User access to data

User access to data was once a simple matter:  Connect the company’s computer to the network, grant the employee access to the data.

In today’s universally connected world, it’s more complicated.  The users still need the data, only now they’re connecting from desktops, laptops, tablets, phones, and often on equipment that belongs to them, not to the employer. They’re accessing the data across cell networks, wifi, wiMax, VPNs, and an ever-expanding array of new options. 

Still, behind it all is the company’s data.  Perhaps our most valuable asset, exposed to nearly every attack surface out there.  Our reputations often ride on the confidentiality, availability and integrity of this data. 

How do we achieve these seemingly contrary objectives?  Making data effortless for good guys to get, extremely difficult for the bad guys to get.

cloud synchronization

Work Folders: Granting and controlling ubiquitous access across varied devices.

Work Folders functionality is similar to Offline Files, which means that you can access and modify content in Work Folders without network connectivity and changes will synchronize back when network connectivity is restored.

A principal difference is the cloud synchronization that Work Folders offer.  Your data is available to you, on any connected device, including the changes you’ve made at other devices.  This blog will focus on this feature.

Work Folders store
Traditional client/Server connectivity has many advantages, such as central access control, management, reporting, and availability from any domain-joined and network-attached device. But modern users access data when they are not connected to a company network, and from a wide array of devices that are not domain members.

For such scenarios, you can use solutions such as Folder Redirection and Offline Files, or you could use synchronization with Microsoft OneDrive (formerly known as Microsoft SkyDrive) or Microsoft OneDrive for Business (formerly known as Microsoft SkyDrive Pro).

Yet, Windows 10 and Windows 8.1 provide an additional solution, Work Folders, which can be useful when:

  • Users are using multiple devices for accessing company data.     
  • Users need to synchronize data between devices, and some of the devices are not domain-joined.

Work Folders store only users’ individual files and users can access only their own Work Folders. The data is stored on a traditional file server, but devices also keep a local copy of the users’ subfolders in a sync share, which is a user work folder.

Users can access a local copy of their Work Folders even without network connectivity, and any modifications they make synchronize with their Work Folders on a file server immediately, or after restoration of connectivity to the file server. Users can access and use Work Folders from various devices, irrespective of their domain membership. Devices that are running Windows 10, Windows RT 8.1, Windows 8.1 and Windows 7 operating systems support Work Folders, and you also can use the Work Folders feature from iOS-based devices.

If users are using multiple devices that are configured with Work Folders, changes they make on one device synchronize with their other devices automatically. Because Work Folders content is stored on a file server, you can use all the features that are available on a file server, such as dynamic access control, auditing, quotas, file classification infrastructure, and protecting content with Rights Management Services (RMS).

You can define a policy for devices that access Work Folders. For example, you can create a policy that requires that the local copy of the Work Folders data is encrypted on a device. You also can use the Remote Business Data Removal feature to prevent access or to wipe the local copy of Work Folders data remotely on a device if the device is lost or if the employee leaves the company.

Work Folders Components

Work Folders Components

Work Folders server:

  • Sync share

User devices:

  • Files stay in sync across all user devices
  • Local changes synchronize to the server, and then to other devices
  • Devices must be running Windows 10, Windows RT 8.1, or Windows 8.1 operating systems
  • Windows 7, iPad, and iPhone clients are supported

Upcoming Blog Post-
Work Folders Part 2: Syncing Process