Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hybrid solutions


Published on

Cloud services have become firmly established in the working day of many companies. Almost everywhere, initiatives or projects are in progress that deal with the workplace of the future. Windows 10, Intune and Azure Active Directory open up new opportunities for cloud-based management, authentication, and administration. Scenarios such as BYOD and COPE let companies think about how users access business resources and apps.

Published in: Technology
  • Be the first to comment

Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hybrid solutions

  1. 1. Windows 10 and the cloud - Why the future needs hybrid solutions Alexander Benoit Head of Competence Center Microsoft @sepago @ITPirate
  2. 2. Alexander Benoit Senior Consultant / Head of Competence Center Microsoft „Future Workplace“, Security SCCM, Intune, Windows 10, Defender Framework,… @ITPirate
  3. 3. What forces the enterprise: Business Technology Security
  4. 4. Mobile-first, cloud-first reality Data breaches 63% of confirmed data breaches involve weak, default, or stolen passwords. 63% 0.6% IT budget growth Gartner predicts global IT spend will grow only 0.6% in 2016. Shadow IT More than 80 percent of employees admit to using non-approved software as a service (SaaS) applications in their jobs. 80%
  5. 5. The current reality
  6. 6. & Single Device Business Owned Corporate Network & Legacy Apps Manual Reactive High-touch Classic IT Multiple Devices User and Business Owned Cloud Managed & SaaS Apps Automated Proactive Self-Service Modern IT vs.
  7. 7. WINDOWS 10: DEPLOYMENT CHOICES Transform new devices so they are ready for productive use No imaging required: Lower effort and lower cost Existing Windows 7 and 8.1 devices migrated to Windows 10 Let Windows do all the work, automatically migrating apps, data, and settings Image-based wipe-and-reload approach for moving from Windows 7 and 8.1 to Windows 10 Higher effort and cost, but necessary in some scenarios
  9. 9. Technology
  10. 10. Hardware Vendor Harvest Device IDs Windows AutoPilot Deployment Service Upload Device IDs Configure Profile Employee unboxes device, self-deploys Ship Deliver direct to Employee Self Deploy IT Admin Existing Devices INTRODUCING THE WINDOWS AUTOPILOT DEPLOYMENT PROGRAM Device IDs
  11. 11. Windows AutoPilot Demo
  12. 12. Windows AutoPilot Configuration
  13. 13. Windows AutoPilot Configuration
  14. 14. Windows AutoPilot Configuration
  15. 15. Windows AutoPilot Configuration
  16. 16. Windows AutoPilot Configuration
  17. 17. Windows AutoPilot Configuration
  18. 18. Windows AutoPilot Configuration
  19. 19. Windows AutoPilot Configuration
  20. 20. Windows AutoPilot Configuration
  21. 21. Windows Update for Business • All devices updated from Windows Update cloud service • Additional policies allow for deferral of updates, control over Active Hours, etc. • Compliance reporting provided through Windows Analytics Mobile Device Management • Performs most of the configuration work: • Applying settings • Installing apps • Get in touch with Intune! AutoPilot Azure AD Intune WU for Business Modern Deployment requires changes
  22. 22. Modern Deployment: Provisioning Packages
  23. 23. Security
  24. 24. Conditional Access
  25. 25. O365 Installation
  26. 26. On-Premises Cloud Windows 10 Enterprise Device Windows 10 Management Stack & Supporting Technologies MDM Client MSI Group Policy Client Azure AD Join Microsoft Deployment Toolkit System Center Configuration Manager App-V Domain Join Group Policy User Experience Virtualization Enterprise State Roaming User & Device Settings Application System Center Configuration Manager Company Portal Software Center XenApp Essentials UWA Group Policy Active Directory System Center Configuration Manager Microsoft Intune Azure Active Directory Windows Store Windows Store for Business Intune Company Portal App Operating System UE-V Client Exchange ActiveSync Workgroup User Policy Computer Policy AppLocker Microsoft Desktop Optimization Pack Work Account OSD
  27. 27. Identity as the core of enterprise mobility Single sign-onSelf-service Simple connection On-premises Other directories Windows Server Active Directory SaaSAzure Public cloud Cloud Microsoft Azure Active Directory
  28. 28. Identity Choices Computer joins AD to establish trust User signs on using AD account Group Policy + System Center Computer registers with AD or Azure AD via Device Registration to establish trust for remote resource access User signs in with a Microsoft account, associates an Azure AD account Microsoft Intune / Mobile Device Management Computer joins Azure AD to establish trust User signs on using Azure AD account Intune/MDM Settings roaming Single sign-on to enterprise + cloud-based services Organization Owned Personally Owned (BYOD) Azure VM joins AADDS to establish trust User signs on using AD or AAD account Limited Group Policy Configuration
  29. 29. Secure Identity: solution overview On-premises and private cloud Enabling users (Active Directory) Federation Services SaaS apps Custom appsWindows Server Active Directory Other apps Core Identity Management HR Other Directories Sync OtherDirectories RBAC, ABAC, B2B, B2C, Reporting, MFA, IDManagement, Conditional Access, Risk Reporting