Home » Posts tagged 'Personal computer'
Tag Archives: Personal computer
Two Factor Authentication for Office 365!
NOTE: I did not write this article; in fact, it is copied word for word from an e-mail I received from Scorpion Software. However it is a solution I do believe in. I am not selling for Scorpion Software, nor do I receive any benefit from their sales, nor are the links herein set to track you back to me. I am friends with the owner of the company and a couple of their developers, but have not been asked to post this (nor have I been promised any remuneration for doing so). –Mitch
—
You can now use AuthAnvil to protect and streamline access to the cloud. We’re offering the world’s first strong, fully independent two-factor authentication and single sign-on solution for Office 365.
AuthAnvil for Office 365 provides maximum access security for your cloud-based services, plus the efficiency of logging in just once to access Office 365 throughout the day:
- Available for all Microsoft’s Office 365 plans, including their P1 and P2 plans for small businesses.
- Doesn’t require ADFS or DirSync – Microsoft’s complex system that requires extra servers and can take days to implement.
We invite you to attend our free webinar and visit our AuthAnvil for Office 365 page to learn more.
Email: sales@scorpionsoft.com
Phone: 1-888-407-4285 ext. 701
Free webinar: Introducing AuthAnvil for Office 365
We invite you to attend our free webinar and get a hands-on look at how you can gain
cloud-based trust with on-premise control.
September 24 at 10am PDT
Sign up for the free webinar >>
User Account Options in Windows 8
Earlier today I discussed the Picture Password and PIN codes in Windows 8. What I didn’t mention is that for non-corporate users (who will still continue to log on using domain accounts) you have a new option in Windows 8… and that is to use your Microsoft Account to log on to your system.
Cool, huh?
Of course, there are going to be people who do not want to do this, and that is fine… all they have to do is go to the Users page under PC Settings and click Switch to a local account.
My personal preference is to stick to the Microsoft Account… it means one less password to remember… and to remember to change every 4-6 weeks 
Of course, just like in previous versions of Windows just anybody could not log onto your computer; an account had to be created for them first. Let’s assume for the time being that almost everybody out there has a Microsoft Account (previously Live ID, nee Microsoft Passport). You may remember it as your Hotmail address 
If not, then you have to go on-line and create one.
If they do have one, all you have to go is go to the same Users screen under PC Settings and scroll down… at the bottom of the screen you have the option to Add a user. Click on that, and when prompted type in the e-mail address of that person.
You don’t have to know that person’s password… but the first time they log on to Windows 8 they will have to be connected to the Internet to cache their credentials.
It’s as simple as that! You can share your PC with anyone, whether they use a local or a Microsoft Account. Each person, in turn, can use a password, PIN, or Picture Password.
Cool!
Related articles
- Windows 8 Support is Here! (garvis.ca)
Logon Options in Windows 8
The three-fingers salute is gone.
Okay, that is not entirely true, but if your computer is not domain-joined, you will no longer need to press Ctrl-Alt-Del to log onto Windows. That doesn’t mean that you won’t be asked for a password…
However, built into Windows 8 there are two new ways to log on:
PIN (Personal Information Number)
Your PIN, just like for your bank or your voice mail, is a four digit code that logs you in, rather than having to remember your complete password.
‘So if four numbers will let me in, why don’t I just set my password to be a four-digit code that I will always know?’
It’s simple, really… you will still have a password, but the PIN will, from the local keyboard or screen, authenticate that password. Anyone trying to log on remotely will still have to type in your full (and hopefully long & complex) password… which means that hackers, unless they have physical access to your computer, still need to get around that.
Picture Password
The Picture Password is cool… if not really secure. Just like your PIN it is tied to your complex password. However you can choose a picture (any picture of your choosing) and select three points, lines, or gestures on that picture to be your password. For example, if you were to use the following picture as your basis:
Your first gesture could be a line across the bow of the boat, the second might be a circle around the Sea-doo, and the third one could be a dot on the top of the man in blue’s head. Once you complete the gestures, your computer will unlock.
While I do not consider this to be a very secure method of protecting your computer, there are some restrictions… your lines and circles must go in the same direction in which they were set 
In order to set your picture password or PIN:
Swipe from the right side of your screen and click Settings. If your computer does not have a touch device then drag your cursor to the bottom-right corner of the screen, and click.- Click Change PC settings.
- Under Users navigate to Sign-in Options.
- From this screen you can change your password, set a PIN, or select a picture password (and set the swipes). In order to do this you must know your actual user password though!
Note:
- These options are disabled until you activate your Windows 8 OS.
- Once your new sign-in Options are configured, you can lock your Windows screen, and try it… By default you will still be asked for your password, but underneath the password box there will be an option
Sign-in options
- . Click on that, and you will see three icons appear (if both the picture password and PIN are configured). Select the appropriate one, and you are done!
- It is important to remember that while they may make life more convenient for you, both of these options drastically reduce the level of security in your PC. I will not be surprised to see corporate IT departments banning these in a big hurry. However for your personal
- and tablets it’s an easy alternative to typing your password all the time!
