Security 365 – Toilet Paper & Tea bags!

April 19, 2013 1 Comment


OK the title got you this far, so what has Toilet Paper and Tea bags got to do with Security? There is a genuine point to it, please read on …..

Following a recent Cloud Computing event I found myself increasingly alarmed by the prevalence of red herrings being thrown around by vendors with respect to how their solutions and or products solved Cloud security issues when in fact they did little more than try to address them individually at best.

The reality is that DATA must be exposed to the software we use to orchestrate it, be that photo’s in Photoshop, a Document in Microsoft Office Word or a record in a database or a record spread across multiple databases. That is where the issue lies in the exposure of Data. The challenge is how we protect that which is of true value. No longer the network boundary, but protecting the DATA, wherever it goes, however it is being accessed, regardless of its form factor. Not how a software solution can provide a secure environment in which to process data, albeit an important factor, it is not a solution in itself.

Bring on the day when data in its raw form is encrypted and the owner can manage that encryption with convenience and ease whilst ensuring complete control over whom they elect to share any part of that data set with. Imagine being able to share data and attach an expiry date, or revoke data usage at will (regulatory retention aside) instead of having to go through lengthy protracted third party information disclosure requests, which even then are often questionable in their accuracy.

What is appealing about this concept is the reality that it places the control of data back into the hands of the individual. The individual or corporation can then dictate whom, when and for how long they share their data. It opens up possibilities like levying a micro payment charge in cases where that data sharing has a commercial value transfer to any benefiting third party. Assuming a trusted platform that can orchestrate this according to a set of user defined sharing rules (policies), such micro payments would soon add up to reasonable sums of money when considering the current spread of personal data. Sadly we are currently a long way from that Holy Grail. It would certainly sober up the Internet Corporatocracy (Facebook, Twitter, Google and their ilk) of this world who have been building personal value by gorging themselves dining at the Internet table of free data. Their addiction to the concept of free data will I suspect see little support from that quarter for such a solution.

Data security software solutions and products largely address a single issue and do not materially protect the critical payload in transit, rest and during its consumption. The payload being none other than data and the information that is ‘data’.

Erosion of privacy through data seepage into the public domain out with owner’s control or intent is an issue of paramount importance and at a corporate and enterprise scale the exposure and risk grows exponentially. On a private individual level that is often of singular concern, attitudes towards privacy of data influenced largely through the Social Media behavioural contagion, massaged by the Internet’s Corporatocracy, who work hard at breaking down the principles of privacy for self-interest. At some point the Social Media lemmings of the world will wake up to find themselves victims of ‘The Emperor’s New Clothes’, loss of privacy and control of one’s personal data is a sorrowful state of affairs many will have to come to terms with. Reminds me of the immortal words ‘For fools rush in where angels fear to tread’ from the poem ‘An essay on criticism’ by Alexander Pope, or for the more contemporary and more poignantly named song ‘Jokerman’ by Bob Dylan.

I digress, Social Media aside, the simple acts of transmitting and collaborating on information present the largest risk surface area(s) for data compromise. Surfaces that are being built out faster than ever before with the boom in personal / portable compute devices (PCD’s) be that a smartphone, tablet, laptop or the next gadget that gets christened off a keyboard with a stuck ‘i’ key!

For every collaborative event requires a transmission of data, and such events are infrequently constrained within Local Area Network (LAN) but at some point transit a public fixed or wireless network (Internet) exposing or depositing data en-route as well as compute devices out with any structured realm of control. Increasingly the securing of the communication conduit is addressed using HTTPS (Hypertext Transfer Protocol Secure), an encrypted transmission that secures data in transit. But that is only part of the exchange process, and one that has had its security reliability tested and questioned, with early iterations of its underlying protocol having been hacked, ref; Infoworld Article ‘HTTPS has been hacked’. So far we have secured the trickiest part of the information exchange to compromise, the transmission, leaving the easiest, the PC and or Server, available and ready to be compromise. An email attachment click away and data on any unsuspecting PCD regularly falls victim to malware.

This gives a false impression of security, rarely are the end points to a data exchange, the PC, Servers or PCD’s similarly encrypted. But it is not JUST end points is it. Every device en-route between exchanging parties holds the data be it for milliseconds or in some cases longer. A veritable pass the parcel where, Data is cached and stored in a myriad of places, where the parcel is little more than a colander raining data and the information life blood of companies and individuals into the public domain.

A recent study released by Team Cymru reveals that hackers misappropriate more than 1TB of data daily from corporate networks alone. If they can do that from corporate systems what hope is there for the Silver Surfers (60+ generation), one of the fastest growing use bases on the internet today. This is not an isolated issue either. With a global population of Zombie computers in the millions the bad guys capacity to leverage compute power with malicious intent outnumbers the good guys. Moving briefly off theme a bit, the escalation of this power was clearly demonstrated recently with the 300GB Distributed Denial of Service (DoS) attack on Spamhaus ‘When spammers go to war: Behind the Spamhaus DDoS’. This was a x6 increase on the previously largest recorded DoS attack of 50GB. At this scale of escalation attacks are having a collateral impact affect beyond the targeted systems. Subject for a future article I would hazard.

Back on theme, we have all heard of ‘Data Security’, but as a term its use is more often not a full truth. As with the data in transit example above, data security is subjective when it needs to be objective. The security that vendors address today is addressing an environmental state that the data is not persisting in, or not persistent in for long. Securing the protocol’s that we communicate data through, or the servers, datacentres, PCD’s that we store data on or the software applications with which we orchestrate our data, is not true ‘DATA’ security. Access to any of these environments, whether authorised or not, means data can readily be harvested, and believe me it is and most of you will not even know it is happening off your own computers.

I feel like shouting in frustration sometimes – it’s in the name ‘DATA’ security, so secure the DATA itself, as I have blogged before ‘Data Security – It’s in the Name!‘ OK good that you secure the other servers, datacentres, PCD’s or software application assets but what about the DATA! I am not proposing we stop securing servers, datacentres, PCD’s and software application, but their security is addressing THEIR security profile and the DATA security is largely by association only. As we currently deal with security at the server, datacentre, PCD and software application level we create security silo’s that require gatekeeping. Thus the cracks start to appear and data fall’s through or the hacker sneaks in, every other which way the data is exposed to higher risk and the prospect if not likelihood of compromise.

Now throw into the mix the structural nature of Cloud Computing architectures and its fastest growing method of interfacing systems with the use of Web/Cloud services. A Web or Cloud service being little more than a traditional API (Application Programming Interface) exposed to a public network. Designed to link disparate systems to deliver richer and often more real time functionality at scale and with collaborative resources unattainable until now to single organisations. Web/Cloud Services live for data exchange and data retention follows hard on the heals of those exchanges between API exposed entities. API’s = more joins and cracks, not to mention interactions to be audited and jurisdictions that will be challenging to reach into to audit and truly validate Service Level and or compliance. This is no scare tactic, I work with programmers every day, and these are some of the smartest guys around, but they are human, and ‘humanum est errare’ (it is human to err).

With an Industry average of “about 15 – 50 errors per 1,000 lines of delivered code” Quote Steve McDonnell from his book ‘Code Complete’ (2nd Edition. Redmond, Microsoft Press, 2004. 960 pages. ISBN), there is an inevitable high risk in API’s, they are just code after all. Yes errors can be ironed out, but the effort is often not commercially viable. For example only after using extensive format development methods, peer reviews, and statistical testing did the space-shuttle project achieved a level of 0 defects in a random sample of 500,000 lines of code. The ‘Cleanroom Development’ technique pioneered by Harlan Miles achieves consistent rates as low as 3 errors per 1,000 lines of code (Cobb and Mills 1990), so there are no easy options. All said and done commercial realities turn this into a real concern, the cost of this diligence means API’s will not all be tested to such robustly high quality levels as the space shuttle which means there are errors, and where there are errors there will be means to an end for hackers:

But what if the data itself was of no use once the hackers got hold of it? Do you think they would bother spending long ours gaining access to it if they found it worthless?

