Windows 10 is set to be released on July 29th and the technology world is buzzing with excitement. But who can blame them? Windows 10 is going to be groundbreaking in so many ways. After all, the strength of the Operating System in the work place truly comes from how businesses manage it, and the tools they are provided to do so. With that said, the features and capabilities of Windows 10 are some of the most exciting in Microsoft’s history, in my humble opinion.
I wanted to share some of my favorite features of using Windows 10. I don’t want to say this is a “Top 10” list because picking the best of the best is like trying to pick which parent I love more, it can’t be done! Some of these features are completely new, and some have been around in some form but are now enhanced. Here are some of my favorite Windows 10 business features:
- Enterprise Data Protection
- Windows Update for Business
- Universal Windows Platform
- Windows Hello
- Microsoft Passport
- Device Guard
- Device Health
- Automatic MDM
- Windows Store for Business
The list above can be sorted into one of four buckets that Microsoft has kept at the forefront of Windows 10 development. These areas highlight what Microsoft is striving to accomplish with Windows 10:
- Be More Productive
- Innovative Devices for Your Business
- Protection Against Modern Security Threats
- Managed for Continuous Innovation
Let’s dive into each of the ten features briefly, as I want anyone reading this blog to walk away with at least a basic understanding of each topic.
#1: Enterprise Data Protection
Microsoft currently is developing what they call Enterprise Data Protection (EDP). While EDP may be renamed, the areas it assists businesses in will not. In today’s business world the idea of bringing your personal device to work is an important area of security interest. With the influx of non-corporate devices touching corporate resources, businesses must now figure out how to allow this while not compromising the security they have spent years developing and locking down.
EDP helps protect companies from data leakage, while providing the end-user with a seamless experience when switching between corporate and non-corporate data. EDP is able to do this through encryption, even down to the file level, corporate wipe of devices leaving personal data intact, and integration with existing management systems such as Configuration Manager and Intune.
More details in regard to EDP can be found here.
#2: Windows Update for Business
Microsoft offers updates to over 850 million devices. It also offers various tools for enterprises to use in order to deploy those updates. However, with a changing landscape of devices to patch, Microsoft realized it needed to offer new ways to deploy updates for enterprises. This is where Windows Update for Business comes alive.
Windows Update for Business (WUB) will provide innovative features around patching including the ability to push out patches in waves. The waves will allow businesses to push patches to non-mission critical machines in a first wave, and more critical machines in later waves. Maintenance Windows will also be offered by Windows Update for Business, allowing the administrator to specify when patches can be applied. This is a concept that is familiar to Configuration Manager administrators. Another great feature of WUB is peer to peer delivery of patches. This makes patching small branch offices, with slow connectivity, to use less bandwidth over what may be slow WAN links. And of course, WUS will integrate into your existing tools such as Configuration Manger and the Enterprise Mobility Suite, so you don’t have to rebuild your environment.
More information in regard to Windows Update for Business can be found here.
#3: Universal Windows Platform
Imagine being a developer that is writes an application in order to make money as a business. There are so many devices on the market from Windows computers, Mac computers, Windows Phones, iPhones, Android Phones, and the list goes on. Writing an application for many platforms is time consuming and costly when each platform requires drastically different code.
Now imagine the average enterprise. An initiative that many businesses go through is to reduce the number of applications that can do a particular task. There may be countless applications that open a PDF file but what if the company wants the same application for every device to be the same application. Further, that company does not want to buy the application hundreds of times.
These situations make the Universal Windows Platform and other initiatives that Microsoft is doing very compelling. With the Universal Windows Platform an application written once can be run on a range of devices from IoT, Mobile, Windows 10 PC, Xbox, and even a Surface Hub. Microsoft is also providing tools to help developers wrap their code and allow it to run on platforms such as iOS and Android.
The result of all these efforts is a more seamless End User experience, where users can move from one device to the next and can be immediately productive. The need to relearn an application because of drastic differences will fade away.
Universal Windows Platform Applications are discussed here at length.
When Microsoft released Windows 8, it soon came to their attention that they could have solicited feedback from enterprises across the globe in order to ensure they were building the Windows platform that businesses wanted. Microsoft has since learned from this and is doing an incredible job of getting feedback from in-person meetings, presentations, online forums, and even from within their various Windows 10 Insider Program builds.
