Earlier this week, Microsoft revealed some more details about the Windows 8 Enterprise SKU. One of the biggest features of that version is Windows To Go, which will allow users to store their work Windows 8 desktop on a USB drive and boot up that desktop at home or virtually any other PC.
However, a number of companies are also supporting employees who provide their own hardware for work purposes, rather than the company giving employees their hardware. This “consumerization of IT" trend is the subject of the latest entry in the Windows 8 blog.
Microsoft's Jeffrey Sutherland, a program manager lead in the Management Systems group, talks about how Windows 8, including the version made to run on ARM-based processors (also known as WOA), can be used by enterprise customers who allow their workers to use their own devices. He states:
We know that developers are going to find it easy and convenient to build elegant Metro style apps that automatically work on any Windows 8 system including WOA, and developers of line-of-business (LOB) apps won’t be any different. But many organizations want to directly control and manage access to their internal LOB apps, including the distribution of the app binaries for installation.
That means that such internal Windows 8 Metro apps cannot be offered to employees via the Windows Store as is the case for consumer-based apps. For WOA-based PCs, Windows 8 has created a new management client for enterprise customers that can deliver such apps to employees. The user can connect to the company's internal network with just his or her email address and password via a new feature in the Control Panel in WOA, as show in the screenshot above.
Using SSL Server Authentication, the IT agent can then approve the employee on that PC and send that PC a user certificate. The IT admin has a number of options in terms of setting up how much control an employee has with his work PC on Windows 8, including Maximum Failed Password Attempts. For this option, Sutherland says:
So, when a user exceeds the password entry threshold, Windows will instead cryptographically lock all encrypted volumes and reboot the device into the Windows 8 recovery console. If your device has been lost or stolen, this effectively renders the device unreadable. But if you’re simply the victim of your young son or daughter trying to get to Angry Birds while your device is locked, you can easily recover with the use of a recovery key that Windows 8 can automatically store on your behalf in your SkyDrive account. This way, you are able to get back up and running without enduring a lengthy wait to re-install all of your apps and copy down all of your data.
Metro apps for internal business use can use Windows 8's Metro style self-service portal (SSP) app. An early version of this app can be seen above. This system allows IT admins to offer several different ways to let employees download work apps, including ones internally developed by the company, website links and apps from the regular Windows Store.
IT admins can also disconnect a Windows 8 work PC from the company server, including removing the activation key for any Metro company apps.
Images via Microsoft