What I am getting at is the act of encrypting the DATA itself, the raw data packets, only then are we starting to address the nub of the issue – making the data secure. Encryption (to encipher) and Cryptography (hidden, secret) is a powerful resource. I like the core message in these terms because they point to the essence of what we must achieve with our data to make it truly secure to turn it into something of ‘no value or importance to anyone else’ = cipher to encipher / encrypt our data. Whilst that may sound simple I and the rest of the security community are under no pretence of the challenge this would represent to manage.

Encryption is no small undertaking, by its nature it is very unforgiving to the forgetful or unstructured amongst us which is why all but the very large Enterprises can afford data encryption systems. It is no wonder Enterprise Digital Rights Management (E-DRM) has become a familiar term transposed onto the more generic Information Rights Management (IRM). At a private level it is almost non-existent, for even if you understand the principles of Public Key Infrastructure (PKI) and can wield the tools of Pretty Good Privacy (PGP) to manage you data in an encrypted way you will find yourself limited in terms of who you can interact with as this is far from user-friendly or mainstream.

Do not be misled, poor adoption of PKI, PGP and their ilk are not an early adopter issue, it is a fundamental structure issue. These mechanism are complex to get to work optimally, and in a sub-optimum deployment they are compromised so its worth is questionable and in a corporate world ‘it works some of the time’ does not win much in budget debates. At an individual level it is simply the complexity of management and exchange of encryption keys and their associated Certificates validating key ownership that renders it unusable.

The best we have at present for securing our data files is through forms of IRM / E-DRM, but this has until recently been out of reach of not just the Small and Medium Size Business (SMB / SME’s) but even large Corporates. OK there are proprietary application level encryption and password locking features, but they lack the truly ‘in-line’ capacity as a real time solution and after all the internet is full of solutions that can break these within seconds just head over to the likes of:

Not all is lost though. Most of us have come up against the power of IRM in the form of Digital Rights Management (DRM) with online music purchase, finding that if we try to share a music file bought through one of the online stores we cannot. Why? Because the data is secured and has been locked for use to a single user account. Reflect, the data itself is secured this is the DATA protected, OK the software you use to play the media has to know how to read the data. The data compliance with a standard supported by the software that allows the software to interpret how to authorise the user to use the data, but again I point out this is the DATA that is secured, secured by encryption that refers a user (be it individual or software) to comply with a policy set by the data owner.

Welcome to the future of corporate and personal data, where software (any software) conforms to a standard whereby data is encrypted and software has to comply with that standard to use that data. Just as your Windows Media Player or iTunes software does today through their respective online stores which act as a validation and authorisation proxy for the music industry who are the ultimate rights owners of the tunes you play. In such a new world of data, you could perceivably leave you data anywhere and it would be secure. Why? Because it is encrypted, available to those authorised by the data owner. In such a utopia hackers would gain little from stealing data, and Google would not be able to scan your documents and emails so readily!

IRM as stated above has been the exclusive realm of large Enterprises with the deep pockets to invest in the necessary infrastructure and process discipline mandatory to ensure such an environment works seamlessly and critically data encryption keys are not lost! Until now….

May I introduce or re-introduce you to Microsoft Office 365, Microsoft’s Software as a Service platform for business of all sizes, affordable even for individuals. Microsoft Office 365, delivers Enterprise grade email, collaboration, conferencing and productivity software amongst other benefits. It reset’s the bar in terms of empowering organisations and even individuals and most poignantly stands alone in its security capabilities with its Information Protection and Control (IPC) in the form of Windows Azure Rights Management Service:

Microsoft Office 365 forges a Grand Canyon of a chasm between it and the following herd of online Saas business productivity service vendors when it comes to its compliance credentials and security capabilities, and at a price point that is challenging for any serious functionality and data conscious business executive to not consider very, very seriously. Microsoft Office 365 scales from 1 to 50,000 user environments OUT OF THE BOX! Now NO organisation has an excuse for inappropriate document or email disclosure. It allows ANY organisation to Rights Manage their documents and emails, applying Enterprise class encryption helping to ensure they are only visible to those that have been given explicit rights. This protects organisations in the following common risk scenarios:

  • Laptop theft.
  • Portable media loss.
  • Dismissed employee data retention.
  • Inadvertent CC’ing of emails or sending to the wrong recipient
  • Email interception.
  • Internet vendor document/data scanning.
  • ….. amongst others

Not 100% full proof by any means but 100% better than about 95% of the ‘Data’ security being implemented by organisations today. Be assured that just because you believe you have not been compromised does not mean you have not. In fact I would challenge an organisation, IF you have any Intellectual Property worthy of being stolen KNOW that you are either compromised and you don’t know it or adversaries are going after it, if you don’t believe me I fear your falling foul of the old ‘Struthio camelus’ syndrome of head in the sand!

The elephant in the room then becomes how to validate the identity of those access in the data, how do you prove that you are who you are and not an impersonator or a middle man ‘borrowing’ someone access code(s). Single factor Username + Password authentication mechanism are too weak for true identity security, multi-factor authentication (something you know and something you have) is a step in the right direction but many multi-factor authentication approaches remain vulnerable, and thus the goalposts move …. that’s a subject for another day.

Conclusion
So whether you believed me at the start of this article or not here it is, for little more than the cost each year most organisations spend on toilet paper and tea bags (Ok and coffee) per employee they can enjoy Enterprise grade document and email security amongst a bucket load of other powerful features with Microsoft Office 365, no excuses.

——————–

Toilet Paper & Tea Bags Analysis

Thanks to Discovery Channel and MySupermarket.com:

  • Average usage per employee/yr = 30,000 sheets/year or 134 rolls/year (@ 150 sheets per roll).
  • Average price of 50p/roll

Total £67/year per individual on toilet rolls + Tea breaks at £300 per employee per year – Epiphany research 2012 quoted on ‘The Workplace Savings and benefits’ website.

Filed under Cloud Computing, Computers and Internet, Home Computing, Legal, Office 365 and Azure, Privacy, Security

Free Windows RT – A Future or not?

January 28, 2013 Leave a comment


Windows RT officially launched alongside Windows 8 on October 26, 2012 with the Microsoft Surface device leading the pack of several Windows RT-powered devices from OEM partners.

Despite the lack of clarity around the Windows RT v. Windows 8 versions, Windows RT has established a solid user base. It delivers to the mobile demands of users in key areas of a stylish aesthetic design and critically excellent battery life. More on that discussion in my earlier blogs:

Microsoft’s decision to release an OS build for the ARM CPU was largely driven by the capability this architecture gave the design teams to forge a svelte cutting edge design. Systems on a Chip reduced the bulk and cooling demands as well as increased the battery efficiency allowing for thin devices.

With the announcements by both Intel and AMD that they have their own x86 ‘Systems on a Chip’ CPU’s in the pipeline raises the question that has started entering debate as to the future of Windows RT. Couple this with the new Atom class CPU’s that are now driving fully fledged Windows 8 OS’s and narrowing the gap in critical areas of compactness and battery life.

If the hardware continuous evolve allowing a fully-fledged Windows 8 OS to be delivered on tablet devices without compromising battery and design then what does the future hold for Windows RT? The reality is very little. After all who would invest in a Windows RT device over a fully-fledged Windows 8 device? It is an election into a closed ecosystem with a derisory ecosystem of desktop applications and despite a 4 fold increase in Windows New UI applications they represent a poor compete against Android and iOS libraries of apps.

The decision maker in this saga is the application ecosystem and third party product and vendor attachment. iPad has enjoyed a momentum that appears to demonstrate that OS grade functionality is not a critical factor in the Tablet class as long as app and vendor add on product are compelling. That was in an environment that lacked such fully-fledged OS power, Android being no better than iOS. With Windows RT the started to change, but for the lack of application ecosystem. Now with Windows 8 appearing on iPad tablet design class devices there is going to be some interesting times ahead as the full momentum of the Windows application ecosystem and Partner 650,000+ commercial developer organisations get up to speed. Throw in the next generation of Office 365 due out soon and things get even more interesting.

Back to the debate on Windows RT’s future, there are many permutations but to consolidate these under a few common headline options we are left with:

  1. Status-Quo

No change, however it lacks real viable evidence that it is not going to just wither on the vine. OEM’s have not only cancelled RT initiatives they are largely cold on the whole project and driving their hardware architectures to a full Windows 8 which is clearly their agenda further eroding the current device class RT is pitched at fast. There is a price and battery advantage that RT offers as a differentiator but that is modest, and for everyone I have spoken to Windows RT is not worth it.

