Zvezdan Pavkovic (Senior Consultant) and Tanya Koval (Architect)
Why Microsoft introduced Windows To Go
Companies nowadays are focusing on
- Cost reduction
- Flexible work style
- BYOD (Bring Your Own Device) as people want to bring and use the same device for personal use and also for work.
Windows To Go is pretty much your portable workspace, which gives a consistent Windows 8 experience on any device.
The problem is that IT managers want to manage users’ devices but users don’t want their private life to be invaded. With Windows To Go, this problem can easily be addressed. Windows To Go basically is Windows 8 installed in a USB flash drive, powered with BitLocker encryption for security.
Windows To Go is a cost effective and lightweight solution!
Windows To Go Capabilities
BitLocker – Data loss from an Enterprise company can cost millions to the company if it falls to the wrong hands. Therefore, sensitive company data stored in a USB stick is pretty hazardous. Microsoft ensures that Windows To Go is secure from prying eyes with BitLocker drive encryption option.
Pre-OS password – when your Windows To Go USB is inserted into a USB slot, the system will ask for the password BEFORE the system boots. The challenge with this is when you connect it to a tablet without a keyboard attached (since you haven’t booted into Windows and loaded the appropriate drivers).
Protection with Secure Boot – protects Windows boot process and anti-malware software (using certificates to authenticate only trusted modules during booting).
Prevents Data Leakage – separation from host PCs internal hard drive (completely isolates the host PC’s internal hard drive). The drive is physically offline unless the user has a local administrator access, which can then enable the host drives (another good reason why you should never give users an Administrator access!).
You can also plug a different USB flash drive (or external hard drive) and it will appear in My Computer just like a regular Windows experience. More access can be tweaked and controlled by Windows Group Policy.
Easy to Use – Windows To Go is easy to use. Simply plug the USB stick in to boot from it. The issue is the boot order as each vendor normally takes a different approach. To fix this, Microsoft comes up with Windows To Go Startup options that forces a boot to USB when you plug the USB flash drive in.
This option is available in your Windows 8 Settings – Windows To Go Startup Options (just search for it through the Charm Bar)
Zvezdan and Tanya then demoed us how quick it is to boot Windows To Go from the USB flash drive.
Full fidelity experience – Full native hardware access on the host machine, same peripheral support as Windows 8, and also touch/mouse/keyboard aware.
We do need to use a good USB flash drive for Windows To Go. Microsoft recommends only USB flash drives that are Windows To Go certified. At the moment, there are only 2 vendors with Windows To Go certified USB flash drives: Kingston and Super Talent. As I have the Kingston DT Ultimate USB drive (check my Kingston DataTraveler Ultimate review), I’m going to give this a try and share my experience with you later back in Melbourne.
Resilient to unintended removal – Most people just pull out their USB flash drives without ejecting it (hands up if you are one of those people!) – which may cause a problem here. Microsoft has come up with a practical solution though: If you pull it out, the OS will freeze. You then have an option to put the drive back within 60 seconds to resume. If not, the system will shut down after 60 seconds. It also has to be plugged into the same USB port. as before To prove this, Zvezdan took out the USB flash drive while playing a 720p video and magically, the video resumes after the drive was plugged back in. That was awesome.
Of course, it’s obviously not recommended to plug your USB out like that (as you may experience data loss).
Windows To Go works across multiple PCs and drivers will be installed on the first boot so the second boot will be much quicker. Windows To Go also works across system Firmware and can be configured to boot on both UEFI and Legacy BIOS.
Windows To Go Deployment
You can create your own scripts to deploy Windows To Go to multiple devices (centrally managed and deployed) or with user self-provisioning (by using System Center Configurator Manager 2012 SP1). There is a support page over at Microsoft.com with a step-by-step instruction on using PowerShell to deploy Windows To Go.
Be aware that there are also new Group Policies specific to Windows To Go (such as hibernation, allowing access to host’s local drives) that you may want to manage in an Enterprise environment.
Demo – Self Provision with the Creator Tool
There’s a handy tool in Windows 8 Enterprise if you just want to deploy Windows To Go to 1 or 2 sticks. You can do this through Windows To Go settings (just search for it through the Windows 8 Charm Bar).
It is just then only a matter of following a step-by-step process to select your ISO file and set a BitLocker password if you want to.
With Windows To Go, it feels like having your own desktop environment that you can carry with you where ever you go. The challenge is I guess if you just want to use it personally using local data, as there doesn’t seem to be a way to easily sync the data from the stick into your desktop environment and such.
Update – All Microsoft TechEd Australia 2012 coverage posts:
- TechEd Australia 2012 Day 1 coverage
- TechEd Australia 2012 Day 2 coverage
- TechEd Australia 2012 Day 2 – Windows Server 2012
- TechEd Australia 2012 Day 3 coverage
- TechEd Australia 2012 Day 3 – Visual Studio 2012
- TechEd Australia 2012 Day 4 – Modern Office on touch-screen tablets
- TechEd Australia 2012 Day 4 – Windows To Go
- TechEd Australia 2012 Day 4 – Other sessions coverage
Disclosure: I was invited and sponsored by Microsoft to attend and cover TechEd Australia 2012