What’s in My … Messenger Bag?

Posted on

My Surface Pro 3 512 GB / Intel Core i7 Just arrived today. I’ll let you know how far off base Mitch is shortly.

The World According to Mitch

As I have written previously I recently picked up a Microsoft Surface Pro 3, and despite a couple of minor annoyances it truly is a wonderful device. Because I have not been traveling as much as I did over the past few years, I have taken the opportunity to downsize my carry-load.

My sister called me a couple of weeks ago with the news that her new company device would be a Surface Pro 3, and asked me what accessories she should make sure she picks up. We had a conversation about the keyboard, battery life, and so on. Jennifer and I don’t speak all that often, and it was a nice excuse to talk.

Last week a friend and fellow MVP told me that his device was being delivered shortly. He knew that I had downsized my carry load, and with that knowledge, and knowing that we have the…

View original post 1,412 more words


Elements of an MDM Strategy Part 3 – Users

Posted on Updated on

This post is part of a series. The previous posts in the series can be found here:

Elements of an MDM Strategy Part 1 – Defining the Problem Space

Elements of an MDM Strategy Part 2 – Applications

In my last post, I discussed the types of questions that need to be answered about your mobile applications. If you have any specific application requirements, answering the questions in last month’s post should have helped you to narrow the field of candidate devices. Notice that we haven’t really addressed devices yet. It seems counter intuitive but it really makes more sense to address devices near the end of the strategy as many of the device constraints will have been established by addressing other elements of the strategy.

This month I’m going to address Users.

Understanding User Requirements

Many of the same techniques we would use as part of a standard workforce analysis are useful to build a mobile device user strategy. Typically we would create a series of personas that represent the user population. Personas are fictitious, specific, and concrete representations of target users. For an overview of workforce personas, please refer to the Ted Schadler’s blog. Once personas are created, you will need to understand the use case scenarios that each persona will be presented with. In an organization with many personas and scenarios, it might make sense to prioritize both personas and scenarios to focus on the most important combinations. It is the combination of personas and use case scenarios that will lead to the solution design.

Scenario1 Scenario2 Scenario3

Once the personas are use cases are defined, create a matrix similar to the one presented above. For each cell in the matrix consider the following question and record the answer:

Which of the following does the Persona in this Scenario require?

  1. Access to web-based apps on-premises
  1. Access to web-based apps in the cloud
  2. Access to corporate mobile apps
  3. Access to files located in file servers on-premises
  4. Access to files located in the cloud
  5. Access to computers using Remote Desktop
  6. Access to other computers located on-premises

Do you need to link Users to Devices?

Although we are not addressing devices specifically at this time, it is also a good time to determine whether or not there is a requirement to map users to the devices that they use. This requirement may be driven by many factors including:

  1. Asset Management (SAM/ITAM)
  2. Compliance Requirements
  3. Auditing

Next Post

Now that we have a good understanding of our applications and users I plan to discuss Data Access and Protection. Stay tuned.


A great reference for BYOD with a Microsoft slant can be found on TechNet.  I got a lot of my ideas from this guide.

New in Azure

Posted on Updated on

“New in Azure.” is a phrase I seem to be repeating a lot lately. Azure is constantly changing, evolving and getting better. The name has even changed from Microsoft Azure to Windows Azure. IaaS has been added. I recall last March I was doing a presentation to a medium sized audience. I had rehearsed my presentation the night before and during the presentation, an attendee asked me about running Oracle in Azure. I had heard the Microsoft and Oracle were partnering to try and make things easier for customers but I thought they questioner in the audience was pulling my leg. Really? Oracle on Microsoft Azure? When I logged in and showed the gallery, there they were. A series of Oracle instances ready to provision. They weren’t there the night before. So I used it as an opportunity to do two things:

  1. I told the audience that even one of Microsoft’s biggest competitors in the enterprise space has recognized the value of Azure and chose to be part of something that is growing rapidly.
  2. I told them that this is yet another example of how quickly things can evolve in the cloud and more good things were on tap soon.

