Welcome!

Microsoft Cloud Authors: Nick Basinger, Kevin Benedict, Pat Romanski, Liz McMillan, Lori MacVittie

Related Topics: @CloudExpo, Microsoft Cloud, Cloud Security

@CloudExpo: Article

Reducing IT Operation Costs | @CloudExpo #API #Cloud #Azure

Incident management is key for organizations to ensure that their service operations are running without impacting the business

Reducing IT Operation Costs with Windows 10 Hello for Business

The newer Windows 10 devices with the Hello extensions are definitely going to have a cost implication, but in today's context in our own consumer world where every individual has access to Smartphones with advanced biometric features, why should the enterprise user continue to use the old PCs that are managed by traditional passwords? I think the cost of transformation to these devices will be worth the efficiencies in the ITIL operations as well as improved security to enterprise data. It would be useful to collect data about OEMs who have Windows 10 PCs with Biometric Hello features and the same list can be utilized by enterprises. I will write a separate article on Windows 10 devices for enterprises.

Incident Management and Passwords
Incident management, which is one of the process area of ITIL, is key for organizations to ensure that their service operations are running without impacting the business. Within the incident management there are two major triggers, known as Incidents (unplanned disruption to the service operations) and Service Requests (formal requests from end users for IT Services). Also in the ITIL/ITSM world the term Ticket is used for the method of initiation of a request from the user community to the IT department.

Without getting much into the classic definitions of ITIL, from the definitions above, it is easy to think that as an IT department, our goal is to minimize the effort spent on incident management be it Incidents or Service Requests, so that IT department spends a lower cost on operations while also concentrating more on the innovation.

Over the years, organizations have tried multiple options to reduce the incidents and service requests, one method they adopt is "Automation" and most times they also resort to "Self Service". Automation basically prevents manual effort on incidents and solves it with machines and self-service is more about letting the end users to solve the "Service Request" by themselves.

However, if you really think of the above two approaches, they don't prevent the issue at the source rather provide an efficient way to solve them. More and more organizations would like to prevent the issue at the source, so that they don't occur in the first place.

From the analysis of the Incident database from several organizations, it is found that the nearly 40% of Incidents/Service Requests are password related and most times IT departments take a minimum of 30 minutes and more to solve that issue. So if we really look this from a lost productivity angle of both IT department and end users this problem is not small as it looks.

While the traditional methods of self-service password management will continue to have value, the next generation end user management should go towards password less operations. Let us get into some directions from Windows 10 enabled features in this direction.

Windows 10 Features for Password Elimination
Windows 10 which recently had an anniversary update, has come up with some new features which needed some introduction.

Windows 10 Hello
In Windows 10, Hello replaces passwords. Individuals can create a PIN or biometric gesture on their personal devices for convenient sign-in. This use of Hello provides a layer of protection by being unique to the device on which it is set up. The biometric data used to support Windows Hello is stored on the local device only. It doesn't roam and is never sent to external devices or servers.

Windows Hello for Business (Formerly Known as Microsoft Passport for Work)
Windows Hello for Business, which is configured by Group Policy or MDM policy, uses key-based or certificate-based authentication. In Windows 10, the Windows Hello for Business (formerly known as Microsoft Passport for Work) feature can replace passwords with strong two-factor authentication that combines an enrolled device with a PIN or biometric (fingerprint or facial recognition) user input to sign in.

TPM (Hardware Chip)
Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. Microsoft Hello For Business takes the PIN or biometric information from Windows Hello , and uses this information to have the TPM-chip generate a set of public-private keys.

Azure Active Directory & AD Join for Windows 10
Azure Active Directory (Azure AD) is Microsoft's multi-tenant cloud based directory and identity management service. Azure Active Directory Join (Azure AD Join) is the functionality that registers a company-owned device in Azure Active Directory to enable centralized management of the device. I have covered in detail about Azure AD Join for Windows 10 in my earlier article.

Azure AD SSO (Application Access)
Azure AD enables easy integration to many of today's popular SaaS applications; it provides identity and access management, and enables users to single sign-on to applications directly, or discover and launch them from a portal such as Office 365 or the Azure AD access panel.

The above are just brief explanation of the mentioned technologies, detailed explanation of them are available on the Microsoft website.

Blueprint of a Password Less Enterprise
Powered by Windows 10 features (Hello for Business) & Azure Active Directory (AD Join, SSO), an enterprise can transform into a password less enterprise, which is not only secure but the associated IT Operations will also be lean and efficient.

The below diagram gives a blueprint of the same.

Summary
The newer Windows 10 devices with the Hello extensions will definitely going to have a cost implication, but in today's context in our own Consumer world every individual has got access to Smartphones with advanced biometric features, why should the enterprise user continue to use the old PCs which are managed by traditional passwords ? I think the cost of transformation to these devices will worth the efficiencies in the ITIL operations as well as improved security to enterprise data. It would be useful to collect data about OEMs who have windows10 PCs with Biometric Hello features and the same list can be utilized by enterprises. I will write a separate article on Windows 10 devices for enterprises.

More Stories By Srinivasan Sundara Rajan

Highly passionate about utilizing Digital Technologies to enable next generation enterprise. Believes in enterprise transformation through the Natives (Cloud Native & Mobile Native).

IoT & Smart Cities Stories
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
Whenever a new technology hits the high points of hype, everyone starts talking about it like it will solve all their business problems. Blockchain is one of those technologies. According to Gartner's latest report on the hype cycle of emerging technologies, blockchain has just passed the peak of their hype cycle curve. If you read the news articles about it, one would think it has taken over the technology world. No disruptive technology is without its challenges and potential impediments t...
If a machine can invent, does this mean the end of the patent system as we know it? The patent system, both in the US and Europe, allows companies to protect their inventions and helps foster innovation. However, Artificial Intelligence (AI) could be set to disrupt the patent system as we know it. This talk will examine how AI may change the patent landscape in the years to come. Furthermore, ways in which companies can best protect their AI related inventions will be examined from both a US and...
Bill Schmarzo, Tech Chair of "Big Data | Analytics" of upcoming CloudEXPO | DXWorldEXPO New York (November 12-13, 2018, New York City) today announced the outline and schedule of the track. "The track has been designed in experience/degree order," said Schmarzo. "So, that folks who attend the entire track can leave the conference with some of the skills necessary to get their work done when they get back to their offices. It actually ties back to some work that I'm doing at the University of San...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...