Voor moderne digitale devices, communicatie en data hebben bedrijven een platform nodig dat de basis levert voor een hoogwaardige digitale werkomgeving. Het juiste platform voor de digitale werkomgeving verhoogt de flexibiliteit en snelheid van IT, maakt het mogelijk om flexibel op veranderingen in het bedrijf te reageren, verhoogt uptime en verlaagt kosten. Lees meer op http://avana.de/1lnttCy
2. Foreword
Enterprises are accelerating their efforts to implement
technologies and tools that enable new and more powerful
ways to work, anywhere, any time, on any device.
Windows 10 is a platform with the features and capabilities
that more fully enable a high-performance digital workplace.
The platform encompasses a broad range of options for your
organization that will create more employee engagement,
increase workforce productivity and deliver more security and
self-service options.
What can Windows 10 bring to your business? Within this
booklet our experts highlights some of the new features. Do
not hesitate to contact us or one of our experts to learn more.
www.avanade.com/digitalworkplace
3. Index
Chapter
Working with Windows 10
• 10 reasons why Windows 10 matters to your
organisation
• Will you be able to do all your work from your
phone with Windows 10?
• Bringing holograms to life with Windows 10
(Holographic)
• Closing the gap between IT and your business
needs with Windows 10
• Microsoft is bridging the app gap with
Windows 10
• Windows 10 IoT: Platform for the internet of
things
• Windows Store for business: highly
customizable, flexible and useable for any
business!
Security
• Secure your identiry with Windows 10
• Windows 10, More secure than ever
• Windows Hello makes the future user- and
password friendly
• Windows 10: no worries about business
security and personal ease of use on one
device!
How to?
• Windows 10 Virtual Desktops
• Windows 10 brings all platforms together
Page
3
5
6
7
8
9
10
11
12
13
14
15
16
4. 3
Much has been said and written about Windows 10
and what it will offer. Most of the times these articles
are focused on the consumer features, leaving features
that matter for enterprises underexposed. As a CEO or
CMO, what opportunities can the next big Windows
release bring your business? Why would you care if
you’re a CTO and need to decide when to migrate all
users of your organization to a new OS? I’ll give you
10 reasons:
1. One Windows
Windows 10 is the convergence of the Windows
server, desktop, phone and gaming operating systems
into one. This means one single core that runs on all
kinds of devices and adapts to provide an optimized
experience. It allows for more flexibility and brings more
options to what a digital workplace looks like. A hybrid
like the Surface Pro is one on those examples and more
variations will follow. Your employees choose how they
want to work.
2. The Last Version Of Windows
Windows 10 is promised to be the last version of
Windows. Microsoft is committed to continuously
innovate Windows while making sure your critical
business applications continue to work. Always. For you
and your organization this may be a huge shift: you no
longer need to worry about exhausting and expensive
upgrades but instead focus on adding value to your
business.
3. Continuum
Continuum is what Microsoft calls the flexibility of the
Windows 10 platform to adapt to its context. When you
fold back the keyboard of the Surface, the experience
optimizes for tablet and touch usage. The touch area’s
become larger and apps continue to run full screen.
This intelligence is inherently built into the OS, which
means you can even connect your phone to a monitor,
keyboard and mouse and continue to use it as your
primary workstation.
4. Universal Apps
As the OS scales with the context in which it’s used,
the apps running on Windows 10 will be scaled as well.
Windows Universal Apps are applications that can run
on all devices, big and small. They support various input
options like touch, mouse, voice or gestures and adapt
their user interface to show more or less information
based on the size of the display and distance of the
user from the screen.
5. The Best of Windows 7 and Windows 8
Windows 10 combines the best of Windows 7 and 8. It
brings back the enterprise productivity features from
Windows 7, like the much requested Start Menu and
windowed applications, while remaining touch friendly
and flexible. It is even improved in each and every area.
6. Private Enterprise App Store
Distributing enterprise apps to your users and
contracted partners is a hassle that belongs to the
past thanks to the private app store that comes with
Windows 10. A private app store is a designated area
in the Windows store for your organization where
you can publish your organization’s apps. You control
access to your employees and contracted partners
through Active Directory and Microsoft accounts.