  1. Trim

Reduce the OS to the Windows New UI side of its personality, allowing it to live on lighter and cheaper hardware. As Windows 8 drives a new fully featured OS class of tablet, it will not supplant the cheaper, more compact, lighter and battery efficient Android and iOS class of device which we have become used to as consumption devices. RT has a future in the iOS and Android ‘Consumption device’ class. To do so it needs to drop its split personality (desktop side) and deliver just the new Widows UI. This would allow RT to be stripped back as an OS which could allow it to be delivered on reduced capacity device design’s that would slash cost and battery usage. This still does not identify what will stimulate the redressing of the small application ecosystem, as this is just another low end user volume platform competing against two well established platforms in iOS and Android.

  1. Kill

Discontinue the ARM experiment in light of the point made above over hardware evolution supporting full Windows 8. This is the current consolidated view IF it continues in its current form and lacklustre redressing of blatant short fallings such as no offline SkyDrive storage which makes a mockery of the device as a mobile platform when you think you need to be always network attached!

  1. Free

One thing is clear something has to happen to allow RT to compete in a class of devices that will not see it being thumped by its big brother Windows 8 as Atom Tablet architectures are already seeing happen. This will probably come over as a heretical idea and likely to be more than out of bounds for Microsoft culture to adapt to BUT there is a real and viable case for releasing Windows RT as an Open Source community effort.

Amongst many viable reasons:

  • Removes license costs from production placing it toe to toe with Android and giving OEM’s a choice they currently do not have. It’s Android or nothing in that class of device.
  • Make a friend with the OEM’s.
  • Opening up the closed RT architecture would immediately get the attention of the largest programmer audience in the world.
  • Put a cat amongst the pigeons with the regulators who have always enjoyed having a snipe at Microsoft.
  • Microsoft has an established Trusting audience and loyal user base.
  • Windows 8 UI familiarity on the Desktop will drive adoption.
  • Free platform does not mean NO revenue. This has the potential of driving explosive growth in applications that will stimulate significant reviews through the Microsoft store.
  • Community goodwill.
  • Takes the fight to Google on territory it arrogantly believes it owns.

There would be significant challenges, headline ones including:

  • Microsoft cultural readiness.
  • It is unclear how much opening up the RT code would reveal cross platform x86 insights that Microsoft would rather were not.
  • It will eat away at the bottom end of the Windows 8 market, BUT this is just the user tier that is adopting Android and iOS devices accepting the restrictions as they do not need power features and functions.

Most of the challenges could be dealt with either in the Open License Agreement and or limitations placed on opening up certain parts of the OS code, whilst providing them ‘black boxed’.

Looking at the bigger picture, services and application store revenues are increasingly becoming the new revenue generators. Would ‘giving away’ a lightweight OS iteration on a constrained hardware architecture really impact bottom line? I challenge that the ecosystem revenues would out weight that furthermore the momentum it would build behind the new generation of Windows OS’s in this class would be an accelerator into taking chunks out of the competitions market share for Microsoft.

It is just this type of bold and decisive action that would shake up this class of devices and place Microsoft very much into the tier of innovators again.

Casual discussions with some of Microsoft OEM hardware partners has seen this received with significant interest. Maybe a lunch with them all in the same room could forge a friendly meeting with the power that be at Microsoft?

Filed under Computers and Internet, Home Computing, Microsoft Partners, Mobile, Small Medium Enterprise (SME), Windows 8

Data Security – It’s in the Name!

December 20, 2012 2 Comments


I have just come out of my last meeting before Christmas in which security has been forefront (again) on both business and IT principles minds, and tongues…

The bizarre thing is that despite the obvious, the prevalence of IT security systems protect the ‘Environment Boundary’ in which data resides or is transmitted, whilst understandable form a certain perspective, it is somewhat medieval in its approach to the core ‘Data Security’ problems facing organisations and individuals today.

It is all good and well using SSL (Secure Socket Layers ) to ensure your communications (data exchanges in transit) are secure. BUT a waste of time if the communicating entities do not apply similar levels of security when the data is stored (data at rest). Even the most inept hacker knows that the easiest point to attack in any data exchange is the client (workstation, notebook, mobile device). The server end of the chain is likely to be more secure environment (not necessarily) than the end users. Hence the prevalence of end user vectored attacks, email being the weakest and most convenient conduit to perpetrate a hack. Once a Hacker can get some malware on a user’s PC they can just about do what they want with it, and that includes all the data unless the documents and or data is encrypted.

Thus we get to the headline of the article. DATA SECURITY. If all data adopted the same protective measures as the entertainment industry tries to do with their music and movies then less of our private lives would become public, and organised crime feeding off corporate systems selling inside secrets or blackmail would be poorer overnight. Organisations should be securing their CONTENT as well as their IT environments. Currently most organisations actually do ‘Environment Security‘ NOT ‘Data Security’.

Information Rights Management (IRM) has been around for decades in various guises.. ISV’s (Independent Software Vendors) are largely ignoring a HUGE market opportunity to tap this capability. Some understand it and build their business on this core feature, but most ignore it and defer security to the IT department’s ability to secure a whole environment. IRM has never been easier today to implement, without even needing to deploy a service it is possible to tap Windows Azure AD Rights Management and have this capability on tap. For organisations using the Microsoft Office 365 Online Software as a Service (SaaS) suite it is possible to enable this with ease:

Microsoft Office 365 with Windows Azure AD Rights Management enabled represents one of the most secure and feature complete collaboration environments available on the market today. I would challenge some enterprises to prove a more secure data environment, and this is available to the smallest of organisations for less than £15/mth per user. This default functionality in Microsoft Office 365 is just a baseline, for the more security conscious this can be enhanced exponentially with third party products.

IRM is not full proof, nothing can stop someone re-typing a document or photographing a screen. BUT it represents a significant convenience barrier to those perpetrating corporate espionage and removes any ‘accidental’ disclosures.

I suspect though there will be a few more fruitful Christmas seasons for the corporate espionage crime syndicates to roam deserted corporate systems before the penny drops.

Filed under Cloud Computing, Computers and Internet, Home Computing, Legal, Mobile, Office 365 and Azure, Privacy, Security, Small Medium Enterprise (SME)

Still paying for eMail & Website Hosting? Think again…

December 1, 2012 Leave a comment


If you are a sole operator and still paying for email and website hosting then you are throwing money away. It may not be a lot, but then I guarantee there are richer featured options that you can benefit from. Read on.

For many the reasoning is practical. You have your own Domain and you believe this requires you to pay for an email service that supports this. For others it is simply evolutionary, you have had an email and website packaged service many years with Vendor ‘X’ and have never evaluated your options so you are still paying for something you don’t need to.

For many of you in this scenario you may also find the interfaces for mobile connectivity and browser access are retro, as for website management solution (if at all), some websites are still limited to FTP (File Transfer Protocol) management access to a bare directory on the vendors servers, forcing you into the hands of a commercial agency to get any half decent site built and maintained at more cost.

The solution is simple:

  1. For eMail = Outlook.com
  2. For WebSite = Windows Azure Websites (See a follow-on blog for details on this)

If you want to see why and fancy a punt at other options such as ‘Google’ apart for the privacy issues that you may not be aware of with Google’s terms and Conditions, have a look at a straight Outlook.com v. GMail Feature Comparison which tells you why Outlook.com is the

If you are still not convince, just one feature should make it for you in this new mobile world we live in and that is Exchange ActiveSync (EAS)

For those who like a 3rd party opinion then head over to:

The following is a summary guide as to how to set-up your eMail and domain on Outlook.com, a separate Blog will cover the Free Website feature in Windows Azure and the rich content management options this can include.

A PDF version of this Guide is available for download – ‘Outlook.com Admin Configuration Guide‘ (PDF 428kb):

Outlook.com Configuration & Admin Overview Guide

Step 1.

