Windows 10 Technical Preview First Impressions: The Return Of The Desktop
by Brett Howse on November 13, 2014 8:00 AM EST- Posted in
- Software
- Microsoft
- Windows 10
Business Features
It is no secret that a lot of businesses got stuck on Windows XP, and partly due to things like IE6 and intranet sites and apps that would only work on that platform. As we discussed, the changes to the Windows Vista’s security model made a lot of corporate apps stop working, and the changes to the driver model and minimum hardware requirements for Vista meant that existing computers could not necessarily be upgraded from XP. This was a major problem for Microsoft. Getting companies to buy into a new way of doing business does not always work out. If it was difficult to get a business to upgrade to Windows 7, you can imagine how difficult it would be to have that same business upgrade to Windows 8 with its entirely different look and feel.
Windows 10 is more than Windows 8.1 with a Start Menu, although at first glance that seems to be the case. Microsoft has put some major effort into adding features to Windows 10 specifically aimed at the business crowd.
The first change, is of course the Start Menu, which is back. The Windows 8 Start Screen was a major pain point with business, so this alone is a big benefit. Having a familiar look and feel to the OS is key to keeping workers productive, and the thought of having to train the workforce for Windows 8 was not very appealing. The previously discussed WinRT apps being able to be used in a window is also a nice feature to keep productivity up. But these changes are fairly cosmetic, and it is the features under the covers that should really help businesses, and consumers as well, to buy into Windows 10.
As many of us are aware, having to do a clean install of Windows, and then re-load all of your settings, applications, and devices, can be quite painful. Windows 10 is going to offer an in-place upgrade for users of Windows 7, Windows 8, and Windows 8.1. The upgrade will preserve apps, data, and device settings from the original install of Windows to allow for a smoother transition. On my desktop PC, I performed an in-place upgrade to view the results. Although it was extremely slow to complete (I have about 200 GB of apps and data on my main SSD so the upgrade took well over an hour) the result was exactly what was promised. All of my apps on the desktop were still in place, and I was able to get right back to where I was with Windows 8.1.
While not the first version of Windows to support an in-place upgrade, Microsoft is promising Windows 10 will be the best in-place upgrade yet. With Windows on as many devices as it is, there are likely to be some problems, but my one computer worked fine even though this is far from the release version of the software.
At the same time, Windows 10 will support the traditional wipe and install approach. My experience with this method is even more positive than the in-place upgrade. Booting off of a USB drive and installing Windows 10 on an unformatted SSD ended up taking about five minutes. Although Windows 8.1 installs are likely as fast, it is still impressive when you remember back to installing Windows 9x/XP.
Microsoft System Center dashboard sample
Microsoft is also building new runtime configuration tools to transform devices from their off-the-shelf state to fully configured business devices without having to image them. Since these tools are not available yet, I have not seen them but this may be a quicker way to set up multiple machines rather than having to manage images and driver packages for a multitude of different types of hardware. This can also allow choose-your-own-device type scenarios, with the provisioning tied to Mobile Device Management (MDM) services. Of course, traditional wipe-and-load deployment will also be supported, and Microsoft has a bevy of tools to help with this including the Microsoft Deployment Toolkit and System Center Configuration Manager.
Speaking of MDM, this is also a major new feature coming to Windows 10. Windows 8.1 offered some MDM abilities, and Windows 10 is expanding the feature set. This will allow MDM to configure Windows 10 for things such as Enterprise Data Protection policies, support for managing multiple users, full control over the Windows Store, VPN configuration, full device wipe and encryption, and more. This will allow many more businesses the ability to have device management. While Microsoft and other companies have long offered configuration management tools such as Microsoft System Center Configuration Management, the software is complex and requires a significant investment to set up and keep up to date. With Windows 10 offering comprehensive device management with MDM, this will allow companies to use the much less complex MDM tools such as Microsoft InTune.
Of course, one of the biggest concerns for any business is security. Windows 10 is also adding new features here which should result in security for both identity protection, and information protection. Identity protection is a major concern for IT departments, and as such they often employ password policies which are complicated and create user confusion, and of course extra support calls for forgotten passwords. One way in which Windows 10 is addressing this is by building in additional choices for multi-factor authentication. With Windows 10, the device itself can be one of the two factors for authentication. A second factor can be a PIN, password, or a biometric. So, effectively, a password will not be required if that is acceptable by the company's security policy. Also, Microsoft will also be allowing a smartphone to be one of the choices in multifactor authentication, and the phone will be able to connect over Bluetooth or Wi-FI to the PC to act as a remote smartcard. The technology powering this multifactor authentication is fairly familiar stuff to IT departments: a cryptographically generated key pair generated by Windows, or a certificate from an already established PKI system.