7. Cloud Active Directory
Windows 10 devices can directly connect to Azure
Active Directory. This removes the requirement for
enterprises to have an Active Directory on premise.
Users will be able to log on to Windows with Azure AD
accounts, and they’ll be able to mix both AD and Azure
AD together.
10 reasons why Windows 10 matters to
your organization
5. 4
8. Single Management Solution
With Windows 10 all corporate owned devices can
be managed by a single Mobile Device Management
(MDM) solution like Intune. With Windows 8 this used
to be only available for “Bring Your Own Device” BYOD
scenario’s. The new MDM additions include support for
managing devices that are shared by multiple users,
VPN and device-wipe capabilities, and Enterprise Data
Protection configuration.
9. Identity Protection and Access Control
Windows 10 comes with multi-factor authentication
built-in, thereby eliminating the need for additional
hardware security peripherals like tokens and
smartcards. This means that any device running
Windows 10 can be become one of the two factors
required for authentication. The other factor will
be a PIN or biometric, such as a
fingerprint.
10. Data Loss Prevention
The Data Loss Prevention solution separates corporate
and personal data on a device and protects it using
containment. This capability integrates with the
default user experience, enabling protection without
interfering with the user like other solutions do. Your
users continue with their work, while the system
makes sure no sensitive data leaks. This is done by
automatically encrypting corporate apps, data, e-mail,
website content and other sensitive information.
These are just 10 of the many reasons why Windows 10
should matter to your organization. What reason is the
most relevant to you and your organization?
Sander Schutten
Mobility Lead at Avanade
6. 5
Will you be able to do all your work from
your phone with Windows 10?
When you compare the computing power of new
smartphones with the average workstations that
people use at work, it appears these phones should
technically be powerful enough to run all applications
you would normally use at work including Microsoft
office, a web browser or most line of business
applications. In a lot of enterprises it is already
possible to access data from your companies premise
through mobile device management solutions and
there is a big movement of data being moved to the
cloud for example with Office 365.
So what prevents us from using our phone as a
workstation? The simple answer being that our
phones aren’t made for this purpose. They have small
screens and no input devices other than the touch
screen which isn’t really good for writing documents
or editing Excel spread sheets.
With Windows 10 Microsoft is going to change all
this with a feature called “Continuum”. All phones
running Windows 10 Mobile will be able to connect
to a screen (wireless via Miracast or wired through
USB-C) and connect the phone with a mouse and
keyboard. In addition they will be able to add
Hardware Apps built for Windows 10 that will run on
any device from phone to tablet, PC, Xbox or even
the HoloLens.
These universal Windows 10 apps will be able to
scale from small to large screens enabling you to
run applications like Excel on full screen, just like
you would see on your PC when you connect your
phone to a PC screen. Except that it now runs on
your smartphone. When you connect the phone to
a larger screen with Continuum you can even set the
touch screen of the phone to turn into a trackpad like
your laptop to control your mouse pointer.
When developing Windows 10 apps developers
have to take into mind that their application will be
able to run on several screen sizes so they have to
make their apps adapt to all these scenarios. Luckily
Microsoft added several new features for developers
to make these tasks easier.
Having a phone as your main workstation makes
offices with flexible workplaces a lot easier. Your data,
applications, settings and personal preferences are
always with you on your phone (or in the Cloud) and
you can work anywhere where there is a monitor,
mouse and keyboard.
What about you: will you be able work from your
phone, or would you still need a full workstation?
Geert van der Cruijsen
Senior Consultant Mobile Application Development at Avanade
7. 6
When Microsoft announced that Windows 10 is not just
being limited to desktop, laptop, tablet and phone, but
will be expanded to IOT (Internet of Things) devices,
they also introduced a complete new device running
on Windows 10: HoloLens.
HoloLens is a combination of Virtual Reality (VR) and
Augmented Reality (AR). With VR a virtual world is
created which replaces the ‘real’ world with the virtual
world. A good example of a VR device is the Oculus
Rift. When you put on the Oculus Rift VR glasses you’re
ready to start exploring a complete new virtual world.
AR is a more common form of interaction. We see it a
lot on television and smartphones with apps like Layar.
