, we just bought a new Mac – sweet! I’ve wanted to use my home set-up for work and I’ve waited patiently, for 20 years to solve this problem.

Enter Microsoft Windows to Go. Six months ago, I loaded my entire workspace onto a tiny IronKey Workspace W500 ™ USB 3.0 flash drive with the works: OS, apps, AV scanners, and data.. With 128Gbyte, there is plenty of space. When I’m at work, I plug this device into my work computer and run my workspace from the drive. Because it is flash, it runs much faster than my spinning hard drive in the host computer. When it is time to leave the office, I simply unplug the USB drive, stick it in my pocket, and head for home for dinner with the kids.

Later in the evening, I retire to my man-cave, slide the IronKey Workspace W500 flash drive into my mega machine, and my workspace magically appears before me. I settle back into my deep cushion chair, turn down the lights, fire up some hard rock, and slip back into my working world in the comfort of my home. Now that’s productive work at home!