I’m thankful that I was able to think quickly on my feet. Of course it was all true. And even more so now. There are new things arriving in Azure all the time. While I was at TechEd in Houston last month there was a series of new items announced in the Keynote. I can’t cover them all and frankly I’m not knowledgeable enough about them all to offer much insight. What I will do however, is let you know about two specific items that I’m excited about and the use cases that I see for them. If you want a complete list of the items announced you can find them in Scott Guthrie’s Blog.

Azure Remote App

The feature that I’m most excited about is Azure Remote App. Azure Remote App is very similar to Windows Remote App. It allows you to run an application on a server and access it through a thin client. From the perspective of the end-user the application appears to run as if it is installed locally but it is actually running on a server. Azure Remote app offers this functionality in a public cloud hosted environment with the option to run it in a hybrid model. The Azure based instance can still access on premise resources if you allow it to.

I’m excited about this for several reasons but mostly because it supports Android, iOS, Mac OS X and of course Windows based clients. I’m working with a lot of organizations that are experimenting with mobility solutions that include tablets and smart phones. This provides them a great opportunity to publish some applications with minimal provisioning requirements. They can pilot the application in Azure and either scale it out in Azure as needed or move it on premise for production.

You can try it out for free during the preview period. Let me know what you think about it.

Hybrid Connections

Another feature that I’m excited about is called Hybrid Connections. Hybrid Connections allow applications running in Azure to access enterprise datacenter resources and services securely and easily without having to poke holes in firewalls or use a VPN. It relies on a BizTalk Service (available in the free tier too). Consider the scenario that I described for Remote App – This makes rolling out an application for mobile users that requires access to on premise resources much easier.

You can learn more about Hybrid Connections using the following links posted in Scott’s blog:


Elements of an MDM Strategy Part 2 – Applications

Posted on Updated on

Last month I introduced the major Elements of an MDM Strategy. This month I’d like to provide a little bit of depth in in one of the key elements that I believe will be key to your strategy being successful. I like to start by addressing applications because it can serve as a filter to minimize the number of variables required for consideration when dealing with the other elements of an MDM Strategy. Of course the answers to these questions will lead to more questions. For those of you on a diet who just need a snack, here is a short list of questions in a tapas format:

  1. Do you have specific applications that you need to run?
  2. Are they COTS or Custom Applications?
  3. What platform are they available for?
  4. What is the level of expertise that your development team or partner has with various mobile platforms?
  5. Does the application have any specific security requirements?
  6. Does the Application have any specific hardware or software requirements?

Here’s the table d’hôte:

Do you have specific applications that you need to run?

While this question seems academic, many organizations simply use mobile devices for voice, email, SMS, browsing and other out-of-the-box functionality. For these organizations, applications LOB or otherwise are not part of their use case scenario. If you answer no to this question, you don’t need to read any further than the next sentence. Your options for devices will be very broad and you will need to find other ways to rationalize the devices you will support. If you answer yes then please read on.

Are they COTS or Custom Applications?

Are the applications that you require commercially available or are they custom built?


If the applications are COTS, what platforms does the vendor support and what licensing model do they have for each platform? If they support multiple platforms, do they support mixed environments? What about application deployment? Do they support enterprise deployment and managing through sideloading (or some other mechanism) or is the only option purchase from the platform store (iTunes , Google Play, MS Store, etc.). Is the application available in all geographies and languages that you require?


If the application is an in-house or outsourced custom application, the same questions that are required for COTS applications need to be addressed however, some additional questions need to be answered as well. For example: What is the level of expertise that your development team or partner has with various mobile platforms?

Does the application have any specific security requirements?

Does the application have specific requirements based on the data that it will manage and process? For example: Will credit cards be processed and are there PCI compliance requirements? Is there personally identifiable information or health information? Does your organization already have policies for dealing with this data and does the mobile app need to comply with them? Think about items like encryption for data at rest and data in motion, VPN, passwords, etc.

Does the Application have any other specific requirements?