AR is adding an extra layer of information on top of
the real world. For example you can add a virtual world
record line on the pool during a swimming contest.
HoloLens combines the virtual world with the real
world and creates a mixed reality. The best thing about
HoloLens is that it goes beyond the screen and uses
your world as a canvas to project holograms, like
they are standing on a physical object. And they are
not projected statically, you can actually interact with
them. Resize the hologram, walk around it and interact
with it. All in real-time. HoloLens opens up thousands
of scenarios that previously where only imaginable in
movies.
The HoloLens doesn’t have a screen. Interaction with
holograms is therefore done with gestures, your voice
and your eyes. The HoloLens is able to ‘see’ what
you are looking at, and therefore it is useful as an
interaction method to select, or to point, at things in
the most natural way.
If you look at the HoloLens as a device, it looks like a pair
of giant sunglasses with a headband. The HoloLens is
packed with advanced sensors to capture information
about what you’re doing and the environment you’re
in. The high definition lenses are used to project the
holograms. At the heart of the device is the holographic
processing unit which is custom developed to process
all the data coming from the sensors in real time. And
all of this untethered and wireless, to give you the
maximum freedom to walk around and move freely.
From a development perspective there isn’t much
information available about the HoloLens. There also
aren’t many HoloLenses available for testing. What we
do know is that any Windows 10 app can run on the
HoloLens and that it can be projected somewhere in
the room. (We have seen some demos of Skype and
movie apps being projected on the wall)
Another point of attention is that the HoloLens
won’t be the only device being able to run Windows
10 Holographic. Any other vendor that builds a
holographic computing device (and complies with
the hardware requirements which are not available
right now) could run Windows 10 with holographic
capabilities on it.
There are still a lot of questions about HoloLens and
Windows 10 Holographic and how developers can
build apps for it. However, Microsoft is revealing
more and more information and I’m excited to see
that holograms are really coming to life and bringing
complete new interaction patterns. It is still unclear
which use cases are best for holograms, but it has
potential for various business cases to benefit from
hologram usage in multiple areas. Good candidates
for HoloLens areas are gaming, business, science
and education. On the HoloLens website are a few
business cases with real world partners that looks very
promising.
Christiaan Veeningen
Senior Consultant Application Development
at Avanade
Bringing holograms to life with Windows 10
(Holographic)
8. 7
The term Bring Your Own Device (BYOD) first entered
common use in 2009. The following years lots of
companies struggle to implement different BYOD
scenarios. On the one hand there’s the need for IT to
secure company devices to prevent data leakage, and
on the other hand business need to get things done
anywhere and on any device.
Windows 10 contains built-in features that enables the
platform for the next generation digital workplace.
Supported by Microsoft’s Enterprise Mobility Suite,
organizations can create a user centric strategy
while securing company data. Windows 10 can join
Azure Active Directory at the first boot of the device
and management is enabled automatically. After
the so called ‘Cloud Domain Join’ your devices and
applications are managed by Intune or a hybrid
solution where Configuration Manager is integrated
with Intune.
In order to enable employees to use their company
resources it is necessary they meet specific security
standards. Policies are enforced as soon as devices are
enrolled. By using conditional access you can prevent
access for devices that do not meet security standards.
Mobile Application Management (MAM) ensures
company data can only be accessed by managed
applications like Microsoft Outlook, Microsoft Word
or your own line-of-business applications. MAM isn’t
available for Windows 10 yet, but likely it will be later
this year. I received a message on Twitter that MAM
might become available when Windows 10 Mobile is
launched.
These features make it possible for employees to enroll
their private or company owned devices without the
need for being in the office. It will also enable them to
work anywhere on any device while IT organizations are
ensured of secured devices with protected company
data. It is good we can secure all Windows 10 devices
with just one set of policies knowing that Windows 10
will be shipped with desktops, laptops, tablets, phones
and even IoT devices.
Please be aware that support for the new and existing
features of Windows 10 are still under development.
Intune will be updated in monthly service update
releases where System Center Configuration Manager
2016 will be generally available in Q4 2015. Can’t wait
to see what’s new? A 60-day evaluation of the System
Center 2016 Technical Preview 2 is available on Technet
Evaluation Center.
