0

Is Windows 10 ready for business?

Since Vista, a lot of people have been fairly cautious about upgrading their Windows OS.

Microsoft is currently pushing Windows 10 with the stated aim of hitting a billion devices within three years, and they may meet this ambitious target. The OS is already more popular than Windows 8.1, with 13.52% of desktops already running Windows 10 (nearly 2% more than 8.1), [1] and a little over 10% of Windows 10 devices are business PCs. The question of whether Windows 10 is actually the right OS to roll out across your business IT systems, however, is a totally different matter.

In November 2015, Windows 10 got its first major update. After this milestone, a Microsoft spokesman said that the Redmond software giant “can recommend organizations of all sizes start their Windows 10 deployments.” [2]
The most important question to ask is: should we listen?

Security is a big factor here, with a whole host of new security features available in Windows 10. The biggest draw is probably Credential Guard, which makes ‘pass the hash’ attacks impossible. This is an exploit which lets hackers to access a server (potentially compromising an entire business network) with just one user’s username and password hash values. The upshot is that a server could be hacked even if no actual passwords were ever compromised. Credential Guard pulls one of the most effective tools from a hacker’s arsenal, providing a thick additional layer of protection to businesses running Windows 10.

For some IT professionals, though, Windows Update for Business will be just as appealing as Windows 10’s long list of new security features, and might actually be the strongest reason to upgrade windows 10 for businessbecause it resolves one of the biggest reasons not to upgrade: the lack of control over subsequent updates. Until Windows 8, users could postpone updates indefinitely. The change to forced updates without user consent in Windows 8 caused no little consternation, and with Windows Update for Business, Microsoft are giving back more than what they took.

The feature comprises a set of tools which allow network managers to control when and how updates are installed across all networked devices. This will allow businesses to test updates for compatibility before letting them loose on their business-critical systems. There’s a lot of control on offer here, as releases are divided into three categories and each is given its own controls:

‘Upgrades’

Major OS updates will be those which are considered new milestones in the Current Branch for Business. The last milestone update (version 1511) brought us Windows Update for Business in November. Milestone installations can be delayed for up to eight months, but must be deferred one month at a time. It should be noted that currently milestone updates to Windows 10 come in huge, multi-gigabyte packages.

Updates

Everything released on Patch Tuesday (the point in the monthly update cycle when Microsoft’s newest patches reach the end user) will fall into this category. ‘Critical’ updates, security updates, new devices drivers delivered through Windows Update can all be delayed in one-week intervals for up to four weeks.

Definition updates

As we’d have expected, updates which supply information on malware to Microsoft security software will be mandatory. It’s possible to avoid these updates entirely by using third party security software as standard.

Updates in Windows 10 are also far more granular than in previous operating systems, which should give us some flexibility in what we choose to update as well as when. Network managers will be able to patch higher-risk devices like staff laptops while keeping business-critical servers unchanged.

By 2016, we might also see Microsoft’s promised Enterprise Data Protection module, which seems well-suited to address the fact that personal and company activities often take place on the same device. This system will identify personal and business apps and data separately, allowing a business both to encrypt company data on employee-owned devices, and to wipe that data remotely without affecting the employee’s personal data.

To give a straight answer to the question in the title: yes it is. Windows 10 seems not only well-designed for business use in general, it has a few features which were clearly designed with IT professionals in mind. Windows 10 is faster, it has Cortana and it’s got rid of those smartphone-style tiles from Windows 8’s start menu. All of these things will appeal to the consumer market, but for businesses the fact that the new Windows is not only more secure than ever before, but actually gives the user proper control over that security, is likely to be the point-of-interest which shines brightest in Windows 10’s enticing display cabinet of features.

[1] gs.statcounter.com/chart.php?bar=1&device=Desktop&device_hidden=desktop&multi-device=true&statType_hidden=os&region_hidden=ww&granularity=monthly&statType=Operating%20System&region=Worldwide&fromInt=201511&toInt=201511&fromMonthYear=2016-01&toMonthYear=2016-01&csv=1
[2] http://www.zdnet.com/article/microsoft-starts-rolling-out-its-first-major-update-to-windows-10/

Computrad

Leave a Reply

Your email address will not be published. Required fields are marked *