WindowsNetworking.com - Monthly Newsletter - July 2013

Welcome to the WindowsNetworking.com newsletter by Debra Littlejohn Shinder, MVP. Each month we will bring you interesting and helpful information on the world of Windows Networking. We want to know what all *you* are interested in hearing about. Please send your suggestions for future newsletter content to: dshinder@windowsnetworking.com

Cloud Storage: Good or Bad for Business?

In the consumer space, cloud storage is becoming more and more popular as computer users entrust their files to services such as SkyDrive, Google Drive, Dropbox, etc. They're becoming used to being able to access their music, pictures and documents from any device. And they want to be able to carry that over to the business world, too.

Many users want to access their personal cloud storage accounts from their work devices, whether working remotely or connected to the company network. That can raise some obvious security issues. For example, last year a Dropbox employee's account password was stolen and a number of Dropbox users' email addresses were compromised, resulting in an onslaught of spam messages to those users. Users of Amazon's Simple Storage Service found their data's setting had been switched from "private" to "public," exposing confidential company records to be viewed by unauthorized persons.

When it comes to security, all cloud storage services are not created equal. Some verify the email addresses of new customers and some do not. Some use SSL/TLS to protect data in transport while others use proprietary protocols. Some use client-side encryption so that the provider can't read the data, while others don't. Some encrypt file names, others don't. Some prevent search engines from accessing shared workspaces and others don't. Some of these problems can be addressed by users (for instance, having them encrypt their data before uploading it to the storage service).

Security isn't the only potential drawback to cloud storage. Reliability is also an issue. Service downtime could affect productivity if business data that's stored in the cloud becomes unavailable for a significant period of time. Then there's the bandwidth factor. Constantly moving files to and from the cloud is hard on a metered or capped Internet connection, and even if you have unlimited transfer, it can clog up a slow connection. Of course, the typical Internet connection is much slower than the gigabit speeds of most local networks today, so accessing cloud data will be slower than accessing data that's stored locally.

Despite these issues, the convenience factor of cloud storage can be compelling. It makes it easier to access your data when and where you want it, and it makes it easier to collaborate with other members of your team and share files, without overloading email accounts with large attachments.

Some businesses are embracing cloud storage, with small companies tending to utilize the same services mentioned above and larger organizations sometimes opting for more enterprise-targeted options such as Box or IBM's and EMC's solutions. Costs range from free (for a limited amount of storage space) to several hundred dollars per year for "team" plans that provide relatively large amounts of storage space for a group of users.

A good policy is to restrict users to using only the company-provided/approved cloud storage service to share or store files related to work when connected to your network, and block access to consumer cloud storage services that they may be using at home. You can blacklist those sites or use DNS entries to block users from accessing the sites via the web. You can also use software restriction policies to prevent them from installing client applications for accessing their files on the consumer cloud storage services.

Do you allow users to store and access data in the cloud? What cloud storage provider(s) have you tried and what do you like or not like about each? What do you see as the biggest advantage and the biggest disadvantage of using cloud storage? Let me know what you think!

‘til next time,

By Debra Littlejohn Shinder, MVP

dshinder@windowsnetworking.com

=======================
Quote of the Month - Not everything that can be counted counts, and not everything that counts can be counted. – Albert Einstein
=======================

2. ISA Server 2006 Migration Guide - Order Today!

Dr. Tom Shinder's best selling books on ISA Server 2000 and 2004 were the "ISA Firewall Bibles" for thousands of ISA Firewall administrators. Dr. Tom and his illustrious team of ISA Firewall experts now present to you , ISA Server 2006 Migration Guide. This book leverages the over two years of experience Tom and his team of ISA Firewall experts have had with ISA 2006, from beta to RTM and all the versions and builds in between. They've logged literally 1000's of flight hours with ISA 2006 and they have shared the Good, the Great, the Bad and the Ugly of ISA 2006 with their no holds barred coverage of Microsoft's state of the art stateful packet and application layer inspection firewall..

Order your copy of ISA Server 2006 Migration Guide. You'll be glad you did.

   


Click here to Order your copy today

 

3. WindowsNetworking.com Articles of Interest

4. Administrator KB Tip of the Month

Verifying Active Directory Schema

The Dsquery.exe command-line tool can be used to verify whether Adprep has extended your forest's schema. For example, let's say your existing forest has domain controllers running Windows Server 2008 R2. To determine the current schema level of your forest, open a command prompt on one of your domain controllers and run the following command:

dsquery * cn=schema,cn=configuration,dc=fabrikam,dc=com -scope base -attr objectVersion

The output from this command looks like this:

objectVersion
47

Now take a server running Windows Server 2012, join it to a domain in your forest, and use Server Manager to promote the server to a domain controller. After you finish introducing the new domain controller into your forest, re-run the preceding dsquery command on the domain controller you previously ran it on. The output from the command looks like this:

objectVersion
56

The version number 56 indicates that the schema of your forest has been extended to include domain controllers running Windows Server 2012.

For more great admin tips, check out http://www.windowsnetworking.com/kbase/

5. Windows Networking Tip of the Month

Do you live on the bleeding edge of technology? Do you want to be the first one on the block to deploy the latest beta software? If so, then you'll want to download the beta of Windows Server 2012 R2! Yes, it's out and it's not half bad. There are some big improvements in Windows Server 2012 R2 that enable you to deploy a private cloud, or if you're not interested in cloud, it will make your traditional datacenter even more powerful. Like Windows Server 2008 R2, Windows Server 2012 R2 isn't just a service pack; it's a major release and there are hundreds of new and improved features included in it. For a list of these improvements, check out What's New in Windows Server 2012 R2.

6. Windows Networking Links of the Month

7. Ask Sgt. Deb

QUESTION:

Hey Deb,

I was talking to somebody the other day about Windows Server 2012 R2 and he said something about a new feature called "Work Folders" – but didn't know a whole lot about it. Can you give me some idea of what Work Folders are all about? I think they could be useful from what little I know.

Thanks! – Mandy.

ANSWER:

Hi Mandy,

Work Folders is a way to make information on the corporate network available to your users regardless of their locations and what devices they're working on. Work folders are also designed to make sure that information isn't compromised or leaked when accessed on various devices. With Work Folders you can:

  • Provide a single point of access to work files on a user's work and personal PCs and devices (Windows 8.1 and Windows RT 8.1, with immediate plans to follow up with Windows 7 and iPad support as well as other devices in the future).
  • Access work files while offline and sync with the central file server when the PC or device next has Internet or network connectivity.
  • Maintain data encryption in transit as well as at rest on devices and allow corporate data wipe through device management services such as Windows Intune.
  • Use existing file server management technologies such as file classification and folder quotas to manage user data.
  • Specify security policies to instruct user PCs and devices to encrypt Work Folders and use a lock screen password, for example.
  • Use Failover Clustering with Work Folders to provide high-availability solution.

For more information on Work Folders check out Work Folders Overview on TechNet.