First off you need a ‘Microsoft Account’, formerly known as Live ID/Hotmail ID/ Passport amongst others. If you already have one then that’s easy, just jump straight to the Outlook.com Webmail Login  and voila, you are now running ‘Outlook.com’. If as an existing Microsoft Account holder you get the old Hotmail interface, it is simple to click on the ‘Options’ then ‘Upgrade to Outlook.com’ link and that is you upgraded, per the image below:

That’s you set-up with free Outlook.com email on your Microsoft Account. This is not yet active on your own domain or domains. To get your email on your own domains working you need to continue to Step 2.

It is advisable to be ready to move ALL our email accounts to Outlook.com BEFORE you commence Step 2. This should include being clear who controls your domain(s) DNS settings. If in doubt contact your hosting provider AFTER reading through the rest of this guide so you are clear on what is involved.

Step2.

Configure your domain and get access to Multiple User accounts on your own domain FOR FREE.

  1. Head over to the ‘Windows Live Admin Center‘ at http://domains.live.com
  2. Click on the ‘Get Started’ link’ Assuming you’re already logged in!

  3. Enter your domain name. Don’t get confused by the ‘www’ prefix, it is perhaps not the most intuitive way of simply requesting a domain name! Then Click ‘Continue
  4. Next you will have to go through a formality, check the setting s are correct and assuming your OK with the Terms & Conditions click ‘ I Accept’

  5. The next screen is a little overwhelming for the non-techies. If you have access to your domain’s DNS or DNS management page then I assume you know what yru doing, if not you will be emailing a copy of this page to your Domains Registrar or Hosting provider who controls your domains DNS.

    In summary this page update your DNS records so that email etc will start getting pointed to your new Outlook.com profile.

    DO NOT initiate this till you’re ready for email to STOP arriving at your old email service, and you are ready to set-up all your email accounts on Outlook.com.

    You can pre-configure this and leave it as is, note the ‘Prove Ownership’ box highlighted in Blue. Until you have either made the changes or instructed someone else to and this box is replaced with a ‘Your Service is Active’ statement your email routing is unaltered.

  6. Assuming were good to go with Outlook.com and you have made the changes noted above in DNS instead of the yellow ‘Prove Ownership’ box, you should now see an ‘Your Service is Active’ message box as illustrated below:

Now you can configure a variety of features from the left hand Admin menu:

Custom Addresses – This allows you to create additional Domain URL prefix’s for your mail domain ie:’mail.yourdomain.com‘ :

User / Members Accounts – user mailbox’s (Up to 500!!)

Open Membership – Great commercial angle to allow you to share your Domain with subscribers to a service or your website:

Co-Branding – Allow you to brand your email experience, ideal if you are using Open membership features:

Domain Reports – All important management tool to monitor activity on your email usage, a summary list of available reports below:

You should not be set-up with your Outlook.com service. You can add additional domains to this all managed by your principle Microsoft Account, or any other Microsoft Account you may wish to designate.

Other features you may wish to explore will include the Microsoft Live SkyDrive and Office Web application linkage that you get for collaboration with Outlook.com, you can access this from the Outlook.com mail interface at http://mail.live.com, top left click the down arrow next to the Outlook banner, see image below:

This will open up a link menu to other rich interface features and SkyDrive for document sharing and Office Web Apps integration:

Filed under Cloud Computing, Computers and Internet, Home Computing, Small Medium Enterprise (SME)

Windows 8 To Go Workspace Creation Guide

November 24, 2012 Leave a comment


The following guide will allow you to configure a USB device that is Windows 8 To Go ‘Ready’.

This guide is designed for users who are not yet running Windows 8, and whilst it can be followed if you are running Windows 8 IF you have Windows 8 Enterprise then a much simpler option is to use the ‘Windows To Go Creator Wizard’ (accessible from the Windows 8 Enterprise Control Panel or search) which automates:

  • USB Device provisioning process,
  • Windows 8 Instalment (you still need to have the Windows 8 Enterprise install media for this)
  • Bitlocker enablement options that can activate Bitlocker automatically during the Windows To Go creation process.

As you are creating a portable instance of your Windows 8 Operating System which is likely to contain private data we strongly recommend you activate the built in bitlocker drive encryption technology.

The process below does not allow you to enable Bitlocker during creation, it requires you to enabled bitlocker drive encryption AFTER creating your ‘Windows To Go Drive’ from within the Windows To Go workspace.

You can download a PDF version of this guide for ease of reference from here: Windows To Go Creation Guide (220 KB PDF)

This process requires Windows 8 Enterprise install media and does not work with other versions.

For a Windows To Go Feature Overview and more information please visit the Microsoft TechNet site.

Preparation Phase:

Step 1. Get the imagex.exe from the Windows Automated Installation Kit (AIK):

  1. Download the Windows Automated Installation Kit (AIK) for Windows 7 (1.7GB) http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=5753
  2. Download WinRAR, then uncompress the AIK ISO file that you downloaded, browse and extract the Neutral.cab file.
  3. Uncompressed the Neutral.cab with WinRAR, and extract the file name F1_imagex.
  4. Rename the file F1_imagex to imagex.exe.

Step 2. Get the install.wim Windows 8 Enterprise Install File:

  1. Download or get your copy of Windows 8 Enterprise
  2. If you have this is ISO format (if you downloaded from MSDN for example) use WinRAR to uncompress the Windows 8 Enterprise ISO file.
  3. Browse the uncompressed Windows 8 Enterprise files going to the \sources\ folder, extract the install.wim file that it should be in there.

Copy both the imagex.exe and the install.wim files to a separate directory.

USB To Go Creation Phase:

Step 1. Configure your USB drive:

  1. Open a Command Prompt (in Administrator Mode)
  2. Run the following Commands allow each to finish before proceeding to the next:
    1. DISKPART
    2. LIST DISK (Note down the Disk number of your USB Device, ie: Disk 1 in my example below)


    3. SELECT DISK 1 (Replace 1 with the number of your USB Device from the step before)
    4. CLEAN
    5. CREATE PARTITION PRIMARY
    6. SELECT PARTITION 1
    7. ACTIVE
    8. FORMAT FS=NTFS QUICK (Format process may take few seconds, longer if you opt to do a full format by leaving off the ‘QUICK’ option)
    9. ASSIGN
    10. EXIT

Step 2. Install Windows 8 Enterprise onto the USB:

  1. Open a Command Prompt (in Administrator Mode)
  2. Browse to the folder that has the Imagex.exe and now the install.wim
  3. Run the following command: imagex.exe /apply install.wim 1 D:\
    (Replace D with your USB drive letter)
  4. This write process will take a bit of time, progress is displayed.
  5. Once the write process has completed configure the boot record in the Windows To Go USB drive. Type the following command: bcdboot.exe D:\windows /s D: /f ALL
    (Replace D with your USB drive letter)

Volia!

Now you should be able to boot to your external Windows 8 Enterprise USB To Go device and complete your installation. Some helpful hints on how to configure the traditional desktop Start Button etc available at Windows 8 Desktop Prioritisation Guide


Filed under Computers and Internet, Home Computing, Small Medium Enterprise (SME), Windows 8

Windows 8 Desktop Prioritisation Guide

November 20, 2012 1 Comment


As promised a guide to how you priorities the boot order to your conventional Windows desktop and return certain critical efficiency assets most notably the Start menu. Remembering that we don’t want to throw the baby out with the bathwater so the following maintains 100% the Windows Modern UI in all its tiling glory.

You can download a PDF version of this guide for ease of reference from here: Windows 8 – Desktop Prioritisation Guide (234 KB PDF)

Why is this needed? As I said in my earlier blog Microsoft leave the Control Freekery for the Fruitcakes the Windows 8 Modern UI is ill-suited to workstation environments. The uncharacteristic step by Microsoft to throw users uncaringly into a whole new world of their Windows 8 Modern UI (User Interface) and at the same time cut them off from the comfort of a the Conventional Desktop is the most ill thought through and poorly thought through marketing faux pas since their Vista launch horror. Why throw away the trust and familiarity of the Conventional Desktop, when those characteristics actually represent the gateway to adoption of the Modern UI is beyond me. But then I guess that is why Steve Sinofsky was seen making such a fast exit, and good riddance to his Steve Jobs attitude to bullying consumers through product changes. What would have been more engaging is the Modern UI and the Conventional Desktop introduced as distinct principle software environments for different device formats.

