PolicyPak Blog

Microsoft’s Acquisition of FSLogix is Good for Cloud VDI and PolicyPak Customers

While the virtual desktop has consistently been growing in adoption and perceived value, Microsoft’s recent acquisition of FSLogix may very well be the integral event that propels it to the next level. Back in September during Microsoft Ignite, Microsoft announced its dedicated entrance into the Data as a Service (DaaS) market with their newest Azure…[Read more]


Citrix WEM and PolicyPak: Better Together or Apart?

Time and again PolicyPak is lauded for making life easier for Citrix admins. However, from time to time, we are compared to a product that Citrix sells called Workspace Environment Manager (WEM). So does PolicyPak compete with or complement Citrix WEM? To sort out how WEM fits into our customers’ Citrix plans and where PolicyPak…[Read more]


Google and Windows — How sweet it is

Since it’s release, Google G Suite has seen steady adoption by small and medium-sized companies. Traditionally conservative enterprises have been slower to transition, but that is changing, as market leaders like Colgate-Palmolive Co and Verizon Communications Inc recently deployed G Suite to their employees. In fact, Google now touts more than 3 million enterprise subscribers,…[Read more]


Recent Poll Shows Continued and Expansive Use of Group Policy

Remember when they said people wouldn’t go to live concerts anymore thanks to the popularity of music videos? There weren’t supposed to be real estate agents anymore thanks to Zillow and there wasn’t supposed to be investment firms thanks to E*Trade. There also wasn’t supposed to be Group Policy thanks to the cloud and MDM,…[Read more]


Ransomware is Once Again the Method of Preference for Cybercriminals

In 2016 the FBI proclaimed ransomware a billion-dollar industry. Ransomware dominated headlines around the world as companies, healthcare centers and governments found themselves combating the digital plague that encrypted data and brought down networks. According to the Verizon 2017 Data Breach Investigation Report, one in three malware attacks were ransomware related in 2016. The onslaught…[Read more]


The Principle of Enforcing Least Privilege (Part 2)

In Part 1 of this blog series, we introduced the Principle of Least Privilege (POLP) and how it is similar to any other set of standard operating procedures that businesses adopt and utilize every day. The PoLP was developed more than 30 years ago by the US Department of Defense and required that each subject…[Read more]


The Principle of Enforcing Least Privilege (Part 1)

It seems that as a society, we always want more. More money, more prestige, more bandwidth, more memory, etc. Often times however, less is more. Oscar Wilde said, “Everything in moderation, including moderation.” When applied to our personal lives, moderation helps us achieve a healthy balance between work and leisure, alone time and socialization. This…[Read more]


Malware Attacks Are Increasingly Common – And Increasingly Sophisticated. Are You Protected?

Not very long ago, an enterprise cybersecurity strategy resembled that of the medieval Lord who relied on the fortified castle wall to protect the inner kingdom. Likewise, the traditional enterprise originally relied on a robust hardware constructed firewall that established a perimeter to guard against hackers and other threats. Unfortunately, that is no longer a…[Read more]


Cloudy with a Chance of Control

We recently released a new PolicyPak Cloud feature that enables you to point-and-click to specify ADMX settings, without having to pre-create and upload them first. This is an amazing new breakthrough that we are excited to bring to the PolicyPak Cloud solution. With just one click, you implement any ADMX setting for Windows or Office;…[Read more]


Can PolicyPak Make Your Job More Secure?

Fifty-five years ago, legendary Texas Longhorns football coach, Darrell Royal said, “Three things can happen when you pass, and two of ‘em are bad.” The consequences of an incomplete pass or an interception understandably contribute to the stress of the quarterback position. Similarly, today’s Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) are…[Read more]


Backing up your GPOs (with and without PolicyPak Data): Don’t get burned

So many bad things can happen to your enterprise data. Storage system failures, ransomware attacks, and fat finger deletes are just a few of the things that can wipe out critical data on which your organization depends. While most enterprises do implement a backup strategy to retain copies of their traditional data, Active Directory (AD)…[Read more]


PolicyPak Will Soon Only Support Firefox ESR

We are all used to having a choice in so many things. The grocery store offers paper or plastic, the gourmet restaurant offers red or white wine, and Mozilla Firefox offers both the Rapid Release (RR) and Extended Support Release (ESR) versions of their popular browser. Many admins do not even realize there is a…[Read more]


What are the Most Common Roadblocks to Your Windows 10 Migration?

Periodically, someone has the pulse of the world around them, someone who understands the real-time dynamics occurring throughout and can foresee the ensuing outcome of those stimuli. It may be an economic forecaster that recognizes the undercurrents driving the macro markets towards a given direction. It may be an entrepreneur that comprehends the disruptive implications…[Read more]


Can PolicyPak Save You $23 Million?