Also with identity management, Windows 10 will also offer Azure Active Directory in addition to Microsoft accounts and traditional Active Directory accounts for single sign-on.
Information Protection is also a huge concern for business. Microsoft created Bitlocker for on-device encryption to protect data files at rest, but of course if the device is running, Bitlocker cannot protect data. To address this in Windows 10, Microsoft is leveraging some of their existing technologies (ie Azure Rights Management and Active Directory Rights Management) to protect data. Microsoft is calling the new implementation Data Loss Prevention (DLP) and the new solution separates corporate and personal data and protects the information by having the files encrypted on their own. Microsoft is claiming DLP will allow corporate data to be protected without any additional work by the end user – you will not need to switch modes or change apps – which should drastically improve the ability of companies to keep track of their data and prevent it from leaking out in the event someone emails it to the incorrect recipient. Windows Phone will also support these features, which may or may not help adoption of Microsoft’s smartphone OS in the enterprise.
Windows 10 will also support policies to restrict which apps have access to corporate data. Policies will also be available to control VPN functions, including constant connectivity and which apps have access via VPN. These app-allow and app-deny lists will support both desktop and universal apps, and can be managed by MDM infrastructure.
As an attempt to keep malware at bay, Windows 10 can only allow trusted applications to be run on it. That trust can come from Microsoft, or from OEMs and organizations. A company can sign apps themselves if they wish, choose apps signed by particular software vendors, apps from the Windows Store, or all of the above.
And finally with business related features, the Windows Store will be able to function as a licensing portal for volume app purchases. Organizations can create custom stores, which can show approved apps from the Windows Store alongside company-owned apps.
Windows 8 was going to struggle with enterprise adoption for more reasons than just the start screen, but clearly Microsoft is trying to push a set of services that will entice their enterprise and business customers to try out Windows 10. A lot of the focus on the Technical Preview has been in regards to new features for business, and there is a lot to digest here.
Facebook
Twitter
RSS
198 Comments
View All Comments
piiman - Saturday, November 15, 2014 - link
"roll back a bad or unwanted update"System Restore ring any bells?
Haravikk - Thursday, November 13, 2014 - link
I'm finding Windows 10 to be pretty good, in fact I'm using it as my main Windows version at the moment in spite of the risks (though my main OS is still Mac OS X so it's not a huge risk).It's definitely a lot more usable than Windows 8, but it does still have a way to go to really fix the desktop experience; most searches return results in Metro apps rather than desktop apps, regardless of which mode you're currently in, which is incredibly annoying. The search app is Metro only, which is weird, as all it does is spit out Bing search results with no apparently added value, so it might as well just send you to a web-browser. This is hopefully something that will be addressed during development.
I'm also a bit annoyed at the Windows Live account integration though; OneDrive is only available if you create a Microsoft account, but that means using the same password for your online account and your local machine, which IMO is insecure as it means I have a web-account with a weaker password just so I can remember it, rather than being able to set different passwords (or use a password manager). If you instead use a local account you can't use OneDrive, and you have to sign in to every single Microsoft service (e-mail, calendar, photos etc.) which is a huge pain in the ass compared to OS X's internet accounts system where you sign in once and interested apps can just request access.
Otherwise it takes the great technologies of Windows 8 and makes them a lot more useable, which is great; the live tiles on the start menu are a wonderful feature, rather than an impediment like the start screen on a desktop (it's admittedly great on a tablet).
At the same time though it just doesn't go far enough; there is still so much in Windows that is archaic and sorely in need of replacement. Things like tools from the Manage menu that looks fresh out of Windows 95 (and probably are), accessing settings is still a nightmare as they could be absolutely anywhere, with the control panels app still being a bit of a pain to use (at least search gets you where you need to be quickly some of the time). Windows 10's interface is really just veneer on very old, rotten wood; it's a nice veneer, but under the surface you can very quickly get mired in complex nonsense the moment you run into a driver problem, try to configure network connections etc. So it's not like this new interface is really a sea change in usability for Windows, it just makes Windows 8 more palatable to Windows 7 users.
darthrevan13 - Thursday, November 13, 2014 - link
Last time I checked Google did the same thing with their services (one password to rule them all) and nobody complained that it was insecure or even a problem for them. Besides, how else would you want to use OneDrive if you don't have a MS account?If you choose a MS account on Windows then it will automatically log you in all your MS services in IE only so I don't understand why you need to bash Win saying that OS X does it better, it's the stuff if you ask me.
