Microsoft’s New Tools Make Surface Devices Better Suited For The Enterprise


Microsoft’s line of premium laptops and tablets have been well received by enterprise customers and are being deployed all around the globe. The latest Surface devices, which all come with Windows Hello and are made of high-end materials, ship with Windows 10 but to help these clients have more control over the devices, Microsoft is giving them new tools for better management.

In some environments, where data leaks and security are of the highest order, corporations will lock down hardware so that USB drives and webcams cannot be operated by the user. To help its corporate customers obtain more control over their own devices, Microsoft has announced Surface Enterprise Management Mode which can be deployed to Surface Pro 4, Surface Book and Surface Studio.

This new tool allows an organization to take ownership of a device and lock down the hardware configurations within the device firmware. Hardware rules can be applied to Wi-Fi networks, Bluetooth, Ethernet, time of day, application access and certificates that can be included in initial deployments or dynamically pushed via the cloud.

In the event that a Surface device is lost or stolen with SEMM deployed, it requires both physical possession and a unique certificate to make any changes to the configuration of the device.

The goal with this new tool is obvious, to help move more of Microsoft’s hardware into the enterprise. By giving IT admins more control over the hardware, it helps to match what is considered best-in-class capabilities offered by other manufacturers and now that the Surface line is offering these tools too, it opens the door to additional customers who handle sensitive data.

Even though Microsoft hit a bumpy road when the company launched it Surface brand several years ago, the company has found success with its Pro 3, Pro 4 and Surface Book. The product line is frequently topping a billion dollars in a single quarter and the company is expected to refresh its laptop and tablet hardware in the first half of 2017.

[Update] Microsoft clarified the specific feature of SEMM versus what its partners already offer: “SEMM, when coupled with offerings from partners, can enable dynamic hardware configuration rules, pushed from the cloud, however this is not available immediately out of the box”.