Closing the gap between IT and your
business needs with Windows 10
Danny de Vries
Senior Consultant Infrastructure Services at Avanade
9. 8
A commonly heard downside of the mobile Windows
ecosystem is that the Windows store does not have
the same amount of apps compared to the Apple
app store or the Google Play store. Since the release
of Windows Phone 7 in 2010 Microsoft is struggling
to even the score with their 2 competitors. Fact is the
Windows Phone market share isn’t as high (though
it’s still increasing) as the iOS and Android market.
Therefore people that build apps are less interested
in investing in apps for this platform. This causes a
lower market share of Windows Phone because of the
availability of these apps.
As you can see these 2 issues have a relation to each
other and with Windows 10 Microsoft has found a
solution to solve this dilemma. Windows 10 makes it
super easy for Android and iOS app developers to also
publish their apps to Windows. Microsoft calls these
projects “app bridges” and has made 4 of them to
make it easier for everyone to publish iOS and Android
apps into the Windows store. Next to iOS and Android,
Microsoft is also looking into adding Web applications
to the Windows store, together with the possibility
to add desktop apps made with .Net and Win32 for
people to download and install.
These new app bridges are still in development and
some are open for preview, but for now it seems
Android apps should be able to run without changing
anything to their code. iOS apps only need to recompile
their app for Windows and Microsoft is also making it
possible to add Windows specific features such as live
tiles and push notifications, using the tools developers
are used building Android or iOS apps.
With web apps getting improved, Project Westminster
promises lots of potential as well and it gives web app
builders a lot of features to make their web app feel
like a native app. With simple additions using Javascript
you can also have live tiles, push notifications and other
Windows app specific features in your web app making
the web app feel more native to the OS.
Microsoft is still using code names for the app bridges.
Below are all links to the 4 app bridges that will be
available in Windows 10:
• “Project Astoria” enables developers to
bring their Android code to Windows
• “Project Centennial” for classic Windows
platform code (e.g., .NET, Win32, etc.)
• “Project Islandwood” allows developers
to bring their iOS code to the Universal
Windows Platform
• “Project Westminster” enables
developers to bring their website to the
Windows Store.
I think it’s a smart choice that Microsoft enables these
bridges to fill the Windows App Store even more. By
increasing the numbers of apps in the Windows app
store Microsoft will finally be able compete with iOS
and Android on an App numbers level so one of the
biggest downsides of the Mobile Windows ecosystem
can be removed shortly.
Microsoft is bridging the app gap with
Windows 10
Geert van der Cruijsen
Senior Consultant Mobile application development
at Avanade
10. 9
The Internet of Things (IoT): one of the biggest IT
trends that businesses and enterprises are investing
in at the moment. Connected devices and big data
coming in from a large range of sensors is becoming
essential to outsmart competitors or to keep improving
your business processes. Windows 10 IoT can be the
platform to build your IoT solutions. It doesn’t matter if
you are a large enterprise or a maker in your garage:
Windows 10 IoT can run on devices you have.
Last week Microsoft released the first final release of
Windows 10 IoT which is the Windows 10 version that
can run on devices such as the Raspberry pi or other
industry ready devices that are built into things like
ATMs or are powering warehouses.
Windows 10 IoT can run applications that are built
using the same technology stack as the apps running
on your tablet and phone which makes it really easy for
developers that start building IoT apps because they
can just use the C# skills they already have.
The number of devices building up the Internet of
Things is growing rapidly, predictions range from 20
to 50 Billion devices connected by 2020. Microsoft
is ready for this rapid growth with Windows 10 IoT
running on these devices. Azure can connect all these
devices together and makes it possible to store and use
of all the data these devices gather.
Windows 10 IoT for Businesses
Microsoft has been empowering devices for 20
years with several versions of the Windows platform
for embedded devices. Windows 10 as a platform is
running on all sorts of devices from tablets, pc, Xbox,
phone and now small IoT devices as well. Microsoft will
release three versions of Windows 10 IoT: one for small
devices without a shell such as the Raspberry Pi and
also two other versions that contain a shell for mobile
devices such as industrial scanners and desktop like
devices such as ATMs.
