Windows 10: The acceleration into a mobile-dominant enterprise architecture

Picture credit: Microsoft

As Microsoft pushed through its staged rollout of Windows 10, beginning at 0500 BST today, many in the mobile enterprise see it as a milestone for greater productivity and efficiency.

Naturally, enterprise mobility management (EMM) providers are falling over themselves to provide support for the nascent ‘Windows as a Service’ OS straight out of the box. But should organisations jump in?

Noah Wasmer, end user computing CTO and VP product management at VMware, notes enterprise buy-in is “all over the map, as you would expect”, but in his experience, the more conservative businesses are going to take up Windows 10 more aggressively. He tells Enterprise AppsTech: “There are some customers embracing this model that are saying ‘we rejected security packs for a while because we were concerned about application compatibility’... [which] put the business at risk.

“They’re starting to really embrace Microsoft’s mantra of ‘this is a service’ and...just like iOS, you have to embrace these security patches because it’s what’s going to keep your organisation sound.”

Part of the reason for this move, Wasmer argues, is that organisations are “so far behind” on Windows 7, and even Windows XP, that they have to embrace 10 quickly. Companies who will take longer may do so because they are comfortable with their application compatibility. Naturally, moving them to Windows 10 securely is one of the aces in VMware’s pack, with solutions such as Horizon FLEX on offer. FLEX enables different platforms to run a Windows 10 container directly on the endpoint, meaning end users can get a taste of 10 without having to lug the desktop all the way over to the new platform.

More than that, however, Windows 10 arguably represents a sea-change in terms of a modern, mobile, enterprise architecture. EMM vendor MobileIron summed it up best in a recent whitepaper informing enterprise customers of the change. “With Windows 10, enterprise IT can truly begin to shift from a security-focused legacy infrastructure to a modern enterprise architecture that prioritises a highly productive, secure, and unified user experience across multiple devices,” it reads.

Wasmer sees it similarly. “We do think it represents a pretty dramatic way in terms of how enterprises are going to think about managing their devices,” he explains. “This is one of the first times we’re seeing the core operating system now have what we call these ‘EMM primitives’ inside the operating system. Right from the initial power on, we can enrol the device into what we call EMM, and get the device configured, registered, set up applications, and give this great unified experience.”

This transformation is achieved through phasing out group policy objects (GPOs), where you just join a device to a domain, to a cloud-based model where EMM can manage all capabilities directly through the operating system. Whereas in a previous life, your salespeople jumping in and out of planes meant they couldn’t be connected to the corporate network through their mobile device,

As MobileIron puts it: “EMM is quickly becoming the core device management platform in the modern enterprise because it enables business users to securely access enterprise data from any device, on any network, without compromising data security.”

One other key area where Windows 10 could benefit the enterprise is through identity. This publication has already examined the potential areas where Microsoft and VMware cross over in that space, but the new features for 10 are intriguing. In some cases, it is a development on the Windows 8 philosophy of using a cloud account which could link devices. The consumer nature of that put off many enterprises, but as VMware fully integrates with Azure Active Directory, there should be greater ease of use.

Particularly of interest, however, is new FIDO-compliant credentials; moving beyond passwords and towards biometrics with Windows Hello. Wasmer notes: “Even in Gartner’s MQ they included identity management as one of the new pillars – device management, app, content, and now identity. Essentially these devices are not always going to be connected to the internal corporate domain – that world is long gone.”

He adds: “Instead, whether it’s a remote worker, a corporate-owned device being shipped to an employee, whatever it may be, when they first fire up the desktop they may not be on the corporate LAN, and we want to be able to connect them as quickly as possible, have that security, have that trust of who that user is.

“With VMware Identity Manager and solutions like Microsoft Azure that we work with, we can now say that we can extend this out to any device that’s, as soon as they power on, gets that valid token based on your credentials. [It’s a] model that we think is now truly for the mobile cloud era.”

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.