Secure Productive Enterprise: Specifications for the Modern Enterprise


Written by John Stasick, Jeff Beckham & Todd Meadows –

Introduction:

During the second half of 2016, Microsoft introduced a new solution set: the Secure Productive Enterprise, or SPE for short. A combination of Windows 10, Office 365, and the Enterprise Mobility + Security platform, SPE represents a clear, simplified path for an enterprise to evaluate, purchase and deploy their foundational digital infrastructure. At face value, one might primarily interpret SPE as simply a bundle or a licensing vehicle. In fact, simplified licensing is part of the story, but it is not the story. The Secure Productive Enterprise represents much more. SPE is Microsoft’s prescriptive set of specifications and technologies for running any modern enterprise in a “cloud first, mobile first” world.

Specifications for Running a Modern Enterprise:

If you remember the days of packaged PC software, you might remember picking up a copy of Photoshop, Office, or a game like Halo. After perusing the back of the package, you may have glanced to the side of the box where you would have found two sets of specifications: Minimum System Requirements and Recommended System Requirements.

Each of these spec sets included the OS versions, memory configurations, processor speeds and GPU types that would be needed to either 1) get the software to run or 2) get the software to run with the raw power needed to achieve maximum performance. The tradition of publishing system requirements for consumer and enterprise software is very much alive and well today:

Those system requirements are an effective analogy to what the Secure Productive Enterprise really is. With 2 configurations — SPE E3 and SPE E5 — the Secure Productive Enterprise represents Microsoft’s “must do” (i.e. minimum) and “should do” (i.e. “recommended”) specifications for running and securing a modern workplace.

Secure Productive Enterprise was designed from the ground-up to enable uncompromising productivity, collaboration, mobility, business insights and a secure experience, giving your company the foundation to compete, excel, and grow. Let’s take a look at the two sets of SPE specifications side-by-side:

Minimum and recommended specifications across 3 foundational enterprise platforms: Office 365, Enterprise Mobility + Security and Windows 10

A common question here is: why is there both a “minimum” and “recommended” set of specs? It’s a great question, with a relatively simple answer. Given that every customer and company is at a different point in their unique digital transformation journey, the two spec sets give companies choices. One size does not fit all. Some customers require a level of flexibility in answering critical questions such as:

  • What can we prioritize given our current budget?
  • What is the timing around our other vendor/system investments?
  • Have we invested in the right skillsets internally to maximize the solutions?

A fitting example of this flexibility within the Secure Productive Enterprise framework is around the security components of the solution – let’s pick on data protection for just a moment. In a mobile first, cloud first world, without exception security should be the #1 concern of the executive, IT and Infosec teams of a modern enterprise. However, there is a difference in the level-of-effort required for Infosec teams between these two related data protection scenarios:

  1. Identify sensitive data stores (e.g. finance or HR file shares) and then apply encryption policies to the data coming onto or off of the share
  2. Implement an enterprise wide auto-classification system that labels and encrypts all sensitive data at the-point-of-creation without IT or employee interaction.

Scenario #1 requires a simple agreement that the finance and HR users do indeed create and access sensitive information and require the application of a blanket encryption policy for data. Scenario #2 requires extensive consideration regarding enterprise wide classification labels and the numerous, specific policies that must be built out to cover a number of unique situations ranging from code-named projects to M&A to unique PII and beyond.

The project for Scenario #1 can be accomplished in a week and is easily executed in SPE E3. Scenario #2 may take 6 – 12 months and is easily executed in SPE E5. In either case, however, it is not the technology within the Secure Productive Enterprise that is influencing those timelines; it is the enterprise’s readiness around the policy and nomenclature of, in this case, advanced security features like data classification. In this example, this company could immediately accomplish the minimum spec (“encrypt all sensitive data stores”) while then purchasing the recommended spec month’s later when the ground work for an enterprise data classification system has been vetted and approved.

Technology Platforms for Running a Modern Enterprise:

We’re not quiet done with that previous specifications chart just yet. If you look to the first column of the matrix, you’ll see the capabilities that Microsoft believes are required of the Modern Workplace, from authoring to compliance and everything in between.

The dilemma companies face is advancing productivity while maintaining security and adhering to compliance and regulatory policies. This is a significant obstacle for companies struggling to stay competitive. For example, enabling a more mobile workforce can expose your corporate network(s) to increased risk of data leakage and historically requires the need to dictate security practices into the user’s daily activities. The purpose of addressing security in a productivity environment is to ensure the continued effective protection of sensitive information and processes. The difficulty comes in balancing how much security can be implemented without affecting an enterprise’s productivity. With a centrally managed and unified set of security and productivity offerings, an enterprise can focus their time on managing business and not the enabling solutions.

In a nutshell, every modern enterprise needs to get work done, collaborate on it, and protect the work and the people doing it.

Pretty obvious, right? To accomplish that herculean goal (and the specifications that make it possible), there are 3 key technology platforms that come together to form the Secure Productive Enterprise:

  • Office 365: Enables, manages, and protects how work gets done and shared
  • Enterprise Mobility + Security: Enables, manages, and protects who gets work done and where it gets done.
  • Windows 10: Enables, manages, and protects the work environment itself, including providing for diverse workstyles across voice, ink, touch, and new classes of devices.

Those platforms probably aren’t new to you. Office 365 is the world’s largest SaaS application. Enterprise Mobility + Security is among Microsoft’s fastest adopted enterprise solution in history. Similarly, Windows continues to be the primary computing client of choice for the vast majority of the world’s commercial entities.

But what might not be so familiar is how those platforms now come together in surprising new ways. While valuable on their own and quite capable of operating in a silo, that’s no longer how these platforms are designed. Office, EM+S, and Windows are now built from the ground-up to bring critical new capabilities. Together they form the building blocks of digital transformation in the modern workplace in 4 key areas:

Trust: Protect your organization, data, and people

  • Integrated intelligent security
  • Transparency and control
  • Privacy by design
  • Compliance leadership

Collaboration: Create a productive workplace to embrace diverse workstyles

  • Email and schedule
  • Create, share, and find
  • Call and meet
  • Connect and engage

Mobility: Enable your people to get things done anywhere

  • Work from anywhere
  • Access from any device
  • Manage and secure identity
  • Always up to date

Intelligence: Provide insights to drive faster, better business decisions

  • Analytics for everyone
  • Discover relevant content and people
  • Improve personal effectiveness
  • Works for you

In the new world, if you are lacking in any one of these areas, you have an incomplete puzzle — you are likely not competing at your full potential. The whole picture of a modern enterprise only really comes together when each of these areas are addressed in concert to serve the specific needs and goals of the business. There is a lot more to say on each of these “building blocks” of an enterprise digital transformation and we will be posting in-depth articles on each as part of our ongoing Secure Productive Enterprise series.

Summary:

At the end of the day, the Secure Productive Enterprise is not about the 2 “spec sets” or 3 “technology platforms” or even the 4 “building blocks of digital transformation.” SPE is about each company’s unique needs, customers and journey.  SPE is simply a framework to help get from Point A (how do I enable greater productivity while protecting my users, data, and devices in a cloud first, mobile first world?) to Point B (how can I take these experiences to the next level to transform my business in a mobile first, cloud first world?).

Our team looks forward to helping you understand and execute your own journey and digital transformation.

 

 


Comments (0)

Skip to main content