EDGE 2015 is starting in

Find out more EDGE 2015
Microsoft Windows RT tablets will be more security friendly than iPad, Android devices

Microsoft Windows RT tablets will be more security friendly than iPad, Android devices

Microsoft can perform a type of network access control on Windows RT devices as a way to protect corporate networks from harm these devices might inflict if put to corporate use, making them a cut above iPads and Android tablets in this regard.

The newly announced capability can check the devices for compliance with corporate policies surrounding passwords, encrypting data, antivirus, anti-spyware and auto updates, according to the Building Windows 8 blog. This is similar but less comprehensive than what some NAC schemes do in order to keep devices that don't comply from connecting to networks.

Previously Microsoft had announced four flavors of Windows 8 -- Windows 8, Windows 8 Pro, Windows 8 Enterprise and Windows RT -- with Windows RT lacking many of the features included in the Enterprise edition that might make the devices more palatable to businesses.

BACKGROUND: Windows RT tablets will add to the BYOD nightmare

TEST YOURSELF: The Windows 8 Quiz

Windows RT is the name Microsoft has given to a Windows 8 operating system that is packaged with ARM-based hardware such as power-efficient tablets. They are expected to ship later this year or early next. The devices don't support applications that run on standard x86/64 machines, and until now, would accept Metro-style applications designed for Windows 8 only directly from Microsoft.

None of this made Windows RT seem any more BYOD-friendly than Android tablets or iPads.

But a client announced by Microsoft will monitor the security posture of the devices and enable downloading proprietary business applications to them. The client will communicate with an undefined cloud-based management platform that will be announced later by the team working on Microsoft's System Center.

The client's main function is to download and install Windows 8 Metro-style applications that are designed to work on both x86/64 and ARM devices. Without the agent, owners of Windows RT devices can only download applications that are stocked in the Windows Store or via Windows Update or Microsoft Update.

But Microsoft recognizes that businesses will create their own Windows 8 Metro apps that they want to deploy to personal Windows RT devices that employees might want to use for work, according to the blog.

The client makes this possible by connecting to the corporate management infrastructure and to a self-service portal, which displays applications that are available for each user to download. This provides a mechanism to download proprietary line-of-business Metro apps to employees without placing them in the public Windows Store. As the blog says, "... there is no reason to broadcast these applications to others or to have their application deployment managed through the Windows Store process."

If the business or the owner of the device decides to remove it from corporate management, the client wipes out the proprietary apps.

Before users can connect their Windows RT devices to the management service, their Active Directory settings must be changed to allow it and to specify how many devices they are allowed to connect via SSL authentication. The process involves registering the device with the network.

Each user authorized to use the management service must be specified within Active Directory as someone allowed to connect devices. Once connected, the client makes daily maintenance reports about the hardware, applies changes to settings policies on the devices, reports on compliance with those policies and updates the proprietary apps as needed.

The client also informs the management platform whenever users initiate application installation from the self-service portal, the blog says.

Administrators can set security parameters the devices must comply with such as maximum failed logins, lockout after a maximum period of inactivity, requiring passwords of specified length and complexity, imposing enabled and expired dates on passwords and maintaining password history.

The agent can also set up VPN connections automatically to the management infrastructure so users don't have to do it manually. The client also reports the status of drive encryption, auto update, antivirus and anti-spyware.

"Leveraging this compliance information, IT admins can more effectively control access to corporate resources if a device is determined to be at risk," the blog says. "Yet once again, the user's basic experience with the device is left intact and their personal privacy is maintained."

Tim Greene covers Microsoft for Network World and writes the Mostly Microsoft blog. Reach him at tgreene@nww.com and follow him on Twitter https://twitter.com/#!/Tim_Greene.

Read more about software in Network World's Software section.

EDGE 2015:: For all the latest on EDGE 2015 including the keynote speakers visit the EDGE mini-site now

Follow Us

Join the ARN newsletter!

Error: Please check your email address.



In Pictures: 7 things we hate about Twitter

In Pictures: 7 things we hate about Twitter

You probably either love Twitter for its quirkiness and brevity or see it as a pointless waste of time. After nearly a decade on the social scene, Twitter still needs to improve its user experience and fill in notable gaps in the service. These seven problems are long overdue for a fix.

In Pictures: 7 things we hate about Twitter
IN PICTURES: EDGE 2015 - Sponsor Briefing

IN PICTURES: EDGE 2015 - Sponsor Briefing

With EDGE 2015 rapidly approaching, ARN and Reseller News NZ held a Sponsors Briefing where ARN publisher and president, Susan Searle, and Events Manager, Alexandra West, ran through the considerable logistics in detail. Attendees then enjoyed some splendid canapes and drinks. EDGE is designed to bring the A/NZ channel together in a collaborative and educational environment. Themed around channel channel leadership, EDGE will be held at the Sheraton Mirage, Port Douglas, July 20-23. Photos by MIKE GEE.

IN PICTURES: EDGE 2015 - Sponsor Briefing
In Pictures: Robots that cook, clean, sing and dance

In Pictures: Robots that cook, clean, sing and dance

Cooking, learning language and doing the laundry are a few of the human skills demonstrated by.real humanoid bots featured in the National Geographic movie Robots.

In Pictures: Robots that cook, clean, sing and dance

iasset.com is a channel management ecosystem that automates all major aspects of the entire sales, marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.

Show Comments