  1. The Conventional Desktop should never have had its start menu removed, it alienated users immediately from any sense of a familiar introduction to Windows 8 where they would inevitably explore end up exploring and getting familiar with the Modern UI on their own terms.
  2. The boot order should have been set as an elective as part of the install wizard, and in the same way allow users the flexibility and choice to safely adopt Windows 8 without the fear of being forced into the unknown and steep learning curve of change which we humans are inherently wary of.

So this Blog redresses this by giving you back that familiar and reliable fully empower conventional desktop environment from where in time you can build out your skills into the new world of the Modern UI.

This guide will step you through what I have now found as a robust process to re-establish a Windows 8 conventional desktop for power users and real multitaskers. I am hopeful that this will become somewhat redundant if Microsoft redress some of the Steven Sinofsky aberrations. Some of this will work with Windows 8 RT, but find that Windows 8 RT is largely on Tablet style devices that it suites very nicely so the priority is very much the Modern UI over the Conventional Desktop.

So let’s get started.

This assumes we are starting from a clean installation of Windows 8 Pro or Enterprise.

  1. Reinstate the Start menu – Download Classic Shell (http://classicshell.sourceforge.net/features.html) Full details and alternatives summarized in my earlier blog ‘Windows 8 – Boot to Basics’
  2. Download the attached file which I have had to give a .DOC extension so you can download it (NRG Menu Settings.xml.DOC) but it is in fact an XML file with XML script of the configuration I use in the Classic Shell that will help you get going. Right click on the link and save the file to your hard drive then remove the .DOC file extension to leave a native XML file you can then import it into Classic Shell from the Backup option in the settings menu. This will:
    1. Configure your Start menu with a Windows 8 look and feel.
    2. Automatically set your OS to boot to the Desktop. (You can always return to the Modern UI by hitting the Windows key on your keyboard).

So now you have a Conventional Desktop with a core asset returned to its usual location, reducing the laborious screen switching to the Tiled interface or heavy-handed use of search.

For some that will be enough and you will be capable of doing your own Conventional Desktop modifications from hereon.

Those of you who would like some more tips I can recommend casting your eye over the following that will ensure your desktop experience does not regress into Frankenstein moments by popping into Modern UI applications not best suited for large non touch screen environments.

Re-set Default Programs – One of the issues with Windows 8 is you will find many file types are automatically set to launch with Modern UI applications. The following steps will allow you to ensure you will priorities your desktop applications.

    1. Install desktop applications so that you can re-assign file types to use the Conventional Desktop programs over the Modern UI apps. Some applications you may find useful will include:
    2. From your re-instated Start menu go to ‘Control Panel\Programs\Default Programs\Set Default Programs’ and click through your newly installed programs to prioritise them. Some key ones I would suggest include:
      • Those listed above
      • Windows Media Player – Playing & managing music
      • Paint – Image viewer and basic editor.
      • Windows Photo Viewer – To view and print images instead of the Modern UI Photo Viewer.
    3. The other big one is Internet Explorer – make sure the dropdown election is set in the ‘Internet Options > Programs’ to always use IE on the Conventional Desktop. I also tick the ‘Open IE tiles on the Conventional Desktop as well so even if I am in the Modern UI I will prioritise a desktop instance of IE.

    4. An alternative way is to use File Explorer and right click on the individual files want to assign to a specific program and click ‘Properties’. On the general tab will be an option to ‘Open With:’ and a ‘Change’ button. This is a little more long winded than the earlier step but gives more control.
    5. A clean way to reduce conflict with Modern UI apps and also save a bit of disk space is to uninstall the Modern UI variants. (The reality is I have removed all my Windows Modern UI apps as they serve no purpose and only add to network congestion in the background. All the news and other functionality apps I bypass as the websites are richer using the Conventional Desktop IE v.10 as our counterpart Conventional Desktop programs).  This is likely to include as a minimum:
      • Video Player
      • Photo Viewer
      • Mail (this will also remove Calendar, Messaging and peoples hub) but assuming you are running Microsoft Office as a power users these are fripperies you will not need and only serve to duplicate content on your hard drive and increase network activity if you do.
      • SkyDrive (Modern UI version only)
      • Skype SkyDrive (Modern UI version only)

       WARNING – Do not install the same apps both in the Modern UI and on your Conventional Desktop, this can cause conflicts such as with Skype also you will find you end up duplicating data and network activity. Windows 8 is chatty enough on the network without adding to it!

‘Free’ Media Pack for Windows 8 Pro
A time limited offer you can take advantage of at – http://windows.microsoft.com/en-US/windows-8/feature-packs

Optional free or Shareware utilities

I also find useful that you can take or leave include:

Desktop Gadgets

This is something I have been asked by just about every user I have helped convert to Windows 8, they miss the convenience of having some of those core gadgets ‘just there’. Key favourites include the Calendar, currency conversion, weather. Post it’s and power monitor. You are in luck head over to 8Gadgetpack at http://8gadgetpack.bplaced.net/ . It’s not quite a full Windows 7 gadget style experience more Vista with the sidebar limit, but you can remove the sidebar and have just the gadgets on the Conventional Desktop.

Conclusion

What you should now have is a fully tuned up conventional desktop environment (with a few utilities if you elected for them) that will allow you to leverage the full potential of Windows 8 whilst maintaining the luxury of the Modern UI tile environment 100% intact. The key difference being you have prioritised the Conventional Desktop experience over a touch screen experience with no compromise.

Filed under Computers and Internet, Home Computing, Small Medium Enterprise (SME), Windows 8

Microsoft leave the Control Freekery for the Fruitcakes

November 18, 2012 1 Comment


Demonstrating unwavering leadership, whether driven by necessity or not, Steve Ballmer has created a unique window of opportunity to redress some issues with Windows 8 reception into the marketplace.

Steven Sinofsky President, Windows Division has gone from headline grabbing darling to departed http://www.microsoft.com/en-us/news/exec/ssinofsky/

Conspiracy theorists abound need little imagination as to why. As a Microsoft Partner at the consumer and enterprise coal face it has been black and white since the latter preview releases of Windows 8 that there was a temperature change in the Windows Division that was blowing the good ship Windows into dangerous waters, and it appears the Captain had decided to ignore the feedback from his instruments. It appears Captain Sinofsky had been ardently fighting a one man war against the traditional choice characteristics of the Windows OS and had achieved internal persuasive success at Microsoft, with resistance and reservation, for his drastic surgery on the traditional Windows desktop. This was also in the face of a full blown gale of online, Partner channel and general technical audience commentary against the removal of the Start menu and promotion of the Modern UI previewed in early iterations of the Windows 8 OS.

It looks like the Admiral was on board and he has placed a trusted hand on the tiller, could we be heading back into calmer waters? ….. I am by no means alone in hoping so since it has made headlines in USA Today Will Microsoft restore Start Menu to Windows 8?, to think a Start menu could cause such headlines, and ‘With Sinofsky Gone, Start Menu Could Return to Windows 8′ , we could never have guessed ;-)

The detail surrounding the relevance of 2 features such as the Start menu and the default Modern UI I cover in my earlier blog ‘Windows 8 – A desktop demotion?

That was almost three months ago. I have now lived and breathed Windows 8 can firmly state that on a dual monitor (27inch) desktop environment that can see me running multiple Virtual Machines, Visual Studio amongst the usual cascade of Internet Explorer windows and instances of Microsoft Word, Outlook and Excel there is only one existence – THE DESKTOP. In fact the use of Modern UI applications on a 27inch monitor is very poor where most are designed for tablet sized screens. Having reviewed my Modern UI usage I can state that since making a few tweaks to return the Start menu and not straight to my Windows 8 desktop (and a few others that I will cover in a blog shortly) I have not had to revert to the Modern UI.

That does not mean it is redundant. I have my Surface which I live in the Modern UI. That is the spin here. For all Steven Sinofsky’s engineering and project management competence he has missed the ball completely on the critical issue of communication and management of end user expectation. As a result we have a Kick Ass Operating System in Windows 8 hobbled by the lack of FLEXIBILITY to allow users to CHOOSE.

  • Flexibility because Windows is trying to hit a much bigger target end user device based than just tablets, so to all but Sinofsky, it was fundamental that the desktop was maintained as a first class citizen.
  • Choice – The consumer and enterprises friend. Where there is doubt and engineering capability, budget and time permits, put in options. DO NOT taken them out!

