Earlier this week, Microsoft outlined some of its security enhancements for Windows 10 business customers, which it plans to introduce with the Fall Creators Update in the next few months. Today, the company announced improvements and additions on the way to its management and deployment tools as part of that update too.
"Our goal with Windows 10 has always been to modernize the way IT interacts with Windows devices," Microsoft's Rob Lefferts said today, "adopting simpler and easier approaches that leverage cloud-based services and help employees be more productive with Windows 10, Office 365 ProPlus and Microsoft Enterprise Mobility + Security (EMS)."
Microsoft announced a new suite of cloud-based services, known as Windows AutoPilot, to make deployment and management of Windows 10 PCs quicker and easier.
"Imagine being able to take a new device out of the box and with just a few clicks fully configuring it for productive use," Lefferts said. "No more images to create and maintain, no infrastructure to manage, and a simple process. Now imagine that any member of the organization can easily setup a new device without needing any IT assistance."
Windows AutoPilot Deployment is a new cloud service announced today, which will enable admins to create a 'cloud configuration' for the Windows 10 out-of-box setup experience for new machines. It works alongside existing Azure Active Directory and Intune MDM services, "enabling a new PC to be easily transformed into a business-ready device: joined to Azure Active Directory, enrolled in Intune, transformed to Windows 10 Enterprise, settings applied, Office 365 apps and line-of-business apps installed."
The video below offers an overview of this process in action:
Microsoft is also planning to roll out the Windows AutoPilot Deployment Program "to enable OEMs, distributors, and resellers to link devices to an organization." The firm's Surface team will pilot this program this summer with select partners, and the company will announce details of wider availability in the next few months.
You can get a further overview of Windows AutoPilot deployment in this video from Microsoft Mechanics:
Microsoft also shared details of more Windows AutoPilot features coming in the Fall Creators Update:
- Windows AutoPilot Reset – a new reset mechanism to reset a fully configured device while maintaining MDM management and AAD connection state and automatically get the device back into a fully configured state.
- Enhanced Personalization with Windows AutoPilot Deployment – ability to pre-assign a device to a specific employee in the organization via cloud-configuration.
- Self Service Active Directory domain join – self-service deployment to get new Windows 10 devices into Active Directory domain joined state along with Microsoft Intune enrollment.
The Fall Creators Update will introduce additional security management features too, as Microsoft explained:
You will be able to deploy and configure Windows Defender Application Guard, as well as configuring security baseline settings (such as account and logon policies), to make it easy to use recommended security settings on MDM-managed enterprise devices. We’ve also added the capability to configure Windows Firewall rules.
Other additions include:
- New progress screen to show how the device provisioning process is going, and when the device will be "ready to go". Employees will also be able to see the on-device information being managed by their organization
MDM support for Active Directory domain-joined devices
New kiosk configuration and management features, "supporting new multi-app scenarios and greatly simplified lockdown configurations"
Microsoft is also making a further addition to its Windows Analytics suite. "Device Health functionality is designed to ensure employees have the best possible experience with Windows 10," Lefferts explained. "To achieve that goal, it helps identify issues that could affect a person’s experience, before they may even notice, while also identifying steps needed to resolve those issues proactively. This reduces helpdesk calls and support costs, saving time and money."
The first Device Health features will soon be available in preview, with general availability planned for later this year.
Source: Windows Blog