All apps built for Windows 10 IoT can be build using the
Universal Windows app platform that developers also
use for building mobile or tablet apps. The apps should
even be able to run on these small devices because
they all use the same Windows 10 core.
Windows 10 IoT for Makers
People automating things in their home as a hobby
is becoming more and more popular. These “Makers”
can start building apps that control their lights, doors,
alarms, coffee maker, robots or other things in and
around there house if they have some basic C#
programming skills and a Raspberry Pi 2 worth 35$.
Microsoft has created lots of samples for people who
like to become a “Maker” on
https://dev.windows.com/en-us/iot
I’ve tried it for myself and it’s really fun to build a simple
app within a couple of hours that can do various things
with sensors, lights, switches and motors. It’s also a
great fun way for students to build fun projects.
“Every Company is a data company”
I think Microsoft was smart to jump into the IoT space
with Windows 10 and combining it with the power of
Azure to connect these Things on the internet. This
gives them an important position in the IoT World.
In the next couple of years you will see things change
because of the Internet of Things. Data that is currently
unavailable will become priceless for cases such as
predictive maintenance or improving production,
sales or any other process. This article on a blog from
Microsoft gives a great example on “Connected Cows”
to give you an idea of where we are going. What kind
of solutions can you think of that will improve your
business by using sensors, data and the IoT?
Windows 10 IoT: Platform for the Internet
of Things
Windows 10 IoT
Geert van der Cruijsen
Senior Consultant mobile
application development at
Avanade
11. 10
Microsoft introduced the Windows Store upon the
release of Windows 8. It provides easy access to
multiple applications (apps). One limitation was that
these apps could only run in full-screen mode with
limited interaction with ‘desktop apps’. Windows
changes it all for the better. Now in Windows 10 the
Windows Store apps can run on the desktop and
alongside ‘desktop apps’. And there is more!
Windows 10 will deliver one Windows Store for all
Windows devices, making it easier for developers to
create one universal app to be used on phone, tablet
and PC form factors. Users will have the same great
experience regardless of their form factor of choice.
Control and flexibility for any business
Large companies tend to aim for control of applications
which can be installed on their computers. The
increased control and flexibility in the Windows Store
for Business lets administrators acquire applications via
a web-based Store Portal and publish these apps in
the Business Store. Installation of a published app is as
simple as clicking a link in a customizable email or by
browsing the Windows Store. And, best of all, there is
no longer a requirement to use a Microsoft account.
This makes management and control so much easier.
Interaction with System Center Configuration Manager
(SCCM), Intune and third-party Mobile Device
Management (MDM) solutions allow businesses to
manage the installation of apps, updates, licensing
and the ability to automatically install apps from an on-
premises-based server.
Smaller companies usually do not have the
infrastructure to create and maintain a private
company portal. For these companies it will be easier
than ever to control and manage their apps using
their own private section within the Windows Store.
This private section can deploy apps that have been
acquired through the Store Portal or apps selected
by their administrator from the Windows Store. Even
specific custom line of business apps can be added to
the private section of the Windows Store for controlled
distribution to employees.
As a key component of enterprise mobility, the new
Business Store enables IT departments to customize
the Windows Store and better manage the delivery of
apps to users throughout their organization.
Windows Store for Business: highly
customizable, flexible and useable for any
business!
Ralph Blokpoel
Microsoft Infrastructure Consultant at Avanade
12. 11
You probably have heard many news reports
recently about stolen credentials by hackers and the
consequences this has for businesses. There are many
ways to get access to account information; from an
employee using a simple password which can be easily
guessed or found with dictionary attacks to more
sophisticated techniques like pass the hash.
With Windows 10, Microsoft helps organisations to
protect their corporate data with features like Windows
Hello and Microsoft Passport. With Windows Hello you
can login with fingerprint, iris scan or face recognition
which is more secure than a password. There will be
no need any more to remember passwords, which
simplifies the process for users.
Furthermore, Microsoft Passport is integrated to enable
multifactor authentication (MFA) and authentication
to various services on premises and in the cloud,
without sending a password over the wire. Microsoft
Passport makes it easy to have 2 or more factors for
authentication where you will need a registered device
and your unlock code/gesture (like fingerprint) to get
access to your corporate services.
