With BitLocker encryption and signed email, built-in VPN, and strong management options in the upcoming Windows Phone 8.1 release, Windows Phone is becoming a business-friendly mobile phone OS. But the new release is also crammed with features that will make users like it too, including the new Start screen option for putting an image across all your tiles, the Cortana personal voice assistant for searching and getting reminders, being able to move content between internal memory and an SD card, having photos automatically arranged in albums, and the new Word Flow keyboard, which lets you type one-handed by swiping your fingers over the keys to draw the word you want. The official release is this summer, but you might see devices with the developer preview showing up sooner than that.
Windows Phone 8.1 includes some badly needed improvements originally planned for the Enterprise Feature Pack, in particular VPN support, for IPsec and SSL – and as with Windows 8.1, you can create custom apps for your business that automatically launch the VPN and connect to it or set the VPN to connect automatically if users visit an internal web site.
Email on the phone now supports S/MIME for encrypted email, which lets users read signed email and sign messages they write on the phone (but they don’t have to sign everything, so they can still mail friends and family from their phone). You can push policies that stop them saving documents, forwarding messages, or even taking screenshots of protected information.
All that can be managed with the built-in mobile device management (MDM) client, which works with your choice of mobile device management software; for example Citrix, SAP, Sophos or MobileIron as well as Intune. You can provision email and Office 365 accounts; certificates to authenticate users for Exchange, intranet websites and your apps (turning the phone into a virtual smartcard with keys stored in the TPM); VPN and Wi-Fi profiles including EAP-TLS and EAP-TTLS; configuration policies and specific apps (including app updates). You can also whitelist apps in the Windows Phone Store to make them easier to find or block specific apps from loading. You can set up the new Action Center via MDM to show notifications from corporate apps or to not show work email there. You can even block features like the Store and Cortana – although that’s a good way to make users avoid letting you manage their phone.
You can remote wipe managed devices if they’re reported as lost or stolen. And if someone leaves or stops using their phone for work, you can deprovision it remotely or let him/her remove the management on the phone by removing the workplace relationship. That removes the work email account, the VPN connection, any corporate apps, and any documents he/she saved from work email or apps, and it unblocks any blacklisted apps without affecting personal data or even having to reboot the phone. Being able to get back control of the phone that easily may make it more appealing for others to enroll their phone to be managed.
Many of the improvements in Windows Phone 8.1 will come in handy for business users, like the ability to make Skype calls right from the phone dialer or to switch from a phone call to a Skype video call (which might be an incentive for you to check out Skype-Lync connectivity) and the new week view in the calendar (complete with weather forecasts for each day).
The Office Remote app already let users control a PowerPoint presentation or other Office documents on their PC using their phone wirelessly. But with Windows Phone 8.1 they’ll also be able to plug directly into a PC and show an app on screen, which will be an easy way to share anything from a presentation to a web page. Some new handsets will support Miracast wireless display, for showing content from the phone on a monitor, TV or projector directly. Windows Phone chief Joe Belfiore has said that the Lumia 1520 may be powerful enough to support Miracast, but that this isn’t confirmed yet.
Bringing Internet Explorer 11 to the phone, complete will full hardware acceleration, puts Windows Phone 8.1 at least on a par with other smartphones and possibly ahead. You may not care much about WebGL support for business sites, but inline video playback will be useful – for example, if you have training videos on your intranet that users prefer to watch on their phones.
Being able to sync favorites between the phone and desktop makes it easier to manage them on a PC rather than on the phone’s small screen and touch keyboard. And just as you can access tabs you have open on other PCs signed in to the same Microsoft account in Windows 8.1, you’ll be able to see tabs open in IE 11 on Windows Phone 8.1 straight from IE 11 on your PC. That means if you come across a useful web page on your train commute to work you can quickly open it on your desktop to copy information.
As with Windows 8, website passwords will sync between devices, making it easier to have users have complex passwords without worrying about them being difficult to type in on a phone (although not passwords for domain resources, so you don’t need to about those being vulnerable).
The Data Sense feature that tracks how much bandwidth you’ve used against your monthly data allowance gets more aggressive about saving bandwidth by compressing images, stripping out adverts and only fetching content currently visible on screen rather than preloading the rest of a long web page. Microsoft estimates that can save 60-80 percent of browsing bandwidth, which will be welcome if you cover the cost of employee data plans.
Data Sense switches browsing to Wi-Fi as you get close to your data cap; that will be more useful with the new Wi-Fi Sense feature which will automatically connect to free hotspots, entering the username and password for you automatically and accepting the terms and conditions. Again, Wi-Fi passwords to access points you’ve used in the past are shared from your PC, which makes getting online much more convenient. Cortana can turn Wi-Fi back on automatically when users get to the office if they mark that as one of their favorite places, so you can use Wi-Fi offloading to switch browsing from mobile to the office wireless network for added security (and to save money on data plans). Remember, you can manage Wi-Fi profiles on Windows Phone 8.1 handsets using MDM if you want more control.
Windows Phone 8.1 shares many more app features with Windows 8.1, which makes it easier to develop a custom business application that works on both. If you’ve added the code to internal websites to create a live tile when a user pins them to the Start screen, that works on the phone as well. And developers can now make universal apps with the same features on phone and tablet and a single licence covers running the app on both. And if you’re concerned about business data inside an app ending up on an SD that could be taken out of a phone (even though it’s encrypted and you can block files from being visible), you can block your apps from installing onto SD.
Apps can roam their data from device to device, so users won’t lose their customizations and data if they upgrade to a new phone, but they have to enable two-factor authentication for that to work, making their device more secure for work information too. And crucially for business applications, passwords, passcodes, and other access information can be stored by an app, but they live in the secure Credential Wallet (and as with Windows 8, enterprise credentials like Active Directory passwords don’t roam between devices). Even signing in to the Microsoft account that users set their phone up with is more secure, using the same code as Windows 8 and sign-in pages hosted in the cloud so Microsoft can update the sign-in security without waiting for carriers to approve an OS update.
Most people think of Bluetooth Low Energy as for wearables like fitness sensors, and if you’re running a campaign to improve office health by getting people to wear fitness trackers, Windows Phone users no longer miss out. But you might also want to think about using BLE locator tags on equipment that’s can get left behind by field workers; these little tags give you an alert if you (and your phone) get too far away from the tag on your equipment.
There’s better support for those using NFC tags as well. As long as your NFC hardware has a PN547 chip, Windows Phone handsets can write to unformatted tags, make them read-only to prevent tampering and communicate with other contactless cards (for example to copy information). Combining that with the virtual smartcard feature or the ability to lock a handset to run only one or two apps with assigned access gives you interesting options for using Windows Phone like an embedded device.
This leaves very few issues for businesses to be concerned about with Windows Phone 8.1, and a number of opportunities that make it a very interesting smartphone for business.