Windows 10 Pro helps you concentrate more on your business and spend more time managing it and less time concerned with IT. Built-in protection, easy-to-implement management tools, and enhanced capacity features provide an essential foundation to keep your business humming.
It is easy to work across multiple devices, interoperate smoothly with Microsoft 365, and stay connected to maximize productivity. All users benefit from a familiar Windows experience that allows them to seamlessly run their existing apps and the full version of Microsoft Office. Windows 10 Pro devices are speedy, affordable, and work with a wide range of peripherals.
Usually, IT pros spend a significant amount of time creating and setting up images that will be deployed to devices with the right OS already installed on them. Windows Autopilot offers advanced technologies and simple solutions to help you customize new devices and prepare them for efficient use. Users only sign in and verify credentials. If you are connecting to a public Wi-Fi hotspot, you might want to get access to a captive portal, a web page that requires accepting terms or signing into an ISP's service. It is fully supported by Windows Autopilot. The Intune Enrollment Status Page shows application and profile statuses to users during device setup and optionally lets you force all your policies to apply before a user can start using the device, to guarantee a consistent user experience. Microsoft offers a few different ways to add devices: CSP partners, distributors, and resellers. If you are purchasing from a reseller, you can easily ship devices directly to your users without IT touching them. They would be associated with your company out of the box.
There exist configurable options that help you manage the user's device configuration on any device they log in to. The Settings App and Control Panel provide you with a wide range of settings to set up your experience. It is easy to prevent employees from changing settings by restricting access to the Settings App and Control Panel. Intune supports assigning user and device policies to either users or devices. Assigned Access policies are device-level and are targeted at specific device groups inside Azure Active Directory. Devices added manually or dynamically to these groups will have their policies assigned automatically. Assigned Access Shared Device policies are set at the device level to a specific device or set of devices. When a specified user uses that device, they will get a customized shared device configuration based on these policies. The Multi- App shared kiosk device can be used to configure a completely locked-down device, offering employees multiple apps that allow them to perform their role-specific duties, but nothing else.
Single App Shared Device mode is used more often for public-facing kiosks where you want only one application to run automatically when the machine boots. Single App kiosks either run a dedicated application or run a browser with a specific web application providing the kiosk experience. Microsoft has two options to provide a kiosk browser experience, including the Edge Browser in Kiosk mode or the Kiosk Browser UWP App.
Intune allows administrators to easily assign and push apps to users and devices. It stays in sync with the added apps, and you can then manage automated application deployment. Microsoft allows you to deploy Microsoft 365 Apps for enterprise to Windows 10 devices with Microsoft Intune. This helps employees turn their devices into productivity powerhouses, while Azure AD and Intune help register the device and deploy all the necessary updates and changes.
Windows Autopilot and Intune MDM policies help you easily control the desktop user experience. Different users perform different tasks in their roles. To ensure that each user has all the apps ready and that they can focus on the tasks of their role, IT administrators can customize the Start menu. IT administrators are not able to granularly control which setting the user has access to, but they can force certain security policies to always be on.
When looking for documents, Windows has a great feature called Timeline that remembers what you have been working on or sites you have been visiting across all your devices, including iPhone and Android. Timeline provides you with an opportunity to return to previous activities you have worked on across your devices. Another great feature is the Universal Clipboard with Clipboard History. This cloud-powered feature can sync your clipboard across devices, meaning you could copy on your PC and paste on another machine, including your mobile device, with the SwiftKey keyboard.
Lately, the number of employee-owned devices in companies has increased, and there exists a huge risk of inadvertent data loss through various apps and services. Windows Information Protection (WIP) helps to prevent a data breach, as well as accidental data loss on enterprise-owned and personal devices.
Firstline Workers roles often have very discrete tasks, and IT has sometimes been challenged to provide appropriately controlled desktop environments that keep staff focused by providing just the tools necessary for the role. Assigned Access Multi-App Shared Device mode is a capability in Windows 10 and when combined with Intune policies, can apply policies to devices. This means the device can deliver a customized shared device experience to certain users. There are many examples of where a multi-app shared device can be used, including the reception area, incoming goods, the customer service desk, and the staff room where a shared device is provided for shared access.
Single Application Shared Devices are often used in public, customer-facing situations, such as airport check-in kiosks, retail kiosks, dedicated factory machines, digital signs, and other single- task device scenarios. Firstline workers' roles are sometimes assigned access, so devices can be configured in the cloud with Intune policies to a single app.
Devices like kiosks and digital signs usually don't have user accounts associated with them. Often, organizations will have staff devices that need to only do one thing. These types of devices are often configured as digital signs or customer-facing kiosks. In an organization where staff do not require a PC to do their job, a company can choose to configure kiosks in the staff room that are locked down to a single application that they can use to do things like access their shift scheduling system or access their HR data.
This Single App Shared Device mode runs above the lock screen outside of the user context. The best practice is to make sure the app itself has a user login, if required. It should also have a timeout to log the user out if the app is going to present any confidential information. If an employee walks away, the kiosk browser session will time out in one minute and reset the session for the next kiosk user.
Windows 10 Pro is empowering for information workers, firstline workers, and kiosks, with devices that are designed for sharing, and with performance that's great for the life of the device. And they are simple, secure, familiar, and efficient.
2019-12-23