Understanding any hardware or software requirements for the applications will also help to filter the list of potential devices. Consider some of the following as a starting point: Does the application require a specific browser or browser support? Does the application require a camera? Are there any networking requirements (Wi-Fi, 4G, etc.). What about disk space and memory? Is support for adobe flash or java required?

The objective of answering these questions is to start narrowing down the list of potential devices that can meet your requirements and identifying any non-technical challenges (policies etc.) that must be addressed.

Next Month

In my next post I plan to discuss Users but you never now. Stay tuned.


A great reference for BYOD with a Microsoft slant can be found on TechNet.  I got a lot of my ideas from this guide. 

Elements of an MDM Strategy Part 1 – Defining the Problem Space

Posted on Updated on

I was organizing my thoughts about Mobile Device Management (MDM) for some presentations that I’m going to be delivering over the next few months.  As I was structuring my presentation I realized that other people might be struggling with organizing their thoughts about MDM as well, so I thought I’d share.  To that end, this is the first post in a series of posts that will deal with  MDM. I will endeavour to provide a framework for thinking about MDM for different use cases. As this is a work in progress and still evolving, I can’t tell you exactly how many installments there will be but at this point I envision somewhere around a dozen. I will cover various scenarios such as:

  1. BYOD
  2. Lifecycle Management
  3. Security
  4. User Management
  5. Application Management
  6. Policies and Compliance
  7. Profile Management

While I will deal with the business and technology challenges faced by organizations that have a mobile devices in their estate, I will also deal with specific product based solutions. More than likely they will focus on Microsoft technologies however, I will share whatever I can about other products as well. So where to begin? Let’s start with understanding the problem space. This will serve as the context for the use cases that I will cover. Traditionally (can we say that yet in this space?), the MDM problem space is divided into five major segments:

  1. Applications
  2. Users
  3. Protection & Data Access
  4. Management
  5. Devices

Elements of an MDM Strategy

From a framework perspective, we can initially focus on each of these segments independently. This will avoid confusion and minimize the number of variable that we have to deal with. Once we have six independent segment frameworks we will link them together. It may be useful to link some of these segments together to be able to develop more meaningful use cases. The most obvious linkages are between the following:

  1. Users and Devices
  2. Data Access and Protection

Next Post In my next post we will explore some of the segments in more detail. We will start by with a list of questions to answer to help build the various use case scenarios we will deal with. Have I whet your appetite? Do you have any specific questions you’d like me to address? Let me know. References A great reference for BYOD with a Microsoft slant can be found on TechNet.  I got a lot of my ideas from this guide.

What’s on the Horizon?

Posted on Updated on

For years I’ve been saying that “VDI is a solution looking for a problem.” A problem that is solved for the most part by Terminal Services (RDS) for many use cases (some special cases such as a requirement for local administrative rights  still lend themselves to a VDI solution).

Now it appears that the world’s largest proponent of VDI is starting to see it that way too.

Last week VMware announced Horizon 6. The first question I have for VMware is what happened to versions 1 through 5? IT seems to me like Horizon 6 is emulating what Citrix (and Microsoft have being doing for decades) with a combined instance and session based solution. There’s not much I can tell you about Horizon 6 as it was only announced last week. Apparently you can download a 60 day evaluation. I suggest caution before doing that.

In the past, VMware has been able to get customers to forget that they may already have a solution available to them and get them to look at VDI/View as a potential solution to a problem. My suggestion is to learn what you can currently accomplish with Windows Server 2012R@ and Citrix to help you better understand what VMware is bringing to the party with Horizon 6.

I’m looking forward to seeing how Microsoft and Citrix are going to respond to this. IT will be an interesting TechEd for sure.

For a more in depth perspective on this, see my friend Claudio Rodrigues post here.