Managing Your SMB-IT Without Server
You have a small business. You have been running Windows Small Business Server 2003 for six years, and you know that it is time to retire it. The question is, what should replace it?
Before you make any definitive decisions, why not review what you need your server to do:
- File Server
- Mail Server
- Internet Portal
- Centralized Management
For the past several years you have paid a consultant to manage the server and your client PCs, and have primarily called him in for break-fix issues. Maybe you were industrious and decided to learn the basics of IT so you could do a lot of the maintenance yourself. You might even be a small-business IT consultant who has been managing and maintaining SBS environments for your clients.
You have heard so much about the cloud that you are in a bit of a fog… you know that people are talking about cloud-services, but haven’t quite figured out how they can work for you… to save you money, to earn you money.
Replacing the Server
For most small businesses I still recommend a centralized server; Active Directory is still the best mechanism you will find for centralized user management, and Group Policy allows you to lock down your environment.
With that being said, many of the functionalities offered in Microsoft Small Business Server are now available as part of two cloud-services offerings from Microsoft. Microsoft Office 365 offers all of the functionality listed above (File Server, Mail Server, Internet Portal) and much more. It is actually all of the following products in the cloud:
- Microsoft Exchange Server
- Microsoft SharePoint Server
- Microsoft Lync Server
- Microsoft Office Web Access
Office 365 allows you to have the functionality of all of these tools… without having to purchase or maintain them. It also means that you will always have the latest versions of all of these… without having to upgrade. ‘Your servers’ will be maintained by the Microsoft IT team, without your having to pay them hundreds of dollars per hour. If any of your services go down (and admittedly they do occasionally) you can rest assured that before you even discover the outage the people who know the products best will already be well on their way to fixing the issues.
Managing the Desktop
Between the operating system and the applications, there is a lot of work that goes into the proper maintenance of your PCs. That includes anti-malware, patch management, policies, and more. Additionally being able to generate and view reports is a huge benefit – as I always say If you cannot measure it, you cannot manage it!
So Before we get into application side of things, let’s discuss the benefits of the second cloud-services offering, Windows InTune. InTune installs as a simple agent on your Windows PC, and the list of benefits is amazing:
- Upgrade rights to Windows 7 Enterprise
- Windows InTune Endpoint Protection (centralized anti-malware solution)
- Centralized Patch Management
- Policy Deployment
- Application Deployment
- Device Reporting
- Alerts
- License Management
When you subscribe to Windows InTune (per-PC subscription) you get the right to upgrade your legacy Windows client (Professional/Business/Enterprise SKUs) to Windows 7 Enterprise. Right there you have the basis for the common operating system required to simplify management.
Windows 7 Enterprise Edition includes two features that Business Edition does not:
- Multiple language support; and
- BitLocker drive encryption technology
With the preponderance of mobile computing these days, as well as organizations doing business around the world, there is no question that Windows 7 Enterprise is an easier feature-by-feature sell than the lower-priced options, but that lower price seems to be a deciding factor so often. With the Use Rights in Windows InTune you don’t have to settle.
Once the Windows InTune agent is deployed on a PC it will start populating the individual computer’s information to the InTune system, and you will be able to get a better idea of what you have. On the Devices screen you will be able to see:
| Computer Name | Total Disk Space | CPU Speed |
| Chassis Type | Used Disk Space | Last User to Log On |
| Manufacturer & Model | Free Disk Space | Serial Number |
| Operating System | Physical Memory | Last Hardware Status |
Included in the Windows InTune installation is the Windows Intune Endpoint Protection engine, which will protect your PCs from malware. It uses the built-in patch management system to keep the definitions up to date, and offers real-time protection, as well as centralized reporting and e-mail alerts to the Help Desk / Support Team / IT Guy when a computer is infected.
InTune 2.0 added the ability to centrally deploy applications to client PCs. InTune 3.0 adds an extra to this – the ability for end-users to install published applications on-demand. The new Company Portal allows users to help themselves on-line, before eventually ‘escalating the call’ to you.
Users can also deploy their own client from the portal, assuming they have the proper credentials. This allows them to download a client using their corporate credentials, rather than you having to send them the file (along with the ACCOUNTCERT file) which would allow anyone (in theory) to install on any device that would automatically be managed by… you.
By far the most common application suite found on desktops in the workplace is Microsoft Office. The most common complaint I hear about Office is the cost (followed by the difficult to understand SKUs). Of course, with Office in the name it is no wonder that it is part of Office 365.
Of course there are several different SKUs to Office 365, and each one has different offerings. The small business SKU (P1) costs $6/month, and does not include the installable suite. However it does include Office Web Apps, which means you can create and edit Word documents, Excel spreadsheets, PowerPoint presentations, and of course use OneNote… all within your web browser. This is great if you work on multiple systems, or if you are ever remote and need to work on a document. The convenience loses its thrill when you realize you cannot work if you don’t have an Internet connection.