How does it work?
To create a Microsoft Passport you can take any device
with Windows 10. The first time you logon to Azure/
Active Directory*, you need to register your device to
make sure the device is owned by you. You can do
this by logging in with an Azure/AD account and for
example a phone call for Multi factor authentication.
After a successful authentication to Azure your device
will create a private and public key pair and will be
marked as a valid device for accessing the corporate
data. The private key will be saved in the hardware TPM
chip on your device and the public key will be saved
in Azure or local Active Directory. If you don’t have a
TMP chip available in your device it is still possible to
use Microsoft Passport, but this is less secure. Besides
creating the private and public key you need to choose
a way to unlock your device/Microsoft Passport. This
can be decided by your company as a policy or you
can choose for the Windows Hello features like iris scan
or a PIN.
To use Microsoft Passport you need to go your service
where you want to login. Your device will initiate the
authentication process and you will be asked to use
your gesture that will unlock the TPM chip and send
an authentication request to Azure/local AD. This
authentication request is without any username or
password. Azure will send the device a “nonce” which
is a onetime used number, the nonce will be signed
by the private key on your device and send back to
Azure. Azure will compare this with your saved public
key in Azure and if this is verified you will receive your
authentication token to login.
The main advantage in using Microsoft Passport is
that if someone steels your password or PIN they still
cannot access any corporate service without steeling
your device. If someone steels your device too, you can
easily block the device in Azure so trying to authenticate
with the device will fail. If your device is managed by a
Mobile Device Management solution the device can be
wiped as well. In my opinion this is the next generation
login which is highly secure and easy to use.
*At the moment of writing it is not yet possible to use
Windows Server AD for Microsoft Passport. Support
will come later when Windows Server 2016 is released.
Secure your identity with Windows 10
Nils van Woensel
Microsoft Infrastructure Senior Analyst at Avanade
13. 12
Windows 10, more secure than ever
In the last couple of years lots of the Fortune 500
were infiltrated and had their data stolen, while the
breaches remained undetected. Data leaks also
happen from within, through their own employees.
Stroz Friedberg* reports that 58% of senior managers
have accidentally sent sensitive information to the
wrong person. To prevent this from happening,
Microsoft has improved Windows 10 with various
new security features, focusing on 4 major subjects.
Secure Devices
Microsoft tightens the screws with Windows 10 by
giving manufactures a choice to remove the option to
disable EUFI secure boot, while enabling secure boot
for Windows mobile devices. As a result the devices
can only be run by an approved and assigned OS by
Microsoft.
Secured Identities
Windows Hello replaces weak password protection
with biometric authentication by face recognition,
iris scan or fingerprint. Microsoft Passport creates
a unique asymmetrical key that Windows 10 can
generate, and stores this in the Trusted Platform
Module (TPM). Your device will then be used as a
virtual smartcard, instead of using expensive PKI
infrastructure. This ensures a two factor authentication
where your device is the tangible factor and the pin
something you know. Microsoft Passport integrates
with other services and platforms, and logs you on
without passwords being sent over the wire.
Threat Resistance
With Device Guard you are better protected against
Advanced Persistent Threats. According to the
Windows Defender Team 96% of malware is unsinged
software. Device Guard checks the code integrity of
the software using kernel mode code integrity in a
virtual secure environment which is powered by
Hyper-V and isolated from the Operating System.
Even with a compromised system you cannot run
unsigned software. Next to that your user access
tokens will be saved in the secure environment as
well, preventing attacker techniques such as ‘Pass
the Hash’ attacks. With these attacks the attacker
has access to resources by impersonating the user’s
identity without the need to know the user’s actual
credentials.
Information protection
Enterprise Data Protection is a default feature in
Windows 10 enabling containerization techniques
that separates corporate data and your personal
data, even within the same folder on your device.
Your corporate documents will be automatically
encrypted and on top of that you can enable
Microsoft RMS with sharing protection to securely
share your corporate data. The encryption and rights
travel with the storage system, so copying corporate
data to USB or external cloud services like Dropbox
won’t compromise the encryption.
The improved security features that come with
Windows 10 are easy to use and ensures optimal
protection of your assