Quick viewing(Text Mode)

Selling Windows 10 Enterprise Value Pitch Deck

Selling Windows 10 Enterprise Value Pitch Deck

+110 MILLION +12 MILLION

“FOR , WENT “THE BOTTOM LINE? MICROSOFT IS “WINDOWS AS A SERVICE MAKES ALL-OUT TO TURN AROUND GOING TO BEND OVER BACKWARDS TO WINDOWS 10 THE MOST ATTRACTIVE PERCEPTIONS AMONG CORPORATE MAKE THE BUSINESS TRANSITION TO DEVELOPMENT PLATFORM EVER.” CUSTOMERS…” WINDOWS 10 AS EASY AS POSSIBLE.” PA U L T H U R R O T T S H I R A O V I D E A R K H A R T M A N T H U R R O T T. C O M W S J P C W O R L D

“Windows 10 on Surface 3 provides the security and managementI we need in a highly regulated environment. We made the decision early to use Windows 10 and deploy it immediately. Today, it is the most secure platform from Microsoft and we didn’t see a need to wait.”

- Jim Jensen, VP Information Services Partner Momentum Gartner Advocates for Windows 10 "By 2018, 80% of enterprises will run Windows 10. A year ahead of " "Windows 10 is an inevitable migration for organizations running Windows PCs”…poised to become “the most widely installed version of Windows ever” “To a large extent, Windows 10 is a cloud- centric

Windows 10

Investments for business

Protection against Managed for Be more productive Innovative devices modern security continuous innovation for your business threats

Require

Device security

Identity protection

Data protection

Threat resistance Protection against modern security threats

Replace passwords Protect corporate Only run software Protect sensitive identities you trust corporate data

Biometrics Hardware-based Eliminate Malware on Automatic encryption Hardware-based credential isolation corporate devices Persistent protection multi-factor Data Separation

Windows Hello Trusted Boot Enterprise Data Microsoft Passport Device Guard Protection (coming later)

Shared shhh! secrets

Easily mishandled or lost

(Hint: The user is the problem)

Microsoft Passport and Windows Hello

Easy to deploy two-factor password alternative Breach, theft, and phish resistant credentials Single sign-on experience Convenient enterprise grade security for both enterprises and consumers Supports PIN and biometric sign-in using Windows Hello Hello Chris WINDOWS HELLO Fingerprint Iris Facial

FIDO ALLIANCE

Example Board level members

Credential Guard

Pass the Hash (PtH) attacks are the #1 go-to tool for hackers Used in nearly every major breach and APT type of attack Credential Guard uses VBS to isolate Windows services and derived credentials Fundamentally breaks delivered credential theft using MimiKatz, etc Azure

Use Azure AD to sign-into devices and the Windows store, no needed Azure AD is a comprehensive identity and access management solution for the cloud Supports the use of Microsoft Passport and Windows Hello to access 1000’s of SaS apps

Device Guard

Provides next generation app control and kernel mode protection

Uses signed policies to help prevent users and malware with elevated privilege from changing IT’s app control policies

Protects kernel mode processes and drivers from zero days and vulnerabilities using hardware enforced vulnerability mitigations

BitLocker data protection

Protects data when a device is lost or stolen using full disk encryption Provides single sign on and protection from cold boot attacks Easy to deploy and manageable (via MBAM) at scale Excellent integration, performance, and reliability Submitted for Common Criteria and FIPS 140-2 certification. Will be supported for HIPPA, PCI DSS, etc scenarios Enterprise data protection

Delivers user friendly corporate/personal data separation and containment Ensures only trusted apps can access business data Helps prevent accidental data leakage through copy and paste scenarios Integrates with Right Management for secure roaming and sharing Available on mobile and the desktop

Managed for continuous innovation

End “wipe-and- Simplify device Embrace mobile-first, replace” deployment management cloud-first

Eliminate the heavy lifting Move to a single MDM Enterprise-class cloud, and inefficiency platform for all Windows universal app model, and 10 devices store for business

In-place upgrades Azure AD Join Dynamic ProvisioningWINDOWSManagement AS A SERVICEUniversal Apps for Windows App compat Windows Store for Business

Be more productive

Get the best Interact the way Always have what Intelligent experience you want you need assistants

You screen adapts to Every user is a first Access your apps and Get proactive and your device and task class citizen data from any personalized help Windows device from a true

Continuum Mouse and keyboard Universal Windows Apps Continuum for Touch, Pen and Ink User state roaming with Phone Voice Azure AD Join Innovative devices for your business

Bring innovation to Industry strength Chose devices that Redefine your current PCs solutions are right for you productivity

Windows 10 works Support your Line of Range of innovative Revolutionary new great Windows 7 PCs Business scenarios devices across 2-1s, devices tablets, phones

In place upgrade Windows 10 IoT 4 Hardware Granular UX control Surface Book HoloLens Compatibility Ruggedized devices Lumia 950, 950 XL 3rd party devices

Empower your customers with the Microsoft enterprise cloud

Seamless user access to Reduced deployment Extended protection for Enterprise Data Protection apps and data from any complexity with dynamic your corporate data with and Azure Rights Windows 10 device, with provisioning delivered via Enterprise Data Protection Management enablement in Azure AD Join in Windows Azure AD Join and and Azure Rights Office (coming later); 10 automatic MDM enrollment Management (coming later) Exchange Advance Threat Protection

Windows 10 November update

Æ Ready for business Æ Broad enterprise pilots and evals underway Æ The first major upgrade as we deliver Windows as a Service Æ Evaluate, pilot and start Windows 10 deployment today Windows 10 November update