Microsoft has always been about Flexibility and choice, to the point of criticism. How many of us have gasped at the number of ways we have been able to do things in the UI when confronted with support requests for end user guidance. It has been a hidden grace, that has made the platform INCLUSIVE.

Windows 8 is a fantastic platform with unique dual facets unlike any other. Power on the tablet and prospectively Power on desktop, IF the Admiral encourages his new captain (whomever he or she will be) to reflect overwhelming demand.

I recall the horror that was the Vista launch, which completely missed the Enterprise messaging of the script. This time it has been the control arrogance around the traditional desktop demotion AND on the consumer front the poorly communicated messaging around Windows 8 RT as a distinctly separate experience for users. As a result we are currently staring out across a Vista of troubled waters instead of the plain sailing that the Windows 8 desktop truly deserves.

If I could as Steve Ballmer to do anything, it would be win back the Choice Moniker for Microsoft leave the Control Freekery for the fruitcakes by:

  1. Desktop Start menu.
  2. Option for direct boot election into Desktop v. New UI.

Windows 8 should be an absolute no brainer for Enterprises, but for the lack of this flexibility and choice.

Amongst some much needed communication clarification around Windows 8 and Windows 8 RT.

PS -Oh yes, maybe stand up when you do your bit at the next WPC, Steve you are shear effervescence speaking on your feet!

Filed under Computers and Internet, Home Computing, Mobile, Small Medium Enterprise (SME), Windows 8

Windows 8 – ‘Virtually’ a Painless Transition

November 14, 2012 2 Comments


The advertising will have you believe it is the advent of a brave new world with the (not quiet all new) Windows 8 Operating System, the biggest change in desktop ‘Yardy, yady, ya’….

What follows is by no means exhaustive in detail, and assume a modest degree of comfort configuring PC’s. There are more detailed tutorials covering many of the discrete steps summarised below that you can reference online ie: Full Windows 8 install screen by screen, or YouTube videos that can help give insight into what you can expect. Please ensure you have taken whatever steps you need to feel comfortable proceeding with the steps summarised below.

You can download a PDF version of this guide for ease of reference from here: Windows 8 – ‘Virtually’ a Painless Transition Guide (825KB PDF)

What most users I have come across want to know is:

  1. Do I upgrade?
  2. Do I do a fresh install?

Well Option B is the answer which for many throws them out of a comfort zone. The thought of running an in situ upgrade and Voila is all too tempting BUT as IT aficionado will tell you, Operating System (OS) upgrades carry with them baggage. Baggage being artefacts and a bloated hard drive full of highly fragmented files that undermine future performance and stability. Read on and find out how simple and secure it is to get the best of BOTH worlds.

NB: This is ONLY applicable to users with PC’s running CPU’s that support SLAT. (Please see my earlier blog Windows 8 Client Hyper-V – Why SLAT? for information on this)

Assuming you have SLAT support, proceed….

Ingredients:

  1. Printed copy of this Blog (Your PC is going to be offline so you may need a copy of the following steps), or if you have your Windows Surface Tablet to hand bookmark this for reference as you install Windows 8 for yourself. Yes this can be viewed on an iPad but that somehow doesn’t quiet feel so good and lacks the convenience of a kickstand ;-)
  2. Windows 8 Operating System installation disc, serial number to hand.
  3. Download onto the PC you wish to replace with Windows 8 a copy of Mark Russinovich and Bryce Cogswell AWSOME Disk2vhd utility that creates Virtual Hard Disks (VHD’s – Microsoft’s Virtual Machine disk format) of physical disks (PC’s or Servers) for use in Microsoft Hyper-V virtual machines (VMs). http://technet.microsoft.com/en-us/sysinternals/ee656415.aspx
  4. x1 external USB hard drive (USB v3 not the old USBv2). Suggested size is 1Terrabyte (TB) you can pick them up from PC World or online for under £100 and they work well as a backup device for future peace of mind.

    (If your PC has a Hard Drive LARGER than 1TB then you will need an external Hard Drive of 2TB+, a bit more expensive but necessary).

  5. PATIENCE, read the instructions through BEFORE starting so you know what is coming. Forewarned is to be forearmed, we like NO surprises.

Recipe:

This is a 4 phase process that builds in a belt and braces step 1, followed by a dynamic second step that I suggest you do overnight so you do not end up losing patience and interrupt the process as it takes time. Phase 2 allows you to safely move to Phase 3, to install Windows 8 and finally Phase 4 the set-up of your Windows 8 environment with your old PC running in a virtual instance on your Windows 8 desktop using Client Hyper-V so you can migrate settings and reference your old PC at your leisure :-)

  1. Safety Backup Phase – Take x1 USB hard drive purchased according to the requirements above and the PC you wish to upgrade to Windows 8:
    1. Insert the USB cable so that the USB drive appears in your ‘Windows File Explorer’ on your PC.
    2. Open up the USB ‘Windows File Explorer’ and Create a new folder, give it a memorable name I use the format date+name ie:’20121105 Backup Files‘. It makes it easy to list and also reference.
    3. Manually copy ALL the data files you have created and hold so dear from your PC onto the USB hard drive into the folder you have just created.
    4. Make a record of ALL your installed programs and check you have installation media to reinstall them if desirable. Do this from either the Start > Programs menu or Start > Settings > Control Panel > Programs and Features or use the ‘MSINFO32.exe’ utility from your start menu or command line to list and print out details.
  2. PC Virtualisation Phase (Recommended you do this so you can leave it running overnight) With your USB still plugged in and having downloaded the Disk2vhd utility:
    1. Re-boot your PC.
    2. Make sure it is connected to a power supply.
    3. Ensure your PC’s power settings are NOT set to allow the PC to sleep or hibernate. From your Start Button go Settings > Control Panel > Power Options and tick the ‘High Performance’ option to be safe.
    4. If you know how, disable ANY applications that Auto start to reduce activity.
    5. Disconnect any network cables and WiFi.
    6. Run the Disk2vhd utility you downloaded.
    7. In the top dialogue box select where you wish to create a VHD (Virtual Hard Drive) of your PC. This should be your USB hard drive.
    8. In the lower half of the Disk2vhd utility screen tick the box’s against ALL the hard drives EXCEPT the USB external hard drive (this is often the last in the list, but CHECK).
    9. Click the ‘Create’ button.
    10. Go to bed….
    11. Fingers crossed when you wake up you should see a ‘Completed’ message on the Disk2vhd utility.
    12. Boot down your PC.
    13. Disconnect your USB drive.
    14. Place USB drive somewhere SAFE.
  3. Windows 8 Install Phase – Not a whole lot to this. Insert your Windows 8 DVD and re-boot your PC, following the prompts to install Windows 8. Critical choice is to do a Clean Install NOT an upgrade.
    1. What you should see after some pre-amble screens is the following, you want to select the second option as highlighted below:

    2. If you see the following dialogue box at any point then you have an Upgrade install version of Windows 8 (you cannot do a Fresh install with this disc):

    3. Assuming you get to the screen in a. above you want to select the Advanced Drive option:

    4. From the next screen you proceed to DELETE each of the partitions on the hard drive:
      1. Highlight the partition and select DELETE:

    1. As we have already both copied our files to the USB and created an image of the original drives we should be safe that all our data is recoverable (this is not a guarantee, but has always worked for me!), proceed and select ‘OK’ :

    2. Repeat the steps above till you have deleted ALL the partitions and are left with a screen similar to the following, then click ‘Next’:

    1. The installation phase now commences:

    1. The rest of the steps are quiet self-explanatory, just follow the prompts.
    2. When you get to the ‘Sign Into your PC’ screen you have the option to use a Microsoft Account (formerly known as a Live ID / Passport /Hotmail amongst others). This has its advantages, but also commits you to a single identity for certain other Microsoft services. You can always elect to do this later if you are not sure and select to create a ‘Local PC Account’. See my blog on the implications of using a Microsoft Account on Windows 8.
    1. By the end of this process you should have a nice clean install of Windows 8.
    1. Congratulations J
  4. Co-existence Phase – You will now configure Windows 8 so it can instantiate a Virtual instance of your former PC using the new Windows 8 Client Hyper-V:
    1. Enable the Client Hyper-V feature on Window’s 8:
      1. From the main Windows Tile Home Screen ‘Charms’ menu:
        1. select ‘Search’
        2. Highlight Settings (highlighted in red below)
        3. Type in ‘Programs’ in the dialogue box (highlighted in Green below)
        4. Click on ‘Programs and Features’ in the search returns (highlighted in Yellow below)

      2. This will open up a dialogue box, click on the ‘Turn Windows features on or off’ in the left hand menu (highlighted in red below):

      3. You will get another dialogue box, make sure ALL the options are selected in the Client Hyper-V section (highlighted in red below), it is useful to also do the items in the yellow box as so many applications require these today you will have to do this at some point, but it is not essential.