Windows 10 has been enhanced with the addition of what Microsoft calls Continuum. Continuum knows when a user switches a Microsoft Surface, as an example, between use as a tablet (without the keyboard) and use as a laptop (with the keyboard). Based on the removal of the keyboard, Windows 10 will ask the user to switch to Tablet mode resulting in apps opening full screen for easier touch use, along with the Start Menu opening full screen.
If Continuum was not already exciting enough, it will be extended to Windows Phones! Using your Windows Phone like it is a mobile PC is very intriguing.
Continuum for the Windows Phone can be seen here.
#5: Windows Hello
In information technology, biometrics refers to technologies that measure and analyze human body characteristics, such as DNA, fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, for authentication purposes.
The ability to log onto Windows systems using methods other than a typed password has been around for quite some time. However, like practically every area of technology, research and development is bringing biometric authentication to the next level.
Windows 10 will utilize Windows Hello, which offers system support for biometric authentication via face, iris, or fingerprint. Because of how unique these characteristics are, these methods of authentication are very accurate while staying very secure. The advancements in this area also mean holding up a picture of somebody’s face not mean they get logged into your system. Microsoft has no intention of convenience taking place of security. Instead, their intention is to balance the two.
More information in regard to Windows Hello can be found here.
#6: Microsoft Passport
Speaking of Microsoft and enhanced security, enter Microsoft Passport. Microsoft Passport replaces passwords with strong two-factor authentication. By using Windows Hello (see above) with an enrolled device, users are now authenticated in a user-friendly manner that still serves to enhance security.
Microsoft Passport is the perfect balance between user convenience and security. Which is what Microsoft built it to accomplish.
Microsoft Passport can be implemented in various ways but combinations of Active Directory Federation Services (ADFS), Domain Controllers running the latest Windows Server Operating System, Configuration Manager, and Intune are often involved and combinations of these technologies are required.
More information on Microsoft Passport can be found here.
#7: Device Guard
Microsoft works diligently to protect their products from attacks. Over the years Microsoft has found new and innovative ways to improve the way they protect the Windows desktop Operating System. Device Guard protects Windows 10 by ensuring every application attempting to reach out to your network is trusted.
Device Guard is especially important for institutions dealing with financial data such as Point of Sale devices, ATM systems, and the Health Care industry with their confidential patient data. The best part is you only need Windows 10 and Configuration Manager or Intune to get started.
You can check out this Microsoft Ignite session for some good information around Device Guard.
#8: Device Health
Windows 10 includes a new device health capability that allows enterprises and websites to ensure that users only access services from healthy, fully updated, and compliant devices. This feature is tied directly to your hardware.
One example of Device Health in action is it monitoring and checking your computer’s security status before letting you log into your banking account online.
#9: Automatic MDM
The use of Azure Active Directory with Windows 10 is going to bring a plethora of features. I would like to focus in on one of the many cool scenarios, which revolves around the “Bring Your Own Device” or BYOD concept.
Enterprises want to make their employees’ interactions with IT to be efficient, easy, and smooth. Allowing an employee to use their personal laptop to access company data is not a new concept. However, it has often caused the security-minded to have heart palpitations.
End Users will be able to join their Windows 10 device to Azure AD to access company resources in a way similar to logging into a company-owned device. When doing so, Microsoft Intune policies can automatically be pushed to the device, allowing the security-minded folks to rest easy at night.
For more information on how awesome Azure AD is when coupled with Windows 10, check out this blog article.
#10: Windows Store for Business
Speaking of Azure Active Directory, one other feature is very compelling: The Windows Store for Business.
By joining their devices to Azure AD, End Users will be able to access a robust extension to the Windows store that their enterprise manages. The new area of the Windows Store will provide users with access to applications purchased for them by their employer, and they will be presented with those applications in a look customized by their IT organization. With the Windows Store for Business, there will be no question which Windows Store applications are endorsed for business use.
Check out more info here.
Windows 10 is going to be a gigantic leap forward for Microsoft, IT departments, and End Users. I am amped up to help enterprises start deploying Windows 10 into production. The best thing anyone working in IT can do is download Windows 10 from the Windows Insider Program and start having fun and experiencing Windows 10 for yourself.