If your company stores or processes data and information concerning citizens of the European Union (EU), then the answer is yes. You are probably at least somewhat familiar with the General Data Protection Regulation, commonly known as GPDR, that officially went into effect on May 25, 2018. GDPR is a set of provisions that requires…[Read more]


PolicyPak Discusses XenApp and XenDesktop at the first Northeast CUGC XL

PolicyPak is a long-time member of the Citrix community. We’ve always found a lot of value in the learnings shared by Citrix experts and thought leaders, so in 2018, we decided to extend our relationship to participate in many of the great events that the Citrix User Group Community (CUGC) hosts across the country. Earlier…[Read more]


Simplifying the OS Migration and Managed Settings Processes for Windows 10

According to a recent survey, involving 500 organizations residing in over 30 countries covering multiple industries, more than 45% of organizations are in the planning or pilot stage of a Windows 10 migration/deployment endeavor. There are a number of reasons to migrate your workstation devices to Windows 10. Microsoft will no longer support Windows 7…[Read more]


Citrix Summit 2018: PolicyPak + FSLogix

Hi all. Jeremy Moskowitz here. This year I teamed up with my friends at FSLogix and joined them at Citrix Summit 2018. Together we co-met with customers and partners and talked about our awesome “better together stories”. (If you don’t already KNOW them, check them out here or here Then, to really rally the troops,…[Read more]


Managing File Associations: Then (Windows 7) and now (Windows 10) using Group Policy (Part 3 of 3)

In the previous blog entries (Part I and Part II), we explored the new reality of Windows 10: if you install an application it’s extensions are not registered as expected. And we explored how the Group Policy Preferences “Open with” item doesn’t work anymore with Windows 10. So how does PolicyPak File Associations Manager help…[Read more]


Managing File Associations: Then (Windows 7) and now (Windows 10) using Group Policy (Part 2 of 3)

In the previous blog entry, we talked about the “Windows 7 way to manage File Associations using Group Policy Preferences. We also pointed you toward a modern solution from us here at PolicyPak, PolicyPak File Associations Manager which makes this process “Windows 10 friendly.” That being said, if you didn’t have PolicyPak File Associations Manager,…[Read more]


Managing File Associations: Then (Windows 7) and now (Windows 10) using Group Policy (Part 1 of 3)

Have you tried to install an application in Windows 10 lately? If you hand-install it, or install it using SCCM, you might get some annoying things you didn’t bargain for. Seriously: Try this sometime. On Windows 10, hand-install Acrobat Reader, Outlook (or something smaller like Claws Mail), or VLC Media Player. (Or use SCCM, PDQ…[Read more]


Create Java Deployment Rule Sets and manage Java Exception Site lists using PolicyPak

PolicyPak On-Prem and Cloud now closes the loop on one of the hardest problems to solve in the Enterprise: How do you deal with multiple versions of Java? If you have Website ABC with a Java applet that requires Java 7 U 51, and Website DEF with a Java applet that requires Java 8 or…[Read more]


Firefox 49 Enterprise Root Certificate support vs PolicyPak

Firefox 49 is about to be released and when it does, it will have some support for embracing some certificates to machines if you use an Enterprise CA. The details on what is and what is not supported can be found on Mozilla’s website here (https://wiki.mozilla.org/CA:AddRootToFirefox). You can also check out a good blog post…[Read more]


PolicyPak Browser Router: The right browser for the right website.

In your company, your desktop evolves; so you have to evolve.Your desktop now has one, two, three or four (or more!) web browsers in it.If you have any Windows 10 machines out there now, you automatically have two browsers: IE 11 and Edge !Add one or two more browsers, and what do you get? The…[Read more]


Wipe Superfish and Privdog (and other evil certificates) off your network using Group Policy and PolicyPak

Take a quick second and Google / Bing for the words “Privdog” or “Superfish.” In a nutshell, these applications install a certificate, which your computers then trust. Then because of that, the chain of trust is broken, and the bad guys can use that as an attack into your systems. Good news: You can keep…[Read more]


Windows 10 = Windows Vista + 4.