The E1, E2, and E3 SKUs do come with the client software, so if that is a requirement then those SKUs (which cost quite a bit more) are probably better for you.
Why you should consider maintaining a server on-site
Our mail server is gone… so are our SharePoint and File Servers. Why then would I still recommend a small server in a small business environment? There are several reasons.
- Active Directory. As I mentioned earlier in the article, AD is a great way to centralize security and credentials. Additionally there are plenty of hooks from Active Directory into Office 365 (which can be covered in a later article).
- Deployment Server. Microsoft Deployment Toolkit 2012 is the perfect companion to your new Windows 7 Enterprise licenses. In under an hour you can create a deployment point that will deploy Windows and all of your applications (including the Lync Client and the Windows InTune agent) in fifteen minutes (or less). It is by far the easiest way to deploy Windows to your desktops, laptops, and even tablets!
- Hyper-V. Although many of our applications will be installed directly onto the laptop, many companies still have server-based applications that require an application server. Hyper-V is the best way to create those servers on-site, for a plethora of reasons that have been outlined ad nauseum previously at www.garvis.ca, and countless other sites. Of course, your virtualized application servers can run any version of the Windows Server operating system, but they can also run any supported client OS, as well as several iterations of Linux (supported and enlightened) and any other x86-based OS (neither supported nor enlightened).
- Group Policy. Although Windows InTune v3 has much better policy support than its predecessors, there is no denying that Group Policy is the best way to granularly control, configure, and secure your client and server environments. Whether you want to enforce secure passwords, BitLocker, or simply set a centralized screen saver and desktop wallpaper, the best way to do it is by creating a GPO in Active Directory.
As you see the combination of cloud-based services from Microsoft and an on-line Windows Server are the best way to manage your entire SMB IT infrastructure, but even if you are not going to maintain an on-premise server the cloud-based services can manage most of the needs of most SMBs.
By the way, there is one more advantage to these solutions… you will always have the latest and greatest. Right now the Windows InTune subscription comes with use rights for Windows 7 Enterprise. When Windows 8 is released, you will automatically have access to that platform. Office 365 comes with Office 2010… but when the next version is released you will have that version right away too!
Interested in hearing more? Drop me a line and we’ll talk… or you can check out www.windowsintune.com and www.office365.com to download 30-day trials of each!
Refreshing Options in Windows 8
I love cleaning out my PC. When I can reimage and start from scratch I am a happy man. Why? Everything runs smoother. It is, in many ways, the same as getting your car washed and detailed. It is a known fact that cleaner cars run better than dirty ones. In reality, as we use our computer the OS can, over time, get kludgy. I could go into the reasons for this, registry bloat and infestation and all that, but this is not an article for the 300-level types who need to know these things, it is for the average man or woman – the one who knows that his or her computer ran faster when they got it than it does today.
When I say this is not for the 300-level types, it is because at that level there are both more roadblocks to this, as well as better tools to accomplish the end goal. We’ll talk about the Microsoft Deployment Toolkit, User State Migration Tool, and other fun stuff in other articles. This, my friends, is an article for my mother-in-law… an end user who does not tend to install applications on a regular basis, who uses the same Microsoft Office Home and Student, maybe a game or two, and the Internet.
Windows 7 has a great tool in it called Windows Easy Transfer. In short, it captures your user profile to an external device, and restores it to your newly installed PC. It is great for when you get a new PC, or when your PC needs to be re-imaged. Before I begin any repair work to the PCs of friends or family I begin by taking a quick WET image. It doesn’t save your applications, but those can be reinstalled. Lost data, on the other hand, can be quite costly both in terms of financial and emotional expense.
Windows 8 has two new tools on the General tab of the PC Settings screen that are really exciting.
Refresh your PC without affecting your files. Although Windows 8 promises real improvement in the kludginess factor (it is, as I have stated in recent articles, really really fast!) I am sure that there are things that will affect your PC that will cause it to slow down over time. Whether that be malware, errant code, or anything else that may affect the speed and performance of your PC. the Refresh Your PC option will literally clean out everything… except your data. It will restore all of your settings, it will wipe out all applications, and then restore all applications that were installed from the Windows Store. This is a long-thinking view, because right now most of our applications are installed from media, but the plan is that this will (over the course of several years) change to most apps being installed from the Store, just like apps for the iPhone and iPad are from the iStore.
Remove everything and reinstall Windows. This will restore your PC to the factory settings, as it were. OOBE away! This is useful for several scenarios, not the least of which is ‘Ok, I’m upgrading to a new PC and don’t want whoever gets (or buys) my old one to have my data and apps.’
While neither of these are features that anyone will be using every day, they will make restores and clean wipes much easier than they ever were. Just be careful not to press either of these by accident… although there are fail-safes in place (notice the big CANCEL option!) it is just as easy to press the wrong button and end up wiping the lot. While it will not prevent it from happening, I strongly suggest a good backup strategy, and of course storing your data in the cloud never hurts – the new SkyDrive app will make that much easier for end users and IT Pros alike.
