Seven, Schmeven: What’s the Big Deal?

Power Savings — Group Policy
Many computers, including most desktop PCs and some laptops, are typically left powered-on 24/7. Windows 7 provides new power options, which can be centrally managed by Group Policy. Now, those with responsibility for configuring desktop and laptop computers can take a proactive role in managing the electricity consumed by PCs. Coupled with hardware advances like Intel’s vPro technologies, IT staff can use Group Policies to apply power plans that power-down machines … and still be able to wake them remotely for management tasks. This will reduce power consumption by nearly 75 percent and directly drive bottom-line savings of more than $50 per PC per year. Also, the plans can gracefully turn certain components off when not in use.

Direct Cost Savings — Troubleshooting Packs
These little gems significantly reduce help desk involvement, but more importantly allow end users to get back to work quickly. In an attempt to keep the technical jargon to a minimum, these troubleshooter wizards are power scripts designed to diagnose and solve basic common issues. Windows 7 comes with a new Control Panel feature referred to as the Action Center. Using Start Search (this is located by clicking on the start button and typing, in this case, action. Up comes the Action Center, and there you’ll find the Troubleshooting (and Recovery – see previous paragraph) utilities.

Windows 7 includes 20 built-in Troubleshooting Packs that address more than 100 root causes of problems. These were included based on the top 10 categories of Microsoft support calls.

Direct Cost Savings — DirectAccess
Mobile computers are a challenge for IT departments because they can only be managed when they are connected to the internal network. Users who often work away from the main office or who travel for extended periods of time might not connect to the internal network for weeks or months. As a result, these mobile computers don’t download updated Group Policy settings, critical updates or anti-malware definitions.

Traditionally, remote users connect to internal network resources with a Virtual Private Network (VPN). However, using a VPN can be cumbersome for users because it requires several steps, and several seconds (or even minutes), for authentication to occur. Windows 7, together with Windows Server 2008 R2, introduces DirectAccess, a new solution that enables users to have the same experience working remotely as they would if they were working in the office. Taking advantage of technologies such as IPv6 and IPSec, DirectAccess provides remote computers with automatic access to the internal network across the Internet without connecting to a Virtual Private Network (VPN).

Direct Cost Savings — Enforced Data Encryption
We would all agree that we are doing business in a very litigious environment. Privacy legislation has certainly increased the risks associated with doing business as professional accountants. Vista introduced a full-drive encryption utility referred to as Bit-Locker. Windows 7 enhanced and expanded that utility with Bit-Locker to go, providing full-drive encryption of any USB drive (and so-called thumb drives) in addition to attached hard disks.

The real issue is depending on end users to apply firm policies related to transporting sensitive information on encrypted media. I received a letter from the AICPA back in 2006, which read as follows: “We are contacting you about an incident that affects you. A restored AICPA computer hard drive containing certain member information being transported to the Institute cannot presently be located.”

There was more, but you can imagine the feelings of vulnerability I felt and the feelings of embarrassment felt by the Institute for compromising my private information. One of my worst nightmares is the thought that I would have to send such a letter to my clients. As in the AICPA incident, the breach was caused by an employee violating Institute policy.

With the enhanced Bit-Locker technologies, in combination with Widows Server 2008 R2, Group Policies can now require any portable media device when connected to any machine on the network to be encrypted before any data can be transferred to it. This is a “sleep at night” benefit of the new technologies.
Further you can restrict certain users and/or machines that can be used to transfer data to portable media. Many a firm has been affected by disgruntled staff members who take client files (feeling entitled to do so) without authorization of firm owners.