        (If you do not get the option to run the ‘Hyper-V Platform’ then your PC does not support virtualisation or SLAT and you have overlooked the notice at the start of this blog. Drop me an email and I will try and get back with alternatives, but I hope at least you can proceed with the manual file backup noted above).

      4. You will now see the following screen and your PC will re-boot at least twice, let it finish doing its re-boots:

    2. Attach your USB Hard drive that contains the VHD you created in Phase 2 above.
    3. Configure Client Hyper-V with your VHD:
    1. Open Hyper-V manager. (Do a search from the Search option from the ‘Charms bar’, or if you have followed my guide ‘Boot to Basic’
      http://blog.nigelgibbons.com/2012/09/20/windows-8-boot-to-basics to reinstate a Start Button then you can more easily access it that way).
    2. Click ‘New’ in the right hand menu as highlighted in Green Below and this will pop out a menu from which you should click on ‘Virtual Machine’ highlighted in Blue:

    3. The ‘New Virtual machine Wizard’ will start, click ‘Next‘ till you see the screen below and then fill in the form field to give your Virtual Machine a name.
    4. At the next Screen ‘Assign Memory’ you will be asked to assign RAM. A minimum I would recommend for any Windows VM is 1024.
    1. At the next Screen ‘Configure Networking’ by default unless you have configured a Virtual Switch you will only have the ‘Not Connected’ option. It is probably a good idea to select this to start with, you can always attach the VM to a network later by creating a Virtual Switch form the ‘Virtual Switch Manager’ option in the Hyper-V Manager right hand window.
    1. At the next Screen ‘Connect Virtual Hard Disk’ you should select the second option to ‘Use an Existing Hard Disk’ and browse to where the Virtual hard Disk (VHD) file is located that you created in the earlier steps.
    1. The final screen confirms you settings, click ‘Finish‘ and you will be taken back to the main Hyper-V Manager screen where you should see your PC listed, in the image above I have redacted the names of my VM’s but this is where you should see your VM.
    1. If you highlight your VM and click ‘Start‘ highlighted in Orange in the left hand window of the Hyper-V Manager it will start your VM.
    1. Click on the image of the booting VM in the lower window (Highlighted Yellow above) of the Hyper-V Manager will open that window up as a Console Session and allow you to access you old PC.

By now I hope you will be enjoying a clean Windows 8 PC environment WITH your old PC fully functional so you can temporarily still operate (albeit in a reduce screen size) as you proceed to install your applications and configure your new Windows 8 environment. Of course you also have all the files you manually copied over for quick and easy re-population of your new Windows 8 environment with your personal files.

Filed under Computers and Internet, Home Computing, Small Medium Enterprise (SME), Windows 8

Windows 8, Microsoft Account & Skype – A Tsunami of support in the making!

October 31, 2012 5 Comments


With the launch of Windows 8 Microsoft has laid out its house for increased adoption of what is now known as the ‘Microsoft Account’, formerly known as Live ID/Hotmail ID/ Passport amongst others.

Like many I have always been fastidious about keeping my Business and Private online existence separate. As such dual Microsoft Accounts have been the name of the game for as long as I can remember. This has a practical side apart from the Privacy dimension, in this modern age most individuals will move between employee’s at least once if not multiple times, therefore committing to a single corporate profile would be building in headache at transitions. Furthermore I know many organisations recommend the practice, for compliance amongst other reasons, that insist employee’s create separate corporate related identities to which corporate online assets or benefits may then be associated. This allows the organisation to maintain ultimate control over its assets and to provide a clear demarcation line for employee’s when they engage in social media amongst other online activities.

As for managing multiple Microsoft Accounts (Live ID/Passport etc) as far as I can see the whole Microsoft Account situation has been a challenge for Microsoft. Merging all the disparate backend resources is no mean task, Hotmail, Passport, Partner ID’s, Windows Azure and that is before you get to their new family of online services Office 365, CRM Online and latterly Skype.

The Microsoft Account ‘attach’ feature which is available in the account management section of your Microsoft Account user profile used to allow you to attach two or more Live ID and simplify login’s etc. Unfortunately it appears to not be working and has been broken for weeks (There’s a temporary problem with the service. Please try again. If you continue to get this message, try again later). This is regrettable at such a critical time with the launch of Windows 8 which is encouraging users to adopt a Microsoft Account as their principle login. Users cannot enjoy the convenience of this ‘attach’ feature’.

Users are now having to confront a change in behaviour from traditionally using multiple accounts and flexibility across services to selecting a single one as services are now becoming inflexible and demanding connection to a single account. Logically I feel users are better off consolidating on a Private Microsoft Account versus a corporate version. The latter could of course change if they moved jobs and present the associated headaches. Not to mention the risk of snooping that could occur as many corporate systems are open to monitoring for compliance amongst other legitimate administrative reasons. But then having to work across two separate accounts makes the whole Bring Your Own Device (BYOD) somewhat awkward as you start confronting the risk of confusing private and business data when accounts get ‘Connected’ either through Active Directory or Microsoft Online services (including Skype).

The biggest concern with the Microsoft Account in general is the distinct absence of any end user management. Users lack the ability to control their own Account associations, to ‘Dis-connect’ or elect at a granular level how to assign data sharing rights.

This is illustrated in stark terms by the less than congenial way Skype has decided to encourage (force on Windows 8 RT) users to adopt a Microsoft Account as their Skype login. In my recent experience with this I feel there is the potential of a 3 way cock up building a Tsunami of support headache for Microsoft as Windows 8 RT, Skype and the Microsoft Account converge.

My experience follows the receipt of a nice shiny new Microsoft Surface running windows 8 RT. I tested this with both my corporate and private account to see how it worked as part of a natural Techie’s curiosity, before settling on running my Private Microsoft Account as this device is for personal use.

That is when things went from great (see my Windows 8 RT Blog – ‘The iPad Killer) to grotesque (read on) when I attempted to configure Skype on my Personal Microsoft Account having tested it on my Corporate one.

Grotesque in that someone has not thought this through, or at least not got their priorities in the right order, summed up by the following:

  • At the time of writing, Windows 8 and Windows 8 RT are detected on the Skype site and make it VERY hard for you to get the traditional Skype desktop app, by forcing users to the new Windows 8 App store. As such users are in ignorance going to be installing the Windows Modern UI App version. (You can get the original desktop version with some laborious workarounds ie: login to the Skype website from a Windows 7 machine!)
  • Users of Windows 8 are encouraged to use their Microsoft Account as their principle login so that they can get all the benefits of replication across devices etc. Also internal AD accounts can now be ‘Connected’ to a Microsoft Account to also extend this to corporate accounts.
  • The Windows Modern UI App version of Skype prompts users to ‘Connect’ their Microsoft Account if it detects a user is using their Microsoft Account on their Windows 8 device and to use this now as the principle form of login to Skype.

All very innocent until you realise:

  • The Skype Microsoft Account attach is one way and CANNOT currently be reversed. I spend an hour on support with Skype trying to address this issue. Then had to repeat the exercise three times over a week and awaiting resolution.
  • The setting that should allow you to ‘Manage settings for all the apps and accounts you’ve connected’ in your Microsoft Account Profile is absent of any Skype option. So clearly the ALL word in this statement has some Microsoft hidden meaning, ALL non-Microsoft it would seem.
  • IF you have inadvertently Connected the wrong Microsoft Account and you are a proud owner of a new Windows 8 RT device then you cannot use Skype:
    • Because it will not let you login using your original Skype account login OR Connect using another Microsoft Account. It wants the one you connected.
    • Because Windows 8 RT does not support traditional desktop Apps you cannot revert to the desktop version so again Skype have successfully alienated users.

