The Shortcut Guide to User Workspace Management

by Greg Shields


Today's computing environments are growing more complex every day.  Just a few years ago, the standard was one computer for every employee.  But with today's operating system upgrades, remote application infrastructures, VPN connections, desktop sharing, and hosted virtual desktops, a user's personal computer isn't all that personal any more.

One central problem with this ever-widening architecture is in maintaining the user's workspaces—the personal bits and pieces that make a computing environment comfortable for the user—each infrastructure.  Using today's Windows profiles to manage user workspaces just doesn't cut it, and certainly doesn't provide enough administrative control to scale well.  In The Shortcut Guide to User Workspace Management, you will learn about the benefits and challenges of managing user workspaces, as well as why a User Workspace Management solution is an absolute must for today's multiple access point environments


Chapter 1: What is User Workspace Management?

I spent four hours yesterday upgrading exactly one desktop from Windows Vista to Windows 7. Four hours!

Yet that's not the most disheartening part of this story. You already know that installing a fresh copy of Windows has today become fantastically easy. You can create a new instance of Windows 7 in a few clicks of the mouse: Agree to an EULA, select a disk drive, enter a license key, and in the time it takes to brew a fresh pot of coffee, you've got a fully-functional OS instance.

The problem is that's the easy part. The real pain in terms of time, effort, and labor comes not in provisioning that Windows OS, but in dealing with all the little bits of user personality information that one must transfer from one OS instance to another.

You know the story: Upgrading an OS, or moving a user to a new desktop, or creating a remote application or hosted desktop infrastructure. All of these activities are core to the job of an IT professional. And all are actually fairly easy to accomplish—except for that all—important process of managing, maintaining, transferring, and/or replicating your users' workspace data.

In my experience yesterday, installing Windows 7 consumed about 30 minutes of the project's four hours. The other three-and-a-half hours saw myself and my user seeking out every scattered bit of their stored information, transferring what they needed to a temporary location, remembering and then subsequently re-transferring a few forgotten items, and eventually merging that data back into the new OS.

Three-and-a-half hours for all this work, for a single workstation! Ridiculous! Whether you're upgrading OSs, migrating them, or simply need a better way to administer user data across multiple (and sometimes simultaneous) points of access, there has got to be a smarter approach to managing your users' workspaces.

What that "smarter approach" might look like is the central theme behind this Shortcut Guide. In its four chapters, you'll learn how User Workspace Management can fully decouple your users' workspaces from their operating systems (OSs). As a result, your all—critical user data becomes capable of roaming across every class of IT infrastructure, while you gain more—powerful tools in managing it.

But before we talk about solutions, let's first analyze the problem by taking a look at the layers within the Windows OS. By decoupling those layers, User Workspace Management enables some very powerful trickery that make my problem—as well as many of yours—go away completely.

Chapter 2: Personalization Equals Context Plus Content

I spent time today walking the hallways of a business not unlike your own. In its rows of cubicle walls, grey-and-blue color schemes, and ergonomic furniture, I found hundreds of different computers. Laptops, desktops, monitors both CRT and LCD, printers and peripherals, even a few mobile devices—room after room of equipment that enables this business to function.

And as I was walking through those hallways, the IT professional in me took over by default. My inner IT pro pondered the administrative work required to support each piece of equipment. Each requires an operating system (OS), patching, applications and updates, along with the occasional troubleshooting and technical support. Accomplishing each of these tasks requires smart thinking paired with software solutions.

That business was full of equipment that enables it to operate, but at the same time, the equipment itself requires special care and feeding. In the end, that's our job in IT: managing the special care and feeding of all that equipment. Systems administration is what we think about when we get up in the morning, and it's the last thing on our minds as we drift off to sleep. We live, eat, and breathe technology along with technology's "equipment."

And then I paused for a minute, and found myself pondering not the equipment but instead the people. For a moment I stopped thinking of those laptops and desktops with my IT professional's eye. I stopped thinking of that equipment as equipment, and instead considered it as do the people who use it: To everyone else in the business, that equipment is merely an extension of their job role.

Suddenly, the culture of business outside the walls of IT became clear. We in IT are programmed to think of the equipment we manage as problems to be solved—devices to which we apply troubleshooting support. But to the rest of the business' employees, that equipment is an extension of themselves. They use their desktops to communicate with customers and business partners, write memos, and draw up spreadsheets. They lug their laptop through airports to present at meetings and conferences. They think of printers not as devices in need of toner and IP addresses; rather, the printer enables them to convert soft copy documents to hard for sharing with others.

It was then that I realized the crucial component in this serendipity: With everyone else in our business, it's the personality that matters. Lacking personality, that computer becomes little more than a strange device they don't understand. Lacking personality, users don't know how to interact with their equipment or they fear even touching it. Without a personality, their computers become objects for your IT group to deal with and cease being personal.

Chapter 3: Tying Security to People, Not Devices

I'm a genuinely optimistic kind of person. I believe in the intrinsic human desire to ultimately do what's right, notwithstanding the circumstances. Although that innate positivity works great for some parts of my IT professional's career, it probably doesn't make me the best IT security person.

Why? Because it takes a certain type of person to be really good at IT security. Those individuals, by virtue of their job's charter, are forced to approach every situation with a critical eye. They seek out weak points in IT architectures, looking for places where bad people can do bad things. Their role is to protect company assets by setting policies, permissions, lockdowns, and security measures.

Yet although the role of the security administrator won't soon be going away, there's an argument that new approaches to security are quickly becoming necessary. Consider once again today's evolving business climate as outlined in Chapter 1. There, I explained how the traditional one-computer-per-person approach no longer makes sense for IT. Today's users find themselves launching applications on their desktops as well as via remote application infrastructures. They connect from home as well as on the road. They leverage certificatebased logins in addition to passwords, but not at every login. In short, today's user behaviors are unpredictable.

Complicating this situation further is the recognition that today's user employs multiple mechanisms to access applications and data, often at the same time. One user might log in to their local desktop and connect to a remote application, only to find themselves an hour later also using a conference room computer. Another might login twice from home, using at the same time their home computer and their company-supplied laptop.

In Chapter 3, we will discuss how creating an environment of pervasive personalization can mean one of pervasive security as well. Security settings that might have been challenging to manage using other solutions become easy to administer as they migrate with users. In the end, a User Workspace Management solution can improve both security administrators' jobs as well as the experience of their users.

Chapter 4: Transforming to an Environment of User Workspace Management

I've been working with IT systems, both servers and workstations, since before the days we had management tools. Back in those days, the idea of automation centered around "getting enough technicians into the field to sweep the hallways." I still shudder as I remember a few multi-site, company-wide configuration updates that didn't change all that much but required dozens of people and massive coordination to get the job done. Good riddance to manual administration.

Also a part of my professional history is what seems to be a constant struggle with Windows profiles. Whether fixing local profiles gone wrong on individual desktops or managing thousands of remote ones for large-scale remote application infrastructures, Windows profiles have tended to be that technology that keeps me in the office during evenings and weekends.

It is that pain, combined with the pain I see in the eyes of my users, that makes User Workspace Management solutions so attractive. Their ability to take the profile out of the user's profile eliminates a massive administrative pain while improving the experience of every user.

The technological bits and bytes that actually accomplish that decoupling is a topic that's been touched upon throughout this guide. You've already come to understand the workspace itself, and how that workspace can be made pervasive across the spectrum of delivery mechanisms. You should at this point also recognize how that workspace is composed from an integration of content, context, and security. Most importantly, you should appreciate how an environment of pervasive personality brings with it key security capabilities that improve your overall security posture.