Office Bitness (64bit or 32bit / x64 or x86)

Posted on Updated on

I recently had to rebuild my Windows 8.1 laptop. In fact, this is the first real piece of work that I am doing on it while I reinstall apps in the background. As part of the process I had to re-install Microsoft Office. As long as I have been using a 64bit OS as my standard desktop (Windows 7 was the first OS that I only ran as x64)) as I have always used the 64bit version of Office. When downloading the ISO for Office 2013 SP1 from the MS Partner site, I noticed that Microsoft has posted the following message:

Important: Microsoft strongly recommends the use of 32-bit (x86) versions of Office 2013, Project 2013, and Visio 2013 applications as the default option for all platforms. Learn more about the deployment considerations for x64 and x86 at TechNet.

I consider myself somewhat of a technically savvy user (maybe a poor assumption?) and I have always assumed that all things being equal 64bit is better than 32bit. Just like 32bit is better than 16bit (and 16bit is better than 8bit etc.)

So Off I went to TechNet to find out why this strong recommendation from Microsoft. Considering how hard it has been to get users and enterprises to give up Windows XP, you’d think that they want everyone to upgrade to the latest generation of tools right?

Here is the key reason for the strong recommendation directly from TechNet:

32-bit Office is recommended for most users

We recommend the 32-bit version of Office, because it is more compatible with most other applications, especially third-party add-ins. This is why the 32-bit version of Office 2013 is installed by default, even on 64-bit Windows operating systems. On these systems, the 32-bit Office client is supported as a Windows-32-on-Windows-64 (WOW64) installation. WOW64 is the x86 emulator that enables 32-bit Windows-based applications to run seamlessly on 64-bit Windows systems. This lets users continue to use existing Microsoft ActiveX Controls and COM add-ins with 32-bit Office.

So what about my assumption that all things being equal x64 is better than x86? Well, I wasn’t wrong but it turns out that all things aren’t equal. Third party vendors don’t pay equal attention to 32bit office and 64bit office. There are other good reasons to consider Office x86 such as:

  1. The 64-bit version of Microsoft Office isn’t compatible with any other 32-bit version of Office programs. So you must first uninstall all 32-bit versions of Office programs before you install the 64-bit version of Office.
  2. Any add-ins you want to run for Office must also be 64-bit editions.
  3. Third-party ActiveX controls and add-ins. None of these work with the 64-bit version of Office.
  4. There is no 64-bit version of Visual Basic 6, so many of these objects need to be ported and rewritten.
  5. Microsoft Visual Basic for Applications (VBA) won’t work unless you manually update the “Declare” statements.
  6. Compiled Access databases The .MDE and .ACCDE files, a common way for Access application developers to distribute solutions and protect their intellectually property, don’t work in the 64-bit version of Office. You must contact the application developer to recompile, retest, and redistribute the solution in the 64-bit version.

With all of the reasons not to use 64bit Office, why on earth would anyone chose to use it? It still makes sense for some users such as the following examples from TechNet:

  1. Excel expert users who work with complex Excel worksheets can benefit from using 64-bit Office 2013. This is because 64-bit Office doesn’t impose hard limits on file size. Instead, workbook size is limited only by available memory and system resources. On the other hand, 32-bit Office is limited to 2 gigabytes (GB) of virtual address space, shared by Excel, the workbook, and add-ins that run in the same process. (Worksheets smaller than 2 GB on disk might still contain enough data to occupy 2 GB or more of addressable memory.) You can learn more in Excel specifications and limits and Data Model specifications and limits.
  2. Users who use Project 2013 also benefit when they use Project files over 2 GB, especially when they are dealing with many subprojects to a large project.
  3. In-house Office solution developers should have access to the 64-bit Office 2013 for testing and updating these solutions.
  4. Office 2013 offers enhanced default security protections through Hardware Data Execution Prevention (DEP). (DEP) is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. For 64-bit installs, DEP will always be enforced for Office applications. On 32-bit installs, you can configure DEP by using Group Policy settings.

If you need to deploy both versions of Office with Configuration Manager, you can use the same application with different deployment types as I’ve explained in my previous post Managing 32 bit and 64 bit versions of applications using Global Conditions, Requirement Rules and Deployment Types.

BTW – I’m running 32bit Office now.