Windows To Go: The Forgotten Version of Windows 8
The ability to carry a Windows 8 image on a USB stick, plug it into any Windows 8 PC and separate corporate and personal data should appeal to anyone who frequently travels or simply hates lugging a laptop around. But Windows to Go isn't catching on. Will Windows 8.1 change that?
Fri, July 19, 2013
CIO — One of the most fascinating things about Windows 8 is what we don't talk about. One of the lead features of the product at launch was called Windows To Go, a feature that IT departments requested from Microsoft so they could create a Windows 8 image, put it on a special USB stick and distribute it to folks who wanted to bring their own PC to the office.
Such an image is fully managed, separate from the employee's personal image on their PC and, should the employee leave the company, can be wiped or returned to the firm without any impact to the employee's personal stuff. Traveling employees can just bring the USB stick and use any compliant Windows PC to get to all their local and approved network resources. IT doesn't even need to distribute custom images—just provision the USB stick like you would a PC using management tools the first time the employee uses it and logs in.
I figured IT would grab this option as the default and use it to avoid most of the pain of the bring your own device (BYOD) trend. But here we are, months after launch, and the most common response about Windows To Go, even when I ask OEMs: "What's that?"
Windows To Go: Think Different
The obvious first problem is that not many people know about this feature. Why? This is a very different way of running Windows. People tend not to like new, different technology. Once we're comfortable doing something a certain way, we tend to stay with that way of doing things. Running Windows off a USB key is certainly different. You may not think it works, but I've been using it for several days, and it works well.
However, there are also some unique hoops that IT may not want to jump through. The biggest is that you can't use a trusted platform module (TPM). The TPM is built into the hardware and tied to the hard drive. Given that you won't even have a TPM on most consumer PCs, this exposure is really no worse than if you put a company image on an employee's PC, but it does limit use for, say, traveling employees who require the use of a TPM.
In addition, connections to the PC hard drives are supposedly disabled. This is meant to assure that data won't migrate from the secure USB key to the employee's PC, but it also means you're limited to the capacity of the key, which often isn't much. (That said, I had no issues accessing the local drive, so this now appears to be an option.)