Windows Vista’s Full Disk Encryption is only available if you have Microsoft Software Assurance?,10801,104918,00.html

Wow – personally, I think someone in marketing at Microsoft has miscalculated on this one. Don’t get me wrong, I can understand the rationale – “Well, most of the customers that have asked us for this feature are already on Software Assurance or wouldn’t have to spend much additional $$$ to get it. The smaller orgs still have EFS to be able to protect their data, and since they haven’t asked for anything else, they must be satisfied with EFS right?”

I don’t buy it – here’s my thinking:

  • Just because those few organizations who’ve actually taken the time to articulate their needs happen to have the SA arrangements already made (or have the EA leverage to negotiate cheap SA rates), doesn’t mean they’re the only ones who would (or could) use this feature;
  • Just because SA has been considered by many Microsoft customers to be a rip-off, and not worth buying again, shouldn’t lead to the effect (intentional or not) of holding some of the most critical features of Vista hostage from the rest of the Microsoft customer base (especially those who wish to purchase one of the premium Vista SKUs such as the rumoured Professional or Full Media editions);
  • Many of the organizations who haven’t explicitly articulated a need to their Microsoft reps for Windows-native full disk encryption [at least based on my experience with them] are either (a) still struggling with their much more limited – and challenging, in most cases – deployments of some form of file encryption on user’s PCs, and are sick of talking about encryption, or (b) have committed to another technology because Microsoft hasn’t yet provided a solution for this critical business need. However counterintuitive it might sound, those organizations who fall under (b) should be given the chance to try Vista’s full-disk encryption without having to commit to SA to do so. Many organizations with whom I’ve worked have told me they’d far rather use a technology that already comes with the products they’re using, than to have to integrate yet another piece of third-party hardware into an already-overly-complex “desktop” deployment – just so long as they believe the built-in technology reasonably achieves their overall goals. Nothing like hands-on testing (and widespread talk from others also testing) to help convince them – but it’s very difficult to get that groundswell of opinion when so few organizations even qualify to be able to use a technology like Secure Startup.

It’s not like the need isn’t critical in every organization – just the opposite in fact, based on my experience with customers over the years. I wonder if it just happens that there hasn’t been enough formal market research at Microsoft to show how widespread the need really is.

Makes me wonder what ELSE is being locked up in the SA-only Vista Enterprise SKU. I’d love to hear a response to this from those at Microsoft who’ll have to defend this to the legions of Microsoft customers for whom Secure Startup won’t be available…

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s