Microsoft released Windows 10 Technical Preview for Enterprise earlier this week. Apart from the user experience improvements, Windows 10 includes enterprise-grade security, identity and information protection features, reducing complexity and providing a better experience for the modern needs of business. Microsoft has also simplified management and deployment to help lower costs, including in-place upgrades from Windows 7 or 8 that are focused on making device wipe-and-reload scenarios obsolete. While Microsoft didn’t provide details on each of the improvements in these area, Oliver Niehus from Microsoft blogged some of the improvements few days back. However, the blog post is now not online.
Here is an excerpt from his blog post,
Some quick facts about security investments in Windows 10:
- We have heard about your challenges with Windows 8 and Microsoft Accounts (MSA)
- We have made Azure Active Directory (Azure AD) a first class citizen.
- You can use Azure AD identities to log in to your device so users get the same benefits as using an MSA such as store access, settings sync, and live tiles.
- Organizations can now use their existing AD, federated in the cloud with Azure AD, to do everything they need. No Microsoft Account needed.
- Windows 10 includes next generation user credentials
- Password alternative, easy to deploy
- Enables SSI everywhere
- Users get greater convenience while also being more secure
- Supports Enterprise authentication scenarios as well as consumer authentication scenarios like logging on to a web site
- Data protection is a concern we hear a lot about – the need to protect enterprise data against inadvertent disclosure across devices
- Many existing containerized solutions have confusing and hard to support UX
- Threshold builds data protection into the natural flow
- Integrates data protection at the platform level
- Per-Application VPN (allows only specific apps to be on the VPN)
- Application white-list manage by IT using MDM
- Supports both modern and desktop applications
- Administrators can restrict remote access to specific applications, and / or with specific port/IP address. For example, IT can allow IT access over the VPN, but restrict to specific ports or IP addresses.
- Integrated with Enterprise Data Protection platform: IT can use the same list of apps for EDP and allow them to access the VPN.
- Compatible with existing Windows 8.1 VPN applications: existing inbox VPN clients or Windows Store VPN clients for Windows Phone 8.1 will work with this functionality.
- Always-on Connectivity
- Allows the devices to be always connected to corporate network: the VPN connectivity starts at user log in providing a seamless connection experience.
- MDM solutions can push the “always-on” VPN profile to mobile devices, without making changes to the supported 3rd party VPN applications (Windows 8.1 inbox, Windows Phone 8.1, or new Threshold third party VPN clients).
- Improved User Experience: users will have a familiar user experience across Windows Threshold devices. Additionally, 3rd party VPN providers will be able to provide their own User Interface.
- Expanded Manageability Options
- 3rd party MDM solutions can manage both Windows and Windows Phone VPN based remote access
- Open to all 3rd Party VPN providers:
- Any VPN service provider can create a remote access app that leverages these new capabilities.
- Store based app distribution:
- 3rd Party VPN client apps will be distributable through the Threshold Windows Store
He also revealed some improvements made in Windows Store. Enterprise can now purchase apps in bulk, deploy those apps using a variety of scenarios, and manage the licenses (reclaiming and reusing, e.g. when an employee leaves the company). Another important feature in Windows 10 is the support using Azure Active Directory accounts for acquiring organizational apps.
The Windows Store will also support more than just modern apps. It will add desktop apps, as well as other types of digital content. We will provide many different ways to pay for apps. And we’ll provide an organization store within the public Windows Store, where an org can place their own curated list of public apps as well as specific line-of-business apps that their employees need.
Through the new Volume Purchase Program, we’ll provide the ability to acquire apps for the organization, paid for using a purchase order, invoice, or credit card. We’ll provide license management for those apps, enabling organizations to reclaim and reuse licenses (e.g. when an employee leaves the company). You will be able to deploy apps in a variety of ways: Download the installation files and put them in your custom images or deploy them using your existing management infrastructure. Send an e-mail link to a remote user. Install apps even when not connected to the internet.
Also, enterprises can now set up their own app store within Windows Store which allows them to list their internal apps. I guess Microsoft will be talking in detail about all these features in the upcoming weeks. Just keep one thing in mind, Windows 10 will be best OS ever released for enterprises.