Microsoft's Windows 10 Anniversary Update introduced a host of cool new features for consumers. Enhanced Cortana functionality, Windows Hello authentication for third-party applications, and a redesigned Windows Store are just a few of the updates that are designed to improve the one-year-old operating system (OS).
Continue Reading Below
However, in Microsoft's never-ending quest to be the OS of choice for business as well as general users, the company also introduced new Windows 10 features specific to the enterprise. Mostly focused on security, the IT-focused Anniversary Updates are minor tweaks that won't upend the user experience (UX) but they are likely to put a smile on the face of IT administrators and their bosses. The changes, which are primarily (but not exclusively) security-related, are designed to simplify data protection, improve workflow management, and enable remote collaboration.
In this article, we'll examine seven Windows 10 Anniversary Update features that IT professionals will love.
1. Windows Information ProtectionWindows Information Protection (WIP) is a new Windows 10 feature that gives businesses the ability to encrypt enterprise data as it's downloaded to an employee-owned device. Here's an example of what WIP is trying to safeguard against: If your human resources (HR) manager copies and pastes sensitive employee data from Microsoft SharePoint to his or her email app, then that data is now out of your company's control and can be distributed freely. However, with WIP, any designated enterprise app or web location (in this case, SharePoint), when combined with a WIP-enabled device (your employee's smartphone), will automatically encrypt information that is downloaded to the device (the sensitive HR data).
With WIP, your IT departments can block the apps into which employees copy and paste. If an employee attempts to copy and paste from an enterprise app into a blocked app, he or she will see a notification stating that the data transfer was restricted. You can also allow your employees to make the decision by giving them the ability to override the restriction, and you can also create a silent permission, which lets the transfer occur without alerting the employee (but sends an alert to IT letting them know the transfer has occurred).
2. Better Mobile Device ManagementWith Windows 10, business users were able to sideload apps (that is, download on one device and transfer to another) using product keys. This meant that employees with access to the app product keys could download apps onto any Windows 10-enabled device without direct IT oversight.
With the new update that focuses on mobile device management (MDM), sideloading of apps will only be allowed through the app management console controlled by your organization's IT department. This enables your business to control where business apps and the data contained in those apps live.
Also on the MDM front, Microsoft now allows IT admins to purchase off-the-shelf retail Windows 10 Mobile devices and enroll them into mobile device management before assigning them to users. By using Windows Imaging and Configuration Designer to build an ideal configuration (more on this later), IT can deploy the template configuration to multiple devices by connecting them to a Windows PC (tethered deployment) or through an SD card.
3. Windows DefenderThe most important Windows Defender update give you the ability to run malware scans offline with one click. Previous iterations of the anti-malware tool forced users to install a separate program, restart the device, and load the bootable media before the scan could run. Now, all users need to do is open the Windows Defender app and click "Download and Run" to run an offline scan.
The new "Block at First Sight" feature provides additional protections against unwanted files. Typically, when Windows Defender encounters a suspicious file, it will run a test to determine whether the file is benign or malicious. However, while the test is being run, the file is alive on your device. With "Block at First Sight," Windows Defender locks the file so that it can't infiltrate your system.
4. Windows Hello for BusinessYou might already be familiar with Windows Hello, the facial recognition reader that locks and unlocks your Windows 10 device by scanning the contours of your face (or other biometrics and gestures). Consumers had been able to use Windows Hello as their sole entryway into Windows 10 devices since the OS launched last year. However, business users were required to enable Microsoft Passport and Windows Hello to take advantage of the facial recognition functionality.
With the update, Microsoft has combined Passport and Hello under the Windows Hello name. Users who were taking advantage of both apps shouldn't notice a difference in functionality, but news users will know the combined features as Windows Hello for Business.
5. Remote Connect to Microsoft Azure Active Directory Windows 10 has always enabled remote connections to Active Directory PCs. However, the Anniversary Update gives users the ability to connect to remote PCs that are joined to the Microsoft Azure Active Directory.
If you're not sure what this means, remote connect on Active Directory allows IT to access PCs that are within a physical network. With Azure Active Directory, IT is able to remote connect to any computer that is plugged into the cloud service. This gives remote connectors much greater reach, as the connection is able to extend beyond the confines or a physical network.
6. Shared PC Mode Although this isn't exactly a new Windows 10 feature, it's new to the Enterprise user. Shared PC Mode gives IT the ability to enable access to one device for multiple users. Think of it as a Surface Pro 4 that your local Best Buy store uses to track inventory, or to research product specifications.
With Shared PC Mode, any clerk working at that Best Buy location will be able to access the device, as well as his or her own private storage, and access his or her own cloud-based Microsoft apps and files. Business users will be able to control how users sign into the device, who can create an account on the device, when accounts are cached, and how the computer undergoes maintenance.
7. Easier Provisioning IT professionals will absolutely love this new feature. Rather than installing a new image for each device in order to configure end-user laptops and tablets, the Anniversary Update allows IT to specify desired configurations and settings for target devices. Essentially, IT can define a single desired configuration and then apply that configuration to multiple devices via a provisioning wizard.
So, if your company hires 100 new users, rather than setting the configuration 100 times on each new device, IT can create a desired configuration and deploy it in one fell swoop across all of the new Windows 10 PCs, tablets, or smartphones.