With Windows 10, Microsoft Evolves Its Mobile Device Management Efforts
- By Kurt Mackie
- January 14, 2015
The Windows 10 operating system will bring mobile device management (MDM) improvements to Microsoft's enterprise offerings, according to a top Microsoft executive.
Speaking in a presentation Tuesday, Brad Anderson, Microsoft corporate vice president for Enterprise Mobility, said that Microsoft plans to center its Intune and System Center Configuration Manager (SCCM) products on Windows 10's mobility management features.
Anderson answered questions during a Q&A portion of a Microsoft-produced "Success with Enterprise Mobility" presentation, a series of talks that are moderated by research and consulting firm IDC. The prerecorded part of Tuesday's presentation also included participation by Michael Wallent, director of program management for Intune and SCCM.
IDC Research Director Stacy Crook noted during the talk that the MDM market has just "passed the billion-dollar mark," while Anderson described it as "still in its infancy." Microsoft's research on organizations implementing MDM has shown that 37 percent of the time it's the SCCM team that is responsible for MDM, while 32 percent of the time it's the Exchange team, Anderson noted.
Wallent said that access to secure e-mail is the main application that has been driving the bring-your-own-device (BYOD) phenomenon in organizations, necessitating MDM capabilities. Secure e-mail access on mobile devices needs to be compliant with IT policy and it needs to use a consistent infrastructure, he contended, which Microsoft is supporting with its Intune device management service and with Active Directory identity management.
The next step for organizations rolling out MDM deployments is to go beyond providing just e-mail access to include access to all productivity applications, which requires having the same data compliance rules in place for a mobile device as for a PC in the workplace, Wallent added.
SCCM To Get More Agile
Anderson plugged Intune's service-delivery aspect, claiming that the Intune service is typically ready to manage a new Apple iOS release on the first day of an iOS release. Microsoft can update Intune faster as part of a managed service than it can update its SCCM product. However, during the Q&A, Anderson also clarified that Microsoft is working to make SCCM more agile so that it can be updated on a more frequent basis via "a cache in the cloud." That work is one of his team's top five priorities, he said.
"Some of this [effort to increase the agility of SCCM] is going to require us to deliver a service pack down on top of Config Manager...to make it more updateable to these WE packs," Anderson said. Wallent explained that "WE packs" are extensions. They include new features that can be brought into an organization's infrastructure without deploying a service pack, he added.
Anderson claimed that providing access to Microsoft Office applications was part of the MDM push. He reiterated a past claim that Microsoft's management solutions and Enterprise Mobility Suite licensing offered a unique market solution for organizations compared with other vendor solutions.
"If you want the ability to deeply be able to manage the Office mobile applications -- things like have them participate in containers, being able to manage copy/paste, be able to do conditional access -- those types of access, you need the Mobility Management Suite from Microsoft," he said. "You cannot do that with an AirWatch or MobileIron -- any of the other MDM solutions out there."
Containers and Windows 10
Much of Microsoft's MDM efforts is focused on the use of container technology, which provides a consistent interface for managing devices. Anderson noted that Apple has put an MDM layer into its Mac OS, and that's the same sort of thing that Microsoft has been doing with Windows 10.
"If you take a look at what we're going to be shipping with Windows 10, the MDM layer that my team built that's available in Windows 8 will actually be a consistent layer across all devices, all form factors and all of the different Windows operating systems and devices," Anderson explained.
He added that since Microsoft has built containers for iOS and Android, it has recognized that "there are some things that you can do only when you are the operating system vendor" to make things easier for end users. Anderson's team has specifically focused on building "data leakage protections" into Windows 10.
"I think that Microsoft, with Windows, will be the first operating system that really delivers a really capable and very easy to use data leakage protection solution by the container in the operating system," Anderson said. He added that Microsoft believes that, over time, all operating systems will ship with such data protection capabilities built into them.
"Windows 10 will have it," Anderson said, adding that "we also think iOS and Android are going to do that."
On iOS devices today, containers are used to separate corporate content from personal content. It's done by blocking the sharing of content between corporate apps and personal apps, Anderson explained. When a user tries to paste content from a consumer app, the paste option doesn't appear when using today's iOS devices, Anderson said. In Windows 10, a dialog box will pop up telling users that the paste action is restricted. Windows 10 will include an override button, but the user will get informed that IT will log the paste attempt if that's tried. That Windows 10 capability, making things easier for end users, is an example of why having access to the OS is important, Anderson explained.
Microsoft plans to "light up" this container technology in Intune and SCCM when Windows 10 is released. So far, Microsoft has seen "very few issues with SCCM 2012 and even SCCM 2007" during Microsoft's testing of Windows 10. The company expects to release "a few minor updates to SCCM 2007 and SCCM 2012" that will add support for Windows 10.
"We're going to do work to make sure that [SCCM] 2012 and [SCCM] 2007 are compatible with Windows 10...as soon as it's available in the market," Anderson said.
Windows 10 is still at the preview stage and likely will get commercially released in the latter part of this year, based on past explanations from Microsoft. A new preview build of the OS is expected to be announced on Jan. 21.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.