TechEd Europe 2014: Microsoft Previews Windows 10 Enterprise Features
TechEd Europe 2014 launched this morning in Barcelona with a keynote delivered by Jason Zander, Corporate Vice President for Microsoft Azure, and Joe Belfiore, Corporate Vice President of the PC, Tablet and Phone, Operating Systems Group.
Belfiore talked again about features already demoed at the launch of the Windows 10 Technical Preview on September 30th, including Snap, Snap Assist, Continuum, and virtual desktops, but also showed delegates Snap working on setups with multiple monitors, new touchpad gestures for managing desktop windows, dynamic provisioning using Azure AD and new generation credentials using virtual smart cards.
During the speech, four key principles were outlined on which Windows 10 is being developed:
- A single, converged platform
- An OS that people will love
- Protection against modern threats
- Management for all device form-factors
The Windows core, which includes the kernel, file system and network stack that already runs across multiple platforms, as seen in Windows 8.1 and Windows Phone 8.1. That concept is being extended so Windows can run on a wider range of devices as possible, including wearables, Xbox One, and any form-factor with a supported processor architecture.
Say Goodbye to Traditional PC Lifecycle Management
Traditional IT tools, including Microsoft SCCM, Ghost Solution Suite, and KACE, often require considerable custom configurations by T3 technicians (an expensive and often elusive IT resource) to enable management of a hybrid onsite + remote workforce. In many cases, even with the best resources, organizations are finding that these on-premise tools simply cannot support remote endpoints consistently and reliably due to infrastructure limitations.
This will allow ISVs to invest in creating applications that target the largest number of devices, with the Windows and app experience following users around, no matter what device they are working with. While this isn’t anything we didn’t already know, it does confirm Microsoft’s commitment to its mobile first strategy.
Microsoft hopes IT will love Windows 10
Taking feedback from Windows 8, good and bad, and collecting telemetry and feedback from a protracted and open development period for Windows 10, Microsoft wants the end result to be a system that suits a broad range of users. The current technical preview is focusing on enterprise users, as the most disgruntled group because of poorly received changes made in Windows 8.
To that end, Windows 10 combines familiar features from Windows 7 and XP in the Start menu, but adds value from Windows 8 with touches that proved popular, such as live tiles. The Windows Runtime (WinRT) application platform, which powers Universal (Windows Store) apps, rolls over from Windows 8, but in Windows 10 users won’t see a difference between desktop apps and Universal apps, which could previously only run full screen.
Windows 10 contains improvements for all kinds of users, from novice to advanced. Features such as Snap Assist and virtual desktops are discoverable through the UI, and two new features will debut in the next preview build so users can use Snap on multiple monitors, and new touchpad gestures making it easier for notebook and two-in-one device users to work with desktop windows.
Protection against modern threats
For the first time, new generation credentials were demoed, and Belfiore logged into Windows 10 using a PIN and Windows Phone acting as a virtual smart card. Microsoft hopes that by utilizing virtual smart cards and PINs, or some form of biometric authentication, passwords will become a thing of the past, and two-factor authentication more ubiquitous. Although not detailed in today’s keynote, Windows 10 also includes other security changes to help protect security tokens after users have authenticated.
Not only will organizations have more control over what apps are allowed to run in Windows 10, but it will be possible to manage which apps are able to interact with corporate data. Belfiore showed how Microsoft Word could be designated as a managed app, limiting the location data that can be saved to and ensuring data is encrypted at rest. Additionally, a rights management feature prevents users from pasting data into unmanaged apps, functionality that will also be available as a management feature in Intune for the Office apps on iPad.
MDM and Group Policy
Group Policy is restricted to Active Directory environments and doesn’t extend to Windows Phone, but in Windows 10, organizations will be able to use Mobile Device Management (MDM) to manage devices across the board. While this is a welcome change, it’s unlikely that MDM will completely replace Group Policy in the short-term.
Belfiore announced that Windows 10 will support in-place upgrades from Windows 7 Service Pack 1 (and later) and dynamic provisioning. Organizations will be able to use Azure AD organizational accounts instead of Microsoft accounts and specify policies that control which apps users can run, apps to be preinstalled, and the layout of the Start menu live tiles. This kind of dynamic provisioning could mean that IT never need physically touch a device and would be especially useful for BYOD.
It’s all about the cloud
Despite the extra tidbits of information about Windows 10 revealed this morning, the most interesting parts of the keynote, and no doubt also the remainder of the conference, are about changes to Windows Server, largely in the areas of storage and virtualization, enabling Microsoft to continue growing the Azure platform.
Nevertheless it will interesting to see how features, such as rights management and next generation credentials, will be integrated into Windows 10. Hopefully the large scale engagement process with both consumers, enterprise users, partners, and Microsoft itself will ensure important features aren’t implemented in a half-baked manner, or with complex pre-requisites that might restrict adoption.