Saturday, August 8, 2015

Windows 10, Industrial-strength BYOD

"Bring Your Own Device" (BYOD) is not new. It's the term companies use to describe company policies that enable an employee to connect employee-owned devices (typically a smartphone or tablet) to company resources... resources such as email or company document repositories.

In order for BYOD to work, a device must meet criteria for security and manageability minimally agreed upon by the company and the employee.

Mock-up of a woman using a Razer laptop in a classic work setting.
One of the things I love about Windows 10 is the multitude of security and manageability features that really make "BYOD" attractive to both employees and employers.

Being the tablet and smartphone platform that Windows 10 is, there's been a lot of attention to making Windows 10 able to address many of the objections Enterprise IT has with IOS (iPhone and iPad) and Android devices. (In light of recent issues like #StageFright on Android, I find it hard to figure out how Android is supportable in BYOD scenarios.)

Windows 10 comes stock with not just one, but several viable BYOD solutions that present industrial-strength solutions to these BYOD objections.

Also, being the Universal OS that Windows 10 is, these objection busters apply to traditional laptops and even PCs. The magic here is that you can intentionally & willfully enroll your computer, laptop, tablet, phone, what have you with your company's computing device policy, and be sure that your device will comply with company policy to the extent that the company requires.

If only for this reason, the fusion of work and play in one machine, Windows 10 makes the PC personal again, as promised.

As a Microsoft Partner-Technical Solutions Professional (P-TSP) with BlueMetal, I've been issued an awesome company laptop... but for a number of reasons, I found myself wanting to explore Satya Nadella's vision for one device that co-mingles business and pleasure.

Having heard Nadella's call for one device for work and personal use, I selected a laptop that could meet the needs of a higher-end gamer as well as meeting the needs of my role as a Senior Software Engineer in the Devices & Mobility group at BlueMetal.

What I ended up with is a rocket ship of a laptop, (a Razer Blade 14 laptop).

After taking a few precautions like Bitlocker-encrypting my laptop and upgrading to the Pro edition of Windows 10, I was comfortable enrolling my laptop with the company Intune policy. What I get is a stand-out kick ass trophy machine with enough display resolution to make 2k-display smartphone emulators seem quaint, that kicks ass developing apps, which I can then take home and kick ass in Azeroth & Draenor... without skipping a beat.

Imagine allowing employees to opt some portion of their personal hardware into your compute and/or sensor fabric in a way that does not interfere with that employee's personal computing.

The possibilities add up to a win-win-win.

Employees win because they aren't stuck with cheap, sub-standard-issue equipment at work.

Employers win, because 1) employees are happier with their better performing equipment, 2) employers aren't in the hardware maintenance business anymore, and 3) can potentially leverage some of that hardware as an extension of human resources.

OEMs win because employees will gravitate toward hardware that gives them a leg up at work, rather than settling for the sub-standard-issue machine.

The most notable NEW ways to present BYOD in the enterprise are these:

1) Mobile Device Management and Mobile Application Management (App-V) with VPN isolation, making it so that devices have an encrypted sandbox for company applications and data, as well as a dedicated, isolated channel for VPN connectivity that 3rd party apps on the device can't touch.
2)  Bitlocker-encrypted Hyper-V Virtual Machines with virtual Trusted Platform Module managed by the enterprise, typically where the guest OS is Active Directory-Domain joined.
Post a Comment