Much of the buzz around Windows 10 has been on its consumer features, such as the Cortana virtual personal assistant and Xbox integration.
However, IT managers and CIOs will find there is a lot they need to understand about Windows 10 before they put the OS into the hands of business users.
Stephen Kleynhans, research vice president at Gartner, noted that Windows 10 introduces significant new enterprise capabilities around security, management and application deployment, and will fundamentally change how PCs and mobile devices will be used and supported in enterprises.
Here are 10 things enterprises need to know about Windows 10 before taking the plunge:
1. A more familiar user experience
With the return of the Start menu and a user experience that feels more like Windows 7 than Windows 8, Kleynhans said Windows 10 will be far less disruptive to users. The new OS also includes the “better aspects of Windows 8, such as support for live tiles, lightweight mobile-style apps and touch friendliness”.
While users should not require any significant training, IT managers should begin working with Windows 10 to understand how it can fit into existing rollout plans, particularly those involving tablets and hybrid PCs.
2. A single OS for a range of devices
Windows 10 will be the same OS that powers Windows PCs, smartphones, game consoles and Internet of Things (IoT) devices, which can now run a common set of applications called Universal Windows apps.
Universal Windows apps are designed to operate like smartphone or tablet apps. They are delivered through a customisable store, are updated automatically, and will run on any Windows 10 device, automatically adjusting its user experience to match the device.
Kleynhans said aside from portability, Universal Windows apps are more secure, easier to deploy and maintain, and represent Microsoft’s strategic direction for future native app development.
3. New ways of securing data and devices
Windows 10 comes with a slew of new security measures for authenticating users, protecting data on employee devices and “hardening” devices against attacks.
For starters, Microsoft Passport replaces basic passwords with more secure multi-factor authentication techniques that can use local PINs, or biometric authentication on supported hardware.
Kleynhans said these techniques will help organisations guard against phishing attacks using stolen user names and passwords, since hackers will need physical access to something users would have locally, or, in the case of biometrics, their faces or fingers.
With Windows 10, corporate files are automatically encrypted to ensure only those with registered devices can read the data. It can also prevent employees from copying and pasting information to non-corporate locations. Files copied to portable storage devices such as flash drives will remain encrypted.
Windows 10 also includes anti-tampering measures, such as a secure boot procedure that ensures that only approved device firmware, OS, apps and services can be loaded.
Additionally, some sensitive portions of the OS have been moved to a hardware-based secure environment using virtualisation to further protect them from attacks – even if the Windows kernel has been compromised.
Kleynhans noted that while the new security features have significant promise, they still need to be tested on the ground. Furthermore, not every enterprise will be ready to adopt them.
“Making these security features part of your daily processes will take careful planning and may be most easily implemented on new hardware,” he said.
4. Windows 10 will drive you towards the Microsoft Cloud
As Windows 8 required users to have a Microsoft account in order to access the Windows Store, business users who didn’t have one were unable to update the apps bundled with the OS.
With Windows 10, Microsoft has made it possible for enterprise users to access Windows Store by syncing their Active Directory (AD) based corporate login credentials with Azure AD, effectively drawing enterprises into the Microsoft Cloud.
Kleynhans noted that enterprises who are already moving to Office 365 or Intune – Microsoft’s mobile device management service – would have already done so, but others may not have been considering it.
“It will be possible to run a production Windows 10 environment without the links into Azure AD, but it will be more difficult to manage and limit some capabilities. Azure AD is becoming inevitable for organisations that wish to use Microsoft’s enterprise products and services,” he said.
5. Easier to deliver apps, but you will probably need Intune
Windows 10 now makes it easier to deliver both commercial and internal apps to employees via the Windows Store. With some packaging work, legacy Win32 applications can also be delivered through the store.
While enterprises can continue using existing enterprise mobility management tools, Kleynhans said Microsoft’s Intune will offer a more complete solution (including managing Office) sooner.
“Enterprises should begin looking at how Windows 10 and the Windows Store could be integrated into current PC management and application delivery processes,” he said.
6. New servicing model
“Microsoft has somewhat confusingly taken to referring to Windows 10 as a service,” Kleynhans said, adding that this isn’t accurate in the strictest sense, particularly when compared to services like Office 365 or Salesforce.com.
He noted that what Microsoft means is that once a customer has Windows 10 installed on a device, keeping the OS up to date will be handled automatically, including not just security fixes, but also new features and capabilities.
In that sense, Windows 10 is the last major upgrade of its type and future “upgrades” will happen automatically, as smaller updates evolve the functionality of the OS on a regular basis.
While many of the changes coming with Windows 10 are somewhat optional and don’t need to be addressed immediately, this is not the case for the new servicing model, he said.
It will impact every organisation rolling out Windows 10, and requires some evaluation and rework of internal processes related to testing and deploying software.
7. Windows 10 will be easier to migrate to
While some enterprises took as long as 18 months to prepare their migrations from Windows XP to Windows 7 due to compatibility issues, the migration to Windows 10 is expected to be easier.
Apart from minor issues with security tools like virtual private networks or encryption drivers, Kleynhans said most organisations will find minimal or no compatibility issues, thus slashing the preparation time – including piloting – to under six months.
That said, an application that runs well in Windows 10 does not mean it will continue to be supported on the new OS. Kleynhans advised enterprises that require Windows 10 support to start discussions with their app suppliers immediately.
8. New Web browser
Internet Explorer (IE) was problematic for app developers and companies, who had to ensure their Web apps would run in the browser. With Windows 10, Microsoft has introduced its Microsoft Edge browser based on Web standards, similar to Chrome. The new browser also sports a number of new capabilities, such as the ability to markup and share a Web page, and to save a webpage for offline reading.
IE11 is still included in Windows 10 for legacy compatibility, but users who click on hyperlinks will be directed to Microsoft Edge by default. Enterprises can change these settings through group policies, plus they can also set up tables to direct specific websites to one or the other browser.
9. Free Windows 10 upgrade is not really free for most enterprises
The free Windows 10 upgrade for Windows 7 and 8.1 users comes with strings attached, making it less suited to most enterprise customers. For one thing, it limits flexibility with regards to imaging rights and deployment options.
As such, Kleynhans advised enterprises to enter into volume licensing agreements through Microsoft’s Software Assurance (SA) programme, which remains the only way they can get exclusive access to Windows 10 Enterprise and its advanced security and management features.
Kleynhans said these exclusive features will be more compelling to a much broader set of customers than previous Enterprise features, and organisations need to re-evaluate whether to purchase Software Assurance and Windows 10 Enterprise, because the value proposition has changed significantly.
10. Windows 10 is inevitable
The most successful release of Windows ever was Windows 7, which is currently used by over 90 per cent of enterprises.
However, with extended support for Windows 7 ceasing in January 2020 and the likelihood that Windows 10 adoption will increase significantly due to the free consumer upgrades, software developers will reduce support for Windows 7 over time.
In fact, Kleynhans said it may become difficult to run Windows 7 on new PCs starting as early as 2017, as vendors will choose to not backport their drivers and support utilities to the older OS.
As such, he called for enterprises to draw up a roadmap that outlines major milestones on the way to removing Windows 7 before 2020 and, at a minimum, be prepared to purchase new machines with Windows 10 starting by 2017, at the latest.
“Organisations should start purchasing new PCs with Windows 10 immediately and use downgrade rights to continue running Windows 7 until they are ready to move forward,” he said.
