So here we are just over 10 weeks since the world got its hands on Windows 10, and it’s been quite a couple of months: over 100 million installs since last count, a whole range of exciting new devices launched to the world (how exciting does Surface book look?!), and the ever closer launch of Windows 10 for phones (come on who wants a Lumia 950XL? Me!). Add to all that I, like many of you, are running Windows 10 and really enjoying it.
Windows 10 since its launch has had lots of coverage and I've no intention of covering many of those things again. There’s plenty of excellent posts already talking about some of the user experience and consumer enhancements, everything from the start button, to continuum and universal apps. As important as I think those things are, getting the user experience across multiple devices is key to Windows10 success, those things aren’t really my area. I like many of you work with Windows 10 in the enterprise, deploying it, supporting it and delivering application to it. With that in mind, I wanted to write an article that focuses elsewhere and looks at some of the enterprise enhancements and capabilities that you will find tucked away inside this shiny new operating system and its ecosystem. Lets look at how those enhancements help answer some of the Windows 10 questions the enterprise are asking.
So what Windows 10 questions are the enterprise asking?
You’ll have no doubt heard a few of these, but these are the things I’m getting asked:
- If 10 really is the last “release” of Windows and all subsequent releases will be automated transformations of this base release – do you want your secure corporate desktop just updating?
- What about all my mobile users, how do I make their experience better and my life easier?
- And of course, once the enterprise has decided the time is right, the enterprise IT guys biggest problem is, how on earth do I get this out there?
Recently I got the chance to learn the answers to many of these questions when I caught up with Microsoft’s own Ed Baker (check Ed out at his blog or here on the TechNet UK Blog). What were some of the key enterprise takeaways I picked up? That’s where the rest of this post comes in.
I’ll contradict myself and start with a couple of “look and feel” type things first:
Broad Device Range on a Single Platform
Windows 10 is designed as a single operating system that can run across any form factor; from an enterprise point of view this is really valuable, one operating system from PC down to IoT devices means one OS to manage, one set of rules and policies across all of your devices. The more I play with the mobile versions of Windows 10, the more realistic this looks and that’s certainly a very powerful feature for us looking to manage our device estates.
Familiar experience is key in an enterprise roll out, the last thing you want after rolling that OS across all of your devices is endless phone calls about how do I do this and that – the return of a familiar start button and a desktop experience means easier transition for users.
Alongside that, the ability to deploy, manage and control your desktop estate is critical for an organisation, and here it looks like Windows 10 is delivering some smart stuff. I think firstly, Microsoft have grasped the idea that the end user device world has changed greatly - I thought this “evolving Business Needs” graphic summed it up:
So how is 10 helping in this mobile-first, device-first world? How are Microsoft solving the challenges of the move from the recent past? Here’s the top 5 things I took from Ed’s session:
It doesn't matter the size of your end device estate, managing the pesky fellas is the trick and Windows 10 delivers a great range of options for this. Of course if you are a large desktop estate with an investment in a desktop management suite or System Centre, then 10 continues to plug into that. What’s more impressive, however, is the range of cloud management solutions available in 365 and Azure, and the way Windows 10 seamlessly integrates in, providing ability for a level of device control regardless of the location of the user. Even those who never come into the office or bring their own devices into your organisation can be simply and effectively controlled. And remember, one OS across multiple device formats means a single set of rules can manage all kinds of devices.
This is probably my favourite Windows 10 feature – the ability to interact with Azure Active Directory. How many times have we built a machine away from the office, got to that bit where we need to put in our domain credentials and then have to start messing around hooking up with the office, or wait until the next time we are in? Azure AD is you friend here, and the support for joining an Azure AD from your Windows 10 device is your BFF! (one for the kids!) If you don’t know, Azure AD is, not surprisingly, a cloud replica of your domain and its credentials, so if you use Office 365 you are already using Azure AD. It provides a single sign on across all of your 365 business applications, email, OneDrive, SharePoint and Skype for Business. It also extends beyond this providing single sign on to multiple 3rd party services as well. Windows 10’s ability to interact with this means you can join your company’s active directory without having to be physically connected to your on premises domain, this makes life so straightforward and is a feature you will love!
Ok, I'm bought in, now how on earth do I get this wonderful OS out onto my machines? The choices are plentiful.
One that really caught my attention was the provisioning option. This is designed for those new machines, out of the box, that need your enterprise configuration dropped on them. Today, how would you do that? Drag it into the office, get your corp image, then image it… yep, already taking too long. And what if that user never comes to the office and has bought a shiny new laptop? Or how about a user is working away and loses his device, how do you get a new one to him and have it brought into line with corporate policy? Well what if you could predefine a workflow that then changes the deployed OS to meet your corporate standard? If your user has bought a new laptop with Windows 10 and you wanted enterprise and some configuration changes, you send them a deployment pack, they access it, and just like that the machine is configured.
Windows as a Service
Last up in my Windows 10 top 5 is the much discussed Windows as a Service, this is the idea that, if this is the last version of Windows that we ever see (bit like the Men In Black, last suit idea!) and everything else will be incremental advances that automatically get dropped into the OS, how does that impact my enterprise IT setup? Do I want random updates to my precious enterprise build – well of course not.
Microsoft know that too, so welcome Windows Update for Business, this delivers a number of key controls for the enterprise, the idea of roll out rings (familiar to those who have been on the Windows Insider programme), the ability to define maintenance windows, peer to peer delivery (the ability for your device to get updates from other devices on your network, not just update servers), and of course if you’ve invested in System Centre to manage this, don't worry, that is supported as well.
Microsoft also have not forgotten our “special systems” those critical machines that can’t be changed, you can ensure they only ever get security updates, with no new functions or features ever added.
I have got to say, I came away from Ed’s session really impressed. There was some stuff I’d already used (the Azure AD integration) and some stuff I wasn’t aware of, but lots to be enthused by. If you’re in enterprise IT and considering a move to Windows 10, I’d suggest giving it a proper look; there’s lots of great stuff from an experience point of view, but also lots of excellent enterprise capability to help you deliver your IT better.
If you want more info from Ed Baker check him out on twitter @edbaker1965, on his blog at ed-baker.com, or on his regular articles here on the TechNet UK Blog. Or if I can help, look me up in the normal places, Twitter, LinkedIn or drop me an email.