wallysb01 - Thursday, November 13, 2014 - link
Its a little different when that “one password to rule them all” also has administrative privileges on your computer, than just having a lot of random web services tied to it.Haravikk - Friday, November 14, 2014 - link
I don't think I've explained it very well. Basically when you create an account in Windows 10 (and probably Windows 8, I don't know) you can create either a local account, or a "Microsoft Account". The former is just a classic account with its own password, while the latter requires you to use your Live.com login details, so it uses the same password. I just don't like it however, because I like nice, long (usually randomly generated) passwords for web-services, which of course is impossible to use with a Microsoft account, so it would force me to use something simple instead which I consider insecure.However, if you can only use OneDrive with a Microsoft Account, it won't let you sign in on a local account. You can sign in to mail, contacts etc. with a local account, but not OneDrive? They're basically forcing you to use an online account, which prevents me from using a strong password for the web-service side, and an easy to remember one for my actual user account, it's a pretty poor way to do it.
My other gripe was that if you want to use a local account, but still use your Live.com details to set up e-mail, calendars etc. then you have to enter the same details in each app, there's no way to just connect your Live.com to a local account so that apps can use it (or ask to use it).
In OS X you can setup a local user account, you can connect it to your Apple ID for recovery purposes, and you can also go into the internet accounts section and add your Apple ID as an iCloud account to enable all the various features it gives (iCloud Drive, calendar, e-mail etc.), which automatically configures all the relevant apps for, and lets third-party apps request the same details if they want them.
Basically Windows 10 (and possibly 8) force you to use your Live.com as login details for your computer if you want to get the most use out of it, and even blocks features (like OneDrive) if you don't. Meanwhile everything else is a pain in the ass to setup on the local account.
I'm not simply bashing Windows because I prefer how OS X does it, the way Windows does it is simply horrible; rather than giving the user flexibility, it forces you into one of two choices with their own drawbacks, rather than there being any best of both, even though they could easily give us one. In fact it's a regression from Windows 7, where you can setup a local account and link your Live.com account to it fairly easily.
Don't get me wrong, for some people using a Microsoft Account may be a great way to do things as it's simple, and involves no extra passwords, but I just don't think it's very secure, and I don't like that because I choose not to use it I'm not only losing features I had in Windows 7, but am also having to work harder to set everything up than I had under Windows 7. It's a huge step back.
asmian - Saturday, November 15, 2014 - link
"for some people using a Microsoft Account may be a great way to do things as it's simple, and involves no extra passwords, but I just don't think it's very secure"Ain't that the truth. Microsoft mail? Might just as well add an explicit CC to the NSA on everything, since we know they have complete back-door access to all MS's servers. Cloud or mail, if you have any wish for privacy this just isn't an option.
It'd be great if someone could write an app, like the old XP-Antispy, with a complete set of options in one place to reliably turn off all the MS account features and hidden privacy-leaking options.
attilakocsis - Thursday, November 13, 2014 - link
You can add additional sign-in options to your account (like PIN and picture password). So you can have a complex password for your Microsoft account and use e.g. a 4-digit PIN to access your computer. This is how I use mine - very convinient.lilmoe - Thursday, November 13, 2014 - link
Was about to say the same thing. I use a PIN instead of my password, very convenient.MrSpadge - Thursday, November 13, 2014 - link
Headlines like "The Return Of The Desktop" make me want to puke. It's not because of your article, Brett, but because of something I would characterize as a full-blown mass hysteria towards Win 8. As if the desktop was gone under Win 8.If one manages to look beyond the "modern" start screen (which you don't have to use) the Win 8/8.1 desktop is objectively better and more polished than 7 (explorer, task manager etc.). It even looks and feels better to me, although this is obviously highly subjective.
I recently had a short discussion with a colleague about a new PC:
"Yeah, it's got a fresh 8.1"
"8? Oh no!"
"Why?"
"Because every 2nd one is crap"
"... is that seriously the best argument you can come up with?"
Anecdotal, for sure, but shows how far this "Win 8 sucks hysteria" has brought us.
BobSwi - Thursday, November 13, 2014 - link
Microsoft Account is forced everywhere even when you've bypassed the initial setup with a local account (which is still a half hidden create a new ms account, cancel, and then make a local).Search riddled with Trending internet crap is embarrassing. Then another search bar in the start menu that you can't limit to local only so its searching store and internet when I'm looking for local application.
2 calculators, one metro & one old school, PC settings still all over the place. Charms is gone but different metro apps have their settings in different places now, do I Win+C or right-click, or look for elispes in top left for them. Not to mention half the metro apps work like crap in windowed mode, scroll bars really get hosed when not full screen.
Canned 'apps' seem to have more holding spots for ads, news weather etc. If I don't install windows w/ an MS account, I wished they'd just leave out all the canned apps and MS Store since I'll likely be removing them for business use anyway.