Skype suggested fixes’ are absurd:

  1. Create a new Skype account and connect it to the other Microsoft Account! (What and lose all my contacts, credits, Skype in and Out number etc)
  2. Create a second user account with the Connected Microsoft Account on the Windows 8 RT device and use that when you want to use Skype. (Oh nice one and what happens when people want to call me?)

Absolutely ludicrous!

So currently I have a nice new Microsoft Surface and cannot use Skype on it. Someone at Skype/Microsoft should be reviewing critical path practices and asking WHY enable a connected account BEFORE building in a dis-connect. IT history is FULL of similar situations where end user practices insist on such roll-back or flexibility. As a result the support desk at Skype is going to get heated, and from my experience they are poorly trained to address this, so a second faux pas for not getting the help desk up to speed first. The individual I got did not understand the difference and constraints on Windows 8 RT and Windows 8 or he would not have suggested using the desktop application!

The saga is ongoing, and I am not alone it appears http://community.skype.com/t5/Windows-8/Windows-8-Disconnecting-a-Microsoft-Account-and-a-Skype-account/m-p/1149344#M31  & http://community.skype.com/t5/Windows-8/Windows-8-Disconnecting-a-Microsoft-Account-and-a-Skype-account/m-p/1167114#M783

MESSAGE TO SKYPE - Release an interim patch version of the Windows 8 app that enables ‘Skype Account’ login as an option alongside the ‘Microsoft Account’ option whilst you sort out the sorry mess and enable end user ‘Microsoft Account’ connection management.

As and when this is resolved I will do an update.


UPDATE:

The Skype online support process referred to above DOES WORK. Advise is if you do not get a confirmation email soon after the online support session you should repeat the exercise. It took me 3 attempts so do persist. They will manually disconnect a Microsoft Account. But this is hit and miss in terms of the speed of response and far from convenient. Re associating a Microsoft Account will again commit you to a one way trip that will demand the manual support process should you wish to change it again.

Filed under Cloud Computing, Computers and Internet, Home Computing, Office 365 and Azure, Security, Small Medium Enterprise (SME), Windows 8

Windows 8 RT – iPad Killer?

October 29, 2012 4 Comments


I have just taken delivery of a Microsoft Surface and it has knocked my sock off, it fell short of taking both due to its absence of proper Stylus support but I will come to that later.

The Windows Surface and Windows 8 RT is a great blend of Software and hardware I cannot champion it more in the convenience Tablet space. It is not a notebook replacement but it nails Apple iPad to the wall on its home turf and then some, :

  • Multiple Account support - YES, something Apple have arrogantly failed to listen to from their users. I can share my Windows 8 RT device securely with other family members and lock it down for child protection whilst not compromising my own experience.
  • Battery life – FANTASTIC and all day affair.
  • Keyboard – A choice of them as well that fit harmoniously doubling up as covers! Turns it into what the Netbooks always aspired to but never quiet delivered on.
  • Storage – Expansion via a micro SDXC card slot for up to a current largest available 128GB, and then there is external USB that you can take as large as you like it seems, it sees my 1Tb Western Digital HD no problems.
  • File Management – With the USB you can side-load movies and music directly into the Windows RT desktop NO hacking around with intermediary software (iTunes is a dinosaur in comparison), or simply sync with SkyDrive.
  • Display – The 10.6-inch 16:9 aspect ratio screen provides an HD video window that’s 42 percent larger than the iPad’s, and as far as I can see Apple Retina makes little difference.
  • Videos – With secondary App Store apps there is the widest support for video’s that with the convenience of file management noted above means this is a painless video playback platform.
  • eBook Reader –Amazon app ticks the box firmly here, no iBooks locking, and it works a treat, no other device required.
  • Productivity Suite – Microsoft Office Home and Student 2013 comes by default makes this a real deal for the lecture rooms. Mail, Calendar and Peoples hub that supports multiple email accounts in an Outlook style touch friendly interface.
  • Gaming – Xbox linkage which requires further exploration but it has the hallmarks of a fully integrated experience that makes Apple Airplay look like thin air!

On the downside:

  • Lack of Full Stylus Support – A great shame, if there is one thing I want to leave behind when I am on the road it is the reams of paper that come from note taking. This was a missed opportunity to make this device a real killer by taking Samsung pen enabled tablets out of the mix as well as iPad’s.
  • Skype Failures – The Skype Microsoft Account attach being forced down Windows 8 RT users throats is a one way trip that CANNOT currently be reversed BE WARNED. I spend an hour on support with Skype trying to address this issue. As such I now cannot use Skype on my Surface as I use my Private Microsoft Account to login and Skype has been associated with my Corporate Microsoft Account during earlier testing.
  • Power Up – A pity this does not use a conventional Micro USB socket and has elected to go for a proprietary connector, but the mag-safe connection does have its upsides
  • Apps Store – with an apparent 500 being added each day this is very much on the Lite side but some of the core favourites are already there.

Unexpected Software Hic-ups:

Some things I would have least expected from a mature and experienced software company, but I guess this is what can happens when you move across disciplines into Hardware, focus gets lost.

The issues users will experience is a frustration that with a mobile platform of such elegance, the actual ‘Mobility’ and ‘Usability’ is severely hampered in two key ways:

1. Offline App support – Microsoft seem to have been completely blindsided by the fact that offline functionality is as critical in mobile devices like this as Oxygen is to life! Dramatic, NO. Take their own Pivotal application ‘SkyDrive’. Talk about setting the worst example to App Store developers. It is useless in a truly mobile world where you cannot depend on connectivity 100% or even stable connectivity when you have it. Try hanging onto a flaky WiFi signal on a 3 hour train journey, without the ability to access your files. That is the GAPING HOLE in SykDrive functionality (with the exception of Pictures which can be taken offline in the Pictures app. Unimpressive options to work around this are:

  1.  To rely on the Office Cache for files you have accessed, but that is uncertain and with a maximum 30 day retention.
  2. Copy your SkyDrive to your Windows 8 RT local storage. But then lose the replication and comfort of knowing all is safe in the cloud!
  3. Adopt a third party application and dump SkyDrive. Then you lose the Cloud dimension to your Microsoft Account existence and about 30% of the Windows 8 + Microsoft Account marriage of convenience.

 This scenario plays out across most Apps in the app store, making the Microsoft Surface a network tethered device when it has all the aspirations of being a winning Mobile device.

The good news is having spoken to some of the Microsoft team I understand that SkyDrive offline functionality is in the pipeline. The lack of urgency does surprise me, but at least it is coming.

2. Data Access – The inability to use the Windows Modern UI Apps to access data in attached storage ie: USB or the excellent option of a MicroSD card. To equip a device with a major feature such as storage expansion and then to hobble it by constraining access to it from core Windows Modern UI apps. There is a manual workaround, but it is not something obvious and for the type of consumer user of this device it is likely to be so far off radar they will never address this.

The solution at present is to use an old NTFS file sharing feature (Junction Point) that points all actions to a remote folder but as far as the OS is concerned the remote folder is part of the mapped local storage libraries. In this case these are the standard libraries (Music, Pictures, Documents, Videos) that Windows 8 RT apps are designed to access.  I will do a stepwise guide on this in the next week or so when I get time as the Microsoft TechNet documentation on the subject is not that consumer friendly.

I can only say there has to have been a lack of true road testing for these types of flaws to have reached market (a victim of keeping the great secret till the last minute), but I guess in old Microsoft parlance, they are Partner opportunities (pull the other one).

The future of the RT platform alongside the pending Windows 8 Pro version (spec comparison) will be dictated by the speed of improvement over such offline support and hardware leveraging issues. Most importantly for consumers it will be the growth of the Apps ecosystem coming up to speed fast enough to satisfy, and with features that leverage offline capabilities and the real desktop dimension of this svelte and high quality consumer device. So far things are looking promising.

Filed under Computers and Internet, Home Computing, Mobile

Older posts

Follow

Get every new post delivered to your Inbox.

Join 181 other followers