People are asking me “OMG.. as an IT Pro, will I have to learn a whole new world with Windows 10?” While it’s true that Windows 10 isn’t out yet, I can more or less say the following with a straight face: “Windows 10 is really Windows Vista with some spit and polish, just like…[Read more]


Firefox updates and PolicyPak STIGs

1. Firefox updates: Available now. If you have rolled out PolicyPak CSE 712, there are two “hidden” features which are already there, but the Firefox Pak itself wasn’t ready until now. So, available now are the following two added features to Firefox: Managing Bookmarks Managing Pop-Ups and Permissions You can see the two how-to videos…[Read more]


Weekly Support FAQs for week ending Feb 14, 2014

Q: I am testing PolicyPak. What are my best first steps? A: We always recommend new customers and evaluators, to “Walk before they run” with PolicyPak. We strongly recommend you to go through first 30 pages of the PolicyPak Application Manager QuickStart guide. This will walk you through to get WinZip 14 up and running…[Read more]


Weekly Support FAQs

This is a list of Qs and As for the last week or so at PolicyPak support. Hope this is helpful. Q: I am having issues in disabling “Check for Updates Automatically” in Updates tab for Java 7 update 51 using the Pak I downloaded. I had this working fine with the Java 7 update…[Read more]


UE-V 2.0 Group Policy Settings Suggestions

I recently upgraded our PolicyPak test lab with UE-V 2.0 from UE-V 1.0. To be sure, there’s really no “upgrade” process. Some snags I ran into: I figured doing an in-place upgrade from UE-V 1.0 agent to UE-V 2.0 agent would magically upgrade, remove the original UE-V 1.0 agent and keep going. Um.. Sort of.…[Read more]


Microsoft Server 2012 VDI and PolicyPak (or, lessons learned when shooting the video)

The last several days I decided to spin up Microsoft’s VDI solution which is greatly improved on Server 2012. The goal was to show how PolicyPak can deliver, lockdown and enforce application settings within Microsoft’s VDI. I knew it could — I just wanted to make my own video about it. The final video is…[Read more]


How to teach Windows to make your applications run more securely using EMET

In short, EMET is the “Enhanced Mitigation Experience Toolkit” (thanks Microsoft for all the fun names!). Basically, here’s the deal in a nutshell: Application vendors don’t always turn on enhanced security when they’re compiling their applications. Good news: You can force Windows to turn on enhanced application security — for executions themselves. Note: This does…[Read more]


How to change the proxy server for Firefox (or IE, etc) on the fly — even when users are offline.

This is a common problem: Users are in the office, and they’re supposed to get one proxy server. They go home or on the road .. you want them to drop the in-house one, and pick up another / none. How are you going to do that ? With PolicyPak.. Easy. Here’s the how-to video.…[Read more]


Why does Internet Explorer Maintenance go away when IE 10 is installed? (And what can I do about it?)

We’ve been POUNDED with questions about Internet Explorer maintenance questions lately. Some people have discovered that when: 1. YOU (yes YOU) install Internet Explorer 10 on your Windows 7 machine … -or- 1b. YOU (yes YOU) use Windows 8 machine which is pre-loaded with IE 10 … Then … 2. You (yes YOU) lose the…[Read more]


Group Policy ADM/X: Myths and Facts – What Microsoft Never Told you (and you need to know)

A lot of times people ask me: “Jeremy, when I use ADMX files, I find that it seems to work for a while, then just ‘stop’ working. Have you seen this?” Or, another way people ask me is: “I want to ensure my users settings are locked down, so I created an ADMX file. But…[Read more]


Exactly HOW are you going to turn off Java NOW in your enterprise?

When the Department of Homeland security suggests that we temporarily disable Java until the dust settles (http://www.us-cert.gov/current/#us_cert_releases_oracle_java) , it’s nice to know that all PolicyPak customers have the fire extinguisher ready to rock at any time. Here’s exactly how to use PolicyPak to put out the Java fire:

How to Manage the…[Read more]


Why does PolicyPak licensing ask “Who am I?” and “Where do I want to use it?”

Let’s jump to the end of the story and take a look at what the License Tool generates when you’re making a license request. There’s always two items: “Scope” and “SOM_name”. There’s always just one scope and there could be several SOM_Names. “Scope” means: Where you might ever possibly use PolicyPak. Typically, this is (and…[Read more]


How App-V Handles Group Policy And Group Policy Preferences

Understanding AppV’s interaction with Group Policy has always been a little challenging. There isn’t a lot of documentation on this, but there have been some blog entries from Microsoft. For instance, I have read, read, and re-read this Microsoft blog entry which describes how AppV does or doesn’t embrace Group Policy directives. It basically says…[Read more]


Application and Desktop Management

Today’s Plan: Do we have to fight more fires? In Greg Shields’ “5 Rules for Managing Users’ Desktops” (REDMOND Magazine, full article here) he outlines five “Laws” to ensure that IT departments (not end users) are really running the show. While we want to empower the application user to be productive, we want to ensure…[Read more]