Windows 8.1: Ready for the Enterprise

Windows 8.1 with hi-res wallpaper background

I’ve been talking a lot about moving to Windows 7 lately and the end of life for Windows XP but I haven’t said much about Windows 8, a fact which one of my friends and a former colleague at Microsoft called out on Twitter:

twitter conversation with @RicksterCDN

It’s true. Most of our customers, especially those who are just now grappling with the daunting task of moving from Windows XP, haven’t shown much interest in Windows 8. Why? Well, Windows 8 is the first release of a new Windows version , it has been out less than a year, and there has been a greater focus consumer elements, rather than corporate functionality. However Windows 8.1, due to be released later this year, may reveal enough enterprise ready features to make a more compelling business case.

A comprehensive feature list which will continue to be updated can be found in the Microsoft TechNet article What’s New in Windows 8.1, however, here are some that I found to be of particular interest. Go to the article for the official word on these features – below I’ve copied some of the official verbiage and added my own interpretation and commentary:

Workplace Join

A Windows 8 PC (or Windows 7 or earlier) is either domain joined or not.  As a member of the domain, the user could access corporate resources (if permissioned) and IT could control the PC through group policy and other mechanisms.  The Workplace Join feature allows a middle ground between all or nothing access, allowing a user to work on the device of their choice and still have access to corporate resources With Workplace Join, IT administrators now have the ability to offer finer-grained control to corporate resources.  If a user registers their device, IT can grant some access while still enforcing some governance parameters on the device. This is great news for organizations looking to support Bring Your Own Device (BYOD).

Work Folders

Work Folders allows a user to sync data to their device from their user folder located in the corporation’s data center. Files created locally will sync back to the file server in the corporate environment. This syncing is natively integrated into the file system.  Note, this all happens outside the firewall client sync support. Previously, Windows 8 devices (or Windows 7 or earlier) needed to be domain joined (or required domain credentials) for access to file shares.  Syncing could be done with third-party folder replication apps. With Work Folders, Users can keep local copies of their work files on their devices, with automatic synchronization to your data center, and for access from other devices. IT can enforce Dynamic Access Control policies on the Work Folder Sync Share (including automated Rights Management) and require Workplace Join to be in place.

I think this is huge. It allows IT to give users the flexibility they need to work locally or offline while making sure company assets are backed up and aren’t scattered all over non-IT managed Dropbox, Google Docs and Skydrive accounts. I can’t wait to be able to use this feature. Of course, you’ll likely have to have Windows Server 2012 R2 running in the data center to make it all work.

NFC Tap-to-pair Printing

Tap your Windows 8.1 device against an enterprise NFC-enabled printer and you’re all set to print. No more hunting on your network for the correct printer and no need to buy a special printer to take advantage of this functionality. Simply attach an NFC tag to your existing printers to enable this functionality.

Ah a girl can dream! How much time have I wasted going to a new office and trying to figure out how to print? Too much. For such a fundamental task, it’s still a big headache for IT and users alike in large corporations.

VPN

Support has been added to have an app automatically trigger a VPN connection. Such a little thing but so needed. In fact, I have to wonder what took so long for this to happen. As a mobile worker who works 85% of the time outside the walls of the corporate office, there are so many times that I try to bring up an app or access a website only to get an error because I’m not connected to the VPN. It only takes a few seconds to fire up my VPN client, but if you multiply that by how many times I have to do it, it adds up.

I miss having Direct Access but as most organizations are still using some sort of VPN, this to me seems to be the next best thing.

Remote Business Data Removal

Corporations now have more control over corporate content which can be marked as corporate, encrypted, and then be wiped when the relationship between the corporation and user has ended. Corporate data can now be identified as corporate vs. user, encrypted, and wiped on command using EAS or EAS + OMA-DM protocol. This capability is requires implementation in the client application and in the server application (Mail + Exchange Server). The client application determines if the wipe simply makes the data inaccessible or actually deletes it.

This security feature should make some organizations less skittish about allowing users to work on their own devices with corporate data for applications that can make use of this.

Pervasive Device Encryption

Device encryption previously found on Windows RT and Windows Phone 8 is now available in all editions of Windows. It is enabled out of the box and can be configured with additional BitLocker protection and management capability on the Pro and Enterprise SKUs. Consumer devices are automatically encrypted and protected when using a Microsoft account. Data on any Windows connected standby device is automatically protected (encrypted) with device encryption. Organizations that need to manage encryption can easily take add additional BitLocker protection options and manageability to these devices.

And last, but not least, the UI enhancements that so many have been waiting (not so patiently) for:

Boot to Desktop

Configuration options are available to allow booting directly to the desktop in Windows 8.1. My understanding is this will be configurable by group policy for IT organizations.

Desktop and Start Screen

Improvements have been made to better support users who prefer a mouse and keyboard experience to access applications. And although touch screens are becoming more prevalent, I would guestimate that about 90% of corporate users are still needing to use a keyboard and mouse, so this is important.

For a good look at the user interface in Windows 8.1, check out this short 4 minute video.

While this all might not totally convince you to run right out and move all your users over to Windows 8 in anticipation of bumping them up to 8.1 when it releases, I’d encourage you to keep an eye on what Microsoft is up to as it seems they’re listening and making serious efforts to address the needs of the enterprise with Windows 8.1.

signature2 (100x78)



Leave a Reply

Your email address will not be published. Required fields are marked *