1 / 29

Simplified Windows 10 Management Options for Enhanced Productivity

Discover the latest advancements in Windows 10 management options that enable access and productivity for employees while protecting corporate data and maintaining compliance. Learn from customer case studies and align your management strategy to end-user and IT needs.

hendersond
Download Presentation

Simplified Windows 10 Management Options for Enhanced Productivity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Discover what’s new in Windows management Mamta Kumar Program Manager Windows Commercial Janani Vasudevan Principal Program Manager Lead Windows Commercial jananiv@microsoft.com Twitter: @jananivasudevan BRK3332

  2. Mobility and the cloud is the new normal 66% 25% 33% Employees who use personal devices for work purposes.* Software that will be available on a SaaS delivery by 2020.** Employees that typically work on employer premises who also frequently work away from their desks.*** *CEB The Future of Corporate ITL: 203-2017. 2013. **Forrester Application Adoption Trends: The Rise Of SaaS ***CEB IT Impact Report: Five Key Findings on Driving Employee Productivity Q1 2014.

  3. Organizations need management to… Enable access & productivity for employees Protect corporate data & resources Maintain compliance with reporting Learn how some organizations simplified management directly from them (customer case study) – BRK2108 [Janani et all] – Sep 29 @ 4PM

  4. Windows 10 management options Group Policy System Center Config Mgr MDM [Microsoft Intune or 3rd party] MDM [Microsoft Intune or 3rd party] New configuration policies New policies New configuration policies New config via WMI bridge Azure AD joined Domain joined Azure AD account added COMPANY OWNED PERSONALLY OWNED Attend session: BRK2137 Align your Windows 10 management strategy to end-user and IT needs [Jason & Deen] – Sep 29 @ 4 PM

  5. Windows 10 & Enterprise Mobility Mgmt 26.9% was the YoY growth of the EMM software market from 2014 to 2015 “…The advent of Windows 10, with its MDM like control & management capabilities, is helping drive EMM platforms as the unified control platform..” Source: IDC report on Worldwide EMM software market shares 2015

  6. Our partners that make this possible

  7. Management for every Windows device

  8. Microsoft HoloLens Commercial Suite Development Edition + Enterprise features for security and device management Enterprise Features Kiosk mode Mobile Device Management Azure AD identity & Hello for Business Windows Update for Business Data security Network access – Wifi and VPN Windows Store for Business

  9. Windows 10 Manageability – Roadmap & Architecture

  10. The road to here Windows 10 July 2016 aka RS1 Windows 10 Nov 2015 aka TH2 Windows 10 July 2015 aka TH1 Before Windows 10 • Streamlined self enrollment (user owned) • Platform support for new policy as MDM/group policy +new GP (eg. Allow Camera) • Complete Mgmt. for new features: WIP, WDATP • New MDM/CM config: Reboot, more inventory,, MDM diagnostics report, Kiosk mode updates • AAD Conditional access • WufB: Active hours, Deployment rings, DO • WSfB: paid apps • Phone –Enterprise ready • MDM on Home • Enterprise readiness & gaps – SMIME for outlook, MDM diagnostic, UWP app settings • New MDM/CM policies+ (telemetry, privacy, biometrics, Edge...) • New group policies+ (Hello, telemetry, Defender, Browser…) • WUfB: Defer upgrade, deferral period & EULA accept • WSfB – free apps support • Converged MDM (Phone, Desktop, IoT, SurfaceHub, HoloLens…) • Common mgmt framework (EAS, provisioning) • Automatic MDM enrollment with AAD join • WMI bridge support for config mgr • MDM/Config Manager+ policies • Group policies+ • Windows 8.1 MDM (WMI) • Group Policy/Config Mgr+ • Windows Phone 8.1 MDM (CSP)

  11. What’s on the horizon? Challenges today Where we want to get to Simplified management Management complexity Lesser costs with self-provisioning User self provisioning is complex Orgs have choice of cloud mgmt. Corp network for full PC mgmt. Attend session: BRK3335 Take the road to modern Enterprise device management [Deen] – Sep 27 @ 4 PM

  12. Management Platform – modern & inclusive Group Policy server MDM (Intune or 3rd party) ConfigMgr EAS Provisioning Service/Server Device Provisioning Engine Group policy client EAS Client WMI Bridge MDM Client Common Device Configurator Group policy handler MDM Configuration Service Providers (CSP) WMI providers Group policy User has email profile setup in Mail app & gets mails User has VPN profile for remote access User is protected with security policies PC component (MDM platform) Common component (MDM platform) PC component (Other)

  13. What’s new in the anniversary update?

  14. Existing Windows 10 capabilities New Capabilities in the Anniversary update • Common VPN platform • Per app VPN & lockdown VPN • App triggered VPN • Destination name based VPN trigger • Passport VPN integration • Certificates – SCEP & PFX, Passport • Wifi connection • Simplified Passport deployment • Health attestation • New security policies • Windows Information Protection • Mgmt. of Windows Defender ATP • Azure AD enrollment • Bulk MDM enrollment • Easy enrollment • IT provisioning tool updates • Windows Update for Business • Active Hours, Deployment rings, bandwidth optimization Device & data protected Productive at work Productive on the go Setup device for work Device is current • Easier device unlock; LOB app signing with Ent. cert • Win32 MSI based app deployment • App inventory, app whitelisting, UWP app config • Centennial app mgmt. • Windows Store for Business – paid app (creditcard) • Remote find/wipe • MDM config report • Enhanced logging • Remote reboot • Retire device with server alert • Retire PC when no user logged in • Reliable enterprise config removal Apps from the Enterprise Issue support Retire device

  15. Easier self provisioning Auto MDM enroll with Azure AD Setup device for work …Now with a simpler UX

  16. Demo Unified Enrollment

  17. Productive users anywhere Simplified Hello for Business deployment Management continuity in offline scenarios Windows IoT enhancements Lockdown Desktop kiosk mode Windows Store for Business – Paid apps (Credit card support) Productive at work Look for session: BRK2132: Deploy & Manage Windows Hello for business [Yogesh Mehta] – 9/2 @ 4 PM; BRK3238: Dive deeper into Windows Store for Business [Matt Kotler, Jan Kalis] – 9/29 @ 12.30 PM

  18. Remote access to company network 12:38 Auto connect VPN Always ON App triggered Destination name triggered NEW in 1607 Lockdown VPN – all traffic via VPN AAD VPN (with conditional access) NEW in 1607 XML based profile deployment via MDM NEW in 1607 Productive on the go for business personal

  19. Demo VPN destination name based triggering

  20. In focus: Windows IoT & Lockdown Consistent and predictable device lockdown across form factors Unified Write Filter & HORM AppLocker Layout Control Edge Swipe Policy Keyboard Filter Productive at work USB Access Shell Launcher Control which apps can run Enable a single Universal Windows app experience Enable a single Win32 app experience Easily create read only devices. Improve system uptime Customize the Start Menu layout for special purpose devices Block edge swipe gestures Block hotkeys and other key combinations Only allow approved USB devices Assigned Access Smart Things Purpose built Industry Devices Ruggedized Devices (tablets, handhelds)

  21. Demo Desktop Kiosk mode

  22. Keep user devices protected & current! Notable security policies (MDM & GP) Privacy controls Edge – Extensions, Prompt to open in IE Miracast projection policies Windows Update for Business Active hours Configure deployment rings Delivery optimization policies Device & data protected Device is current Look for session: BRK3136 - Implementing Windows as a Service: Understanding how to do it [Michael Niehaus et all] – Sep 29, 9 AM

  23. Manage advanced security features Windows Defender & Advanced threat protection New policies for Defender PUA Windows Defender ATP – MDM & Config Manager Windows Information Protection Define corporate apps & network boundaries MDM & Config Manager Device & data protected Look for sessions: BRK2082 Onboard your Windows 10 endpoints to Windows Defender ATP [Avi et all] – Sep 29, 2 PM, BRKSSSS Keep work and personal data separate and secure using Windows Information Protection in Windows apps [Derek Adam] – Sep ,

  24. Helping you help users Better Diagnostics MDM resultant policy report Additional logging – Phone & PC Improved tooling Remote Reboot through MDM Reliable on-demand wipe for PC Issue support Look for session: BRK331 Reducing Cost of MDM Device Management through better diagnostics tools [Deen King-Smith] – Sep 29 @ 2PM

  25. Configuration service provider reference http://aka.ms/win10mdm

  26. Resources • Windows 10 MDM reference: http://aka.ms/win10mdm • Group policy ADMX for anniv update: http://aka.ms/win10RS1admx • MDM policies with corresponding GP: http://aka.ms/policymdmandgp • What’s new in Windows 10 for MDM: http://aka.ms/newinmdm • Powershell scripting with WMI bridge:http://aka.ms/UsingMdmWmiBridge • Windows Device Provisioning: http://aka.ms/win10provisioning • Windows 10 Management with Intune: http://aka.ms/win10withintune • Windows 10 Management with ConfigMan: http://aka.ms/win10configman

  27. More questions that weren’t answered today? • I’ll be outside the room for the next 30 mins • Drop by the Windows and Devices Management booth anytime this week • Send me a mail at jananiv@microsoft.com

  28. Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at http://myignite.microsoft.com From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting https://aka.ms/ignite.mobileapp

More Related