The world has changed dramatically since we released Windows 7. Today, security is more important than ever, and businesses need to enable their mobile workforce to be productive anytime, anywhere.
With Windows 10, we’re bringing our entire family of experiences together on one platform from headless IoT devices to the phone, to tablets, PCs, up to the amazing new Surface Hub and beyond into the world of holograms.
With one platform, organizations can build universal apps that span across all Windows devices, while having one management paradigm and security model, saving costs and reducing IT complexity.
Let’s look at all the feature innovations we’re delivering in Windows 10 Enterprise.
Windows Hello1 & Microsoft Passport2
Microsoft Passport is an easy to deploy two-factor password alternative that is accessible by using a PIN or Windows Hello, which provides enterprise grade security and supports fingerprint, facial, and iris based recognition.
Credential Guard uses hardware to isolate Windows authentication services (LSA) and user’s derived credentials (e.g., NTLM hashes and Kerberos tickets) using virtualization based security and Hyper-V. This isolation helps prevent Pass the Hash attacks, which enable attackers to steal identities and impersonate network users.
Device Guard puts you in control of your environment with rigorous access controls that help prevent malware, untrusted apps and executables from running on devices.
Windows 10 closes off the pathways that allow malware to hide from the OS by starting first. Using hardware-based virtualization, key processes are also isolated from the system so they cannot be tampered with.
Enterprise Data Protection4
Enterprise Data Protection with Windows 10 makes it easier to perform data separation and containment of corporate data – wherever it might be. Unlike most 3rd party solutions, Windows does not require containers. Instead our solution protects data wherever it lives on the device. Windows acts as an access control broker that gates user and app access to protected data based on the policies that you define.
The Windows Device Health Attestation cloud service used in concert with management system such as Microsoft Intune can provide Conditional access services that help prevent untrustworthy devices from gaining access to corporate resources.
Familiar and productive user experience
Windows 10 provides a familiar and productive experience across your PCs, tablets, and phones. The experience takes the familiarity of the Windows desktop and merges it with recent advancements, making you an expert from the start, and giving you the freedom to do great things.
The Start menu is back and better than ever with Live Tiles and adjustable sizes. Windows 10 is friendly and familiar – with lots of similarities to Windows 7. You will feel like an expert from the get-go.
Microsoft Edge & Internet Explorer 11
Microsoft Edge is the all-new browser built to give you a better web experience—one that’s made for easy sharing, reading, discovery, and getting things done online.
IE 11 is a consistent, reliable browser for enterprise web apps. Most large organizations have a wide variety of web apps that have evolved over the past 20 years. Only IE 11 offers the security, manageability, performance, backward compatibility, and modern standards support that large web app portfolios need.
The best screen is always the one you’re on. Windows enables your apps and content to display beautifully in all modes, whether using desktop or tablet mode, touch or type, or even as you transition from one to another, keeping you productive.
Universal Windows apps
Windows 10 Universal apps let you write once and deploy across all devices, creating one app that tailors to any device.
Managed for continuous innovation
Windows 10 helps our customers to focus less on deployment and device management, and more on innovation, and driving value for their business.
Dynamic provisioning and in-place upgrade
Windows 10 provides capabilities to simplify how you configure your PCs and devices. When upgrading your Windows 7 and Windows 8 devices, Windows 10 does the work, preserving data and settings, as well as updating apps and drivers when possible ‒ simplifying deployment and making sure your people don’t miss a beat.
Domain Join and Group Policy
Windows Enterprise still comes with the tried-and-true client-server technologies that have helped businesses manage and secure their technology for years.
Azure Active Directory Join10
User identities can now be shared across Windows 10 and Office 365 using Azure AD Join. The shared login will work on PCs, tablets, phones and new form factors, making logins and passwords easier to manage.
Current Branch for Business
By putting devices on the Current branch for Business, enterprises will be able to receive feature updates after their quality and application compatibility has been assessed in the consumer market, while continuing to receive security updates on a regular basis. This gives IT departments’ time to start validating updates in their environments the day changes are shipped broadly to consumers, or in some cases earlier, if they have users enrolled in the Windows Insider Program.
Advanced granular UX control
Advanced granular UX control empowers IT, using device management policies, to customize and lock down the Windows device user experience for task-workers, kiosks, and IoT functions, so only a specific task can be performed.
Mobile Device Management
Windows 10 allows a simpler approach to device management that lets businesses take advantage of cloud-based MDM solutions to manage all your devices with a single console. You can even use Office 365’s MDM features to manage your Windows 10 devices.