Using Windows Hello for Business with Remote Access on Windows 10
Microsoft IT shares how they implemented Windows Hello for Business for their thousands of remote workers that enter the corporate network through the companies VPN.
Yesterday, I shared a Microsoft IT Showcase white paper about Windows Hello for Business that provided the background and details about the security feature in Windows 10.
One of the features for Windows Hello on the latest Microsoft operating system is the ability to use that authentication method with Remote Access which so many companies employ today.
Well today there is a new white paper from the Microsoft IT folks that shows how exactly they enabled Windows Hello with the 25,000 to 45,000 employees who remotely access their VPN on any given day of the week.
By implementing Windows Hello into their IT infrastructure it provided the following benefits:
A single VPN solution to support our 180,000+ global users.
A preferred credential backed by certificate-based authentication, providing a seamless sign in experience and connection to resources from outside the corporate network.
The ability to “just work” with our existing VPN solution as machines upgrade to Windows 10 November update.
Compliance with corporate policies using our preferred device management solution.
Windows Hello for Business uses either a private/public key pair or certificate based credentials for identity validation which is much more secure than passwords.
The new Windows Hello features are available for any organization running the Windows 10 November Update (Version 1511, Build 10586.xxx) on their client devices.
The white paper goes on to show how Microsoft IT has configured their hardware to support not only Windows 10 but Windows 7 and 8.1 as well.
Down the road they plan to incorporate conditional access which quarantines a users system until it is confirmed to have all the latest security updates, auto-connect to VPN so the network remains connected without further login or validation and VPN profiles through Microsoft Intune and System Center Configuration Manager to replace Connection Manager.
Be sure to download the white paper and add it to your collection of resources for future reference.
But, wait...there's probably more so be sure to follow me on Twitter and Google+.
----------
Looking for an awesome, no-nonsense technical conference for IT Pros, Devs, and Devops? Check out IT/Dev Connections!
About the Author
You May Also Like