|By Srinivasan Sundara Rajan||
|September 25, 2016 10:00 AM EDT||
Reducing IT Operation Costs with Windows 10 Hello for Business
The newer Windows 10 devices with the Hello extensions are definitely going to have a cost implication, but in today's context in our own consumer world where every individual has access to Smartphones with advanced biometric features, why should the enterprise user continue to use the old PCs that are managed by traditional passwords? I think the cost of transformation to these devices will be worth the efficiencies in the ITIL operations as well as improved security to enterprise data. It would be useful to collect data about OEMs who have Windows 10 PCs with Biometric Hello features and the same list can be utilized by enterprises. I will write a separate article on Windows 10 devices for enterprises.
Incident Management and Passwords
Incident management, which is one of the process area of ITIL, is key for organizations to ensure that their service operations are running without impacting the business. Within the incident management there are two major triggers, known as Incidents (unplanned disruption to the service operations) and Service Requests (formal requests from end users for IT Services). Also in the ITIL/ITSM world the term Ticket is used for the method of initiation of a request from the user community to the IT department.
Without getting much into the classic definitions of ITIL, from the definitions above, it is easy to think that as an IT department, our goal is to minimize the effort spent on incident management be it Incidents or Service Requests, so that IT department spends a lower cost on operations while also concentrating more on the innovation.
Over the years, organizations have tried multiple options to reduce the incidents and service requests, one method they adopt is "Automation" and most times they also resort to "Self Service". Automation basically prevents manual effort on incidents and solves it with machines and self-service is more about letting the end users to solve the "Service Request" by themselves.
However, if you really think of the above two approaches, they don't prevent the issue at the source rather provide an efficient way to solve them. More and more organizations would like to prevent the issue at the source, so that they don't occur in the first place.
From the analysis of the Incident database from several organizations, it is found that the nearly 40% of Incidents/Service Requests are password related and most times IT departments take a minimum of 30 minutes and more to solve that issue. So if we really look this from a lost productivity angle of both IT department and end users this problem is not small as it looks.
While the traditional methods of self-service password management will continue to have value, the next generation end user management should go towards password less operations. Let us get into some directions from Windows 10 enabled features in this direction.
Windows 10 Features for Password Elimination
Windows 10 which recently had an anniversary update, has come up with some new features which needed some introduction.
Windows 10 Hello
In Windows 10, Hello replaces passwords. Individuals can create a PIN or biometric gesture on their personal devices for convenient sign-in. This use of Hello provides a layer of protection by being unique to the device on which it is set up. The biometric data used to support Windows Hello is stored on the local device only. It doesn't roam and is never sent to external devices or servers.
Windows Hello for Business (Formerly Known as Microsoft Passport for Work)
Windows Hello for Business, which is configured by Group Policy or MDM policy, uses key-based or certificate-based authentication. In Windows 10, the Windows Hello for Business (formerly known as Microsoft Passport for Work) feature can replace passwords with strong two-factor authentication that combines an enrolled device with a PIN or biometric (fingerprint or facial recognition) user input to sign in.
TPM (Hardware Chip)
Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. Microsoft Hello For Business takes the PIN or biometric information from Windows Hello , and uses this information to have the TPM-chip generate a set of public-private keys.
Azure Active Directory & AD Join for Windows 10
Azure Active Directory (Azure AD) is Microsoft's multi-tenant cloud based directory and identity management service. Azure Active Directory Join (Azure AD Join) is the functionality that registers a company-owned device in Azure Active Directory to enable centralized management of the device. I have covered in detail about Azure AD Join for Windows 10 in my earlier article.
Azure AD SSO (Application Access)
Azure AD enables easy integration to many of today's popular SaaS applications; it provides identity and access management, and enables users to single sign-on to applications directly, or discover and launch them from a portal such as Office 365 or the Azure AD access panel.
The above are just brief explanation of the mentioned technologies, detailed explanation of them are available on the Microsoft website.
Blueprint of a Password Less Enterprise
Powered by Windows 10 features (Hello for Business) & Azure Active Directory (AD Join, SSO), an enterprise can transform into a password less enterprise, which is not only secure but the associated IT Operations will also be lean and efficient.
The below diagram gives a blueprint of the same.
The newer Windows 10 devices with the Hello extensions will definitely going to have a cost implication, but in today's context in our own Consumer world every individual has got access to Smartphones with advanced biometric features, why should the enterprise user continue to use the old PCs which are managed by traditional passwords ? I think the cost of transformation to these devices will worth the efficiencies in the ITIL operations as well as improved security to enterprise data. It would be useful to collect data about OEMs who have windows10 PCs with Biometric Hello features and the same list can be utilized by enterprises. I will write a separate article on Windows 10 devices for enterprises.
Sep. 28, 2016 04:30 AM EDT Reads: 1,674
Sep. 28, 2016 04:30 AM EDT Reads: 1,633
Sep. 28, 2016 04:30 AM EDT Reads: 1,014
Sep. 28, 2016 04:15 AM EDT Reads: 4,584
Sep. 28, 2016 04:00 AM EDT Reads: 439
Sep. 28, 2016 03:30 AM EDT Reads: 1,761
Sep. 28, 2016 03:30 AM EDT Reads: 3,110
Sep. 28, 2016 03:15 AM EDT Reads: 2,978
Sep. 28, 2016 03:00 AM EDT Reads: 1,828
Sep. 28, 2016 03:00 AM EDT Reads: 1,777
Sep. 28, 2016 02:45 AM EDT Reads: 1,882
I'm a lonely sensor. I spend all day telling the world how I'm feeling, but none of the other sensors seem to care. I want to be connected. I want to build relationships with other sensors to be more useful for my human. I want my human to understand that when my friends next door are too hot for a while, I'll soon be flaming. And when all my friends go outside without me, I may be left behind. Don't just log my data; use the relationship graph. In his session at @ThingsExpo, Ryan Boyd, Engi...
Sep. 28, 2016 02:15 AM EDT Reads: 1,338
The Transparent Cloud-computing Consortium (abbreviation: T-Cloud Consortium) will conduct research activities into changes in the computing model as a result of collaboration between "device" and "cloud" and the creation of new value and markets through organic data processing High speed and high quality networks, and dramatic improvements in computer processing capabilities, have greatly changed the nature of applications and made the storing and processing of data on the network commonplace.
Sep. 28, 2016 02:00 AM EDT Reads: 1,136
From wearable activity trackers to fantasy e-sports, data and technology are transforming the way athletes train for the game and fans engage with their teams. In his session at @ThingsExpo, will present key data findings from leading sports organizations San Francisco 49ers, Orlando Magic NBA team. By utilizing data analytics these sports orgs have recognized new revenue streams, doubled its fan base and streamlined costs at its stadiums. John Paul is the CEO and Founder of VenueNext. Prior ...
Sep. 28, 2016 01:45 AM EDT Reads: 3,038
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
Sep. 28, 2016 01:45 AM EDT Reads: 2,791