Anders Vinger, University of Oslo Personal Data Recovery The pain of laptops.
-
Upload
jesse-cobb -
Category
Documents
-
view
217 -
download
0
Transcript of Anders Vinger, University of Oslo Personal Data Recovery The pain of laptops.
Anders Vinger, University of Oslo
Personal Data Recovery
The pain of laptops
Anders Vinger, University of Oslo
Overview
• A bit about our environment• The problems we face• What we need to get rid of them• What we are looking at and have implemented so far• Questions
Anders Vinger, University of Oslo
What do we have?
• ~12000 computer objects in Active Directory• ~1500 laptops in AD. + An unknown number of laptops not in
AD. (For various reasons)• Our laptop-users are both researchers out in the field, home-
users, and the ”executive type” running between meetings.• We have a centrally managed policy for which computers can
be bought, that also dictates installation of our OS-image.
Anders Vinger, University of Oslo
The issue
• Most of our users have a managed desktop at the office. But many also have a laptop, and they want everything they get at the office on that laptop. (Plus some extra freedom since they use it at home.)
• How do we replicate the environment from the office computer to that laptop?
• How do we backup the data?• How do we protect the data from being stolen?• The applications and the operatingsystem needs some love
too.
Anders Vinger, University of Oslo
Typical examples
• A department keeps a few spare laptops in a closet. ”Just in case”. Of course they expect it all to work when they just grab one and fire it up.
• A user takes a trip to Hawaii for 6 months to do some ”research”.
• A user prefers the desktop for ”storage space”, works at home for a week on his laptop, shows up at work, and calls the helpdesk demanding to know what the **** we have done to his documents.
• And the ususal backup-issues...• We have laptops that are on site, but they are on the wireless
network, from which we dont allow laptops to log into active directory or map printers and drives.
Anders Vinger, University of Oslo
So how would we like to solve it all?• Networked storage for the laptops• Printer access.• Encryption software• Synchronisation software• Software maintenance that works on a roaming client.• A way to make some of the laptops more ”managed”
Anders Vinger, University of Oslo
What actual solutions do we have?• Our own image, with local GPOs as well as AD-GPOs• WSUS-server (Windows Server Update Services) • Some applications with automatic update functionality• VPN• Synchronisation software
Anders Vinger, University of Oslo
What are we looking into?
• WebDAV, Web-based Distributed Authoring and Versioning • IPP, Internet Printing Protocol• NAC, Network Admission Control (Cisco)• NAP, Network Access Protection (Microsoft)• Encryption software, in essence; Bitlocker• Tivoli for mobile endpoints• Two SSIDs for the wireless network. Managed/Unmanaged
Anders Vinger, University of Oslo
And my favourite (for some users)….
• Remote Desktop!– Full access to all your apps, often already running, on your
personal office computer– Your laptop can be cheap; wont need that much computing
power.– If you loose it or break it, replacement is much less hazzle.
All you need is a few basic applications.– Your data are safely tucked away at a network-drive
mapped up to your office computer.– The communication is encrypted, if you worry about the
encryption being broken, add another layer by tunneling it all through SSL.
Anders Vinger, University of Oslo
Thats it. Questions?
• anders dot vinger at usit dot uio dot no