Enhancements to Enhancements to Windows Store MDM support Enhancements to User Experience Azure AD Join Microsoft Passport for Business for Business for BYOD Telemetry Control Enhancements

Seamless, secured, Utilize Microsoft Centrally acquire, Manage deployment to MDM support for GP/ MDM Controls Enhancements to roaming of user Passport for manage and distribute internal groups (rings) Windows 10 Home for enabling enterprises Cortana, Edge, across Windows 10 your domain accounts Windows Store apps in your enterprise for most MDM settings. to fully turn Continuum, Support for deices, via your on the in your organization. controlled rollout of telemetry off. Continuum for Phone Azure cloud. corporate network. Current Branch on select Phone devices. Create your own private for Business (AD/AAD Hybrid mode) store with your (CBB) updates. corporate LOB apps and Iris support (Beta) curated free apps. Manage updates to align with your business rhythm (maintenance “no-update” windows).

Windows Update Policy setting example in for Business Windows Update for Business

Keeping devices secure and up-to-date Reducing device management costs Quick access to latest security updates

Capabilities

Time to test Ability to Maintenance and validate feature create internal windows to align updates deployment groups with business rhythm Summer ‘15 Fall ‘15 Fall ‘15

Peer to peer Integration with Access to Current delivery to optimize your existing tools branch and Current for bandwidth like System Center branch for Business

Summer ‘15 Coming later Summer ‘15

Windows Store for Business

Centrally acquire, manage and distribute Windows Store apps in your organization.

Create your own private store with your corporate LOB apps and curated free apps.

Sign-up with your organizational account at http://www.microsoft.com/busi ness-store Enterprise data protection

Currently tested with select enterprise TAP customers

Will become available via Insider Preview soon

Planned release later in 2016

Deployment Approach with Windows as a Service? What to deploy

Ongoing engineering Current Branch Current Branch Long Term Servicing development Preview Branch For Business Branch*

Feedback Specific feature and Deploy to appropriate audiences Stage broad deployment via Deploy for mission critical and asks performance feedback via WUB WU for Business systems via WSUS Application compatibility Test and prepare for broad validation deployment

Lab machines Early adopters Information workers Specialized systems Initial pilots General population Factory floor, point-of-sale, etc. IT devices

When to deploy

Windows Insider Current Branch Current Branch Preview Branch For Business

Specific feature and Deploy to appropriate Stage broad deployment performance feedback audiences via WUB via WU for Business Application compatibility Test and prepare for broad validation deployment

Evaluate Pilot Deploy

4-8 months of active 4 months 8 months development

12 month to test and deploy Evaluate upcoming Pilot features

Get going with Windows 10

Æ Evaluate Windows 10 Æ Join Windows Insider Preview for November Update early access to the upcoming capabilities Æ Start Windows 10 Pilot in your organization Æ Migrate to Internet Browser 11

Æ Talk to your account team Æ Prepare to testing and adopt about Accelerate Program on phones Appendix

Windows 10 Investments for Business

Enable continuous innovation with Protect your company against modern Deliver experience your users will love, the platform that keeps your Innovative devices for your business security threats make them more productive company up to date

Replace passwords with more secure End “wipe and replace” deployments of Get he best experience no matter what Bring Windows 10 innovation to your options, such as biometrics and the past with in-place upgrades (app screen you’re using by running in existing PC fleet. (hardware compatibly) hardware- based multi factor credentials compatibility). desktop or tablet mode, using typing or (Windows Hello and Microsoft touch inputs, or use like a Bring industry-strength Windows 10 IoT Passport) Simplify device management by moving desktop – so the best screen is always solutions to support your Line of to a single mobile device management the one your are on. (, Business scenarios (Granular UX control) platform across all Windows 10 devices, Protect your corporate identity with Continuum, Continuum for Phones) from phones to to Internet-of- Choose devices that are best for your hardware-based credential isolation Things devices; and from personal BYO business and your , from the (Credential Guard) devices to corporate systems. Windows 10 is familiar, and every user is broad range of innovative Windows a first class citizen –whether using devices across 2-in-1s, tablets, laptops Protect your corporate data, no matter Power your business with the enterprise- mouse and keyboard, touch, pen & ink and phones. (, Surface where that data is, with the automatic class strength of the Azure cloud and or voice Book, Lumia 950, 950XL) encryption (Enterprise Data Protection – Universal Windows Apps. (Azure AD coming later) Join, Windows Store for Business, Anywhere, anytime access to users’ apps Redefine productivity with revolutionary Private Catalog) and data from any Windows device new windows devices, such as Surface Eliminate malware on your corporate (Universal Windows Apps, user state Hub and HoloLens. devices by ensuring that only the Move to the platform that keeps your roaming w/Azure AD Join) software you trust can run (Trusted company up to date, so that you can Boot, Device Guard) adopt latest technologies and Proactive and personalized help from continuously innovate. (Windows Cortana, who can integrate with Update for Business, Windows as a company’s LOB systems. service)

Windows 10 November update: MDM support for BYOD Windows 10 has been the easiest Windows upgrade. Our plan was to finish by the end of December, but the ease of upgrade let us complete it in only two months - three months ahead of schedule!

Christopher Rhoda Thomas College Vice President for Information Services and CIO

Surface

Empower your customers with the Microsoft Enterprise EMS Windows 10 Office 365 Cloud

Suite Azure Active Directory – RMS – Intune

Top View