Love them, like them or loathe them, Microsoft applications and technologies are part of the IT landscape, and except for mobile, things aren't changing anytime soon. Managing the Microsoft cross-section of your organization's digital ecosystem is key to maintaining your sanity, if not improving your temperament.
The focus for many IT professionals is managing Windows upgrades, managing images and patch management. But for some organizations, there is an elephant in the room.
Beyond the Paradox of the Microsoft Naysayers
Is Microsoft on the losing end of a long-term trend that should dictate a shift in IT administration? Are business apps moving to lower-cost mobile platforms? Are Redmond's desktop apps moving to servers? How should we interpret the zeitgeist of sentiment about Microsoft products?
On desktops, Microsoft Windows has its detractors, especially from Apple adherents. On servers, too, Microsoft sees stiff competition — and a healthy amount of blowback from Linux lovers. But despite this open warfare, the reality is that Microsoft seems to be doing just fine.
In an April 2016 report by NetMarketShare, the desktop breakdown puts Windows solidly in the winner's column. Windows 7 has almost half of the total market share, while Windows 10 has 15 percent and Windows 8 has around 10 percent. Shockingly, the no-longer-maintained Windows XP is holding strong at 10 percent. And that's just the desktop piece of the equation.
Microsoft SharePoint, which, of course, doesn't run on a Linux server, was projected by The Radicati Group to "grow at an annual average growth rate of 20% over the next four years." It dominates the content management market for high traffic sites. Movement to cloud services notwithstanding, Exchange is still a powerful force in email. Plenty — perhaps most — enterprise content is stored in shared file systems (think UNC paths) as groups of Office documents or records in proprietary SQL Server or Oracle database formats.
Sure, Windows revenues are declining as the PC decreases in relative importance, but think about all the fingers Microsoft has in an enterprise's content. Writing last January, InfoWorld's Bill Snyder was downright bullish:
"From innovative hardware to augmented reality and open source, the new Microsoft is bolder and stronger than it has been for years."
The net effect of this ongoing market power recently enabled Microsoft to pass $1 trillion in revenues, according to technology consultant Jeff Reifman.
Microsoft Content: Ubiquitous, Leak-prone, Monitor-ready
For many organizations, Windows 10 rollouts are in your headlights. At the same time, cost and other considerations may increase adoption of Office365. What this means for sysadmins is this: For the foreseeable future, potentially valuable content will proliferate everywhere, on LANs, employee smartphones, private and public clouds, USB sticks, eLearning Xboxes, traditional desktops, the successful Surface — even iPads running Office.
Increased network speeds and capacities are great for your patch management and monitoring duties, but equally, they make it easy for user-diverted content to end up in places where it's more difficult to manage.
Luckily, there are network monitoring tools that can set up active monitors and check for the presence of sensitive documents, metadata, credentials or other alert-worthy data embedded in Microsoft applications. Here are a few of the Microsoft-specific capabilities this kind of tool adds for Windows admins:
- Use WMI monitoring to help detect the malicious use of WMI commands
- Monitor logs that can detect the side effects from compromised in-memory PowerShell scripts
- Once you've configured your firewall to permit WMI to pass through the RPC and DCOM assigned ports, WMI allows network monitoring tools (like WhatsUp Gold) to monitor, start and restart Windows services
- Perform remote administration by accessing a network monitoring tool's web interface through the Windows mobile implementation of IE Mobile or Opera Mini
- Have audit-ready consolidation of Windows event logs ready to go
- Application performance monitoring tools can include off-the-shelf profiling for Active Directory, Exchange, Hyper-V, IIS, Sharepoint, SQL Server, Print Server and other Windows products.
Beyond the obvious (compliance, duty of care, etc.), protecting intellectual property and customer privacy are fast becoming every bit as important as responding to Patch Tuesday.