Hi Folks –
My list of Top 10 Features in Windows Storage Server 2012 R2 included Work Folders, a new feature in Windows Server 2012 R2 and Windows Storage Server 2012 R2. In this post, I’ll take a closer look at Work Folders, how it compares to other Microsoft synchronization technologies, and how you can benefit from it.
Work Folders: They Reside on Your Own Infrastructure and Can Appear in Multiple Locations
Work Folders gives users access to files on a company file server while allowing organizations to maintain control over that data. It works by syncing the data between end-user devices and the file server, which means you can use all the familiar file server management tools to manage and secure that data. Windows 8.1, which is releasing later this month has the new Work Folders feature built into the Control Panel and it looks like this:
After you configure Work Folders you will see the folder appear inside your file explorer, like this:
In simple terms, you can think of Work Folders as folders that reside on your own infrastructure, contain files you need to work on, and can appear in multiple locations—enabled through synchronization. The following table shows how Work Folders compares to other Microsoft sync technologies, including Offline Files, SkyDrive, and SkyDrive Pro.
Configure and Deploy Work Folders from Within Server Manager
Work Folders setup requires three basic steps:
- Deploy and configure the Work Folders role on your server
- Publishing Work Folders to Internet-connected devices using the Web Application Proxy (or through any reverse proxy solution)
- Provisioning devices to use Work Folders.
With Windows Storage Server 2012 R2, you can easily setup Work Folders using Server Manager. Here is a screenshot of Server Manager that shows the new “Work Folders” role, which is located under File and Storage Services.
After Work Folders has been deployed, users can securely access a copy of their data on supported devices while still empowering the IT department to help protect corporate data using these “must-have” security features:
- Authentication via integration with Active Directory Federation Services (AD FS) enables you to verify Work Folders are only installed on devices that are authenticated by your Active Directly, and the devices can be domain-joined or not and ADFS allows filtering out devices which are not workplace joined. You can easily integrate multi-factor authentication, such as www.phonefactor.com, which is now Windows Azure Multi-Factor Authentication.
- Encryption of Work Folders files on the device’s storage media, which can be configured by system administrators. Of course, files are always encrypted during synchronization.
- File Classification Infrastructure on the file server enables you to automatically classify documents on the file server and apply information rights management policies using Active Directory Rights Management Services (RMS). So, if a user saves a document that has confidential information detected, it will automatically be protected on the file server and soon after, on each of the synchronized devices.
- Data Wipe, which can be used to render Work Folders inaccessible from the user’s device when the user leaves the company or if the device is lost–without having to do a full device reset.
One of the cool features in Work Folders is that there is no conflict resolution UI. That’s right, if you are editing a file on three different devices at the same time, Work Folders will automatically save all copies of the document and append the date and the machine name to the file so you know exactly which doc has the particular edits.
If Work Folders sounds interesting and you’d like to learn more, here are some additional resources:
- What’s New in 2012 R2: People-centric IT in Action – End-to-end Scenarios Across Products
- Work Folders Overview
- Work Folders Test Lab Deployment
- Work Folders Certificate Management
Work Folders will make information workers very happy and it’s a great gift for the holidays! They get to have their critical data available on their devices, and IT administrators get confidence knowing that the data is secure on the server, the device and across the internet. The way I look at it, you can now securely deploy terabytes of synchronized data in your own private cloud for a fraction of the cost of buying cloud storage.
Scott M. Johnson
Senior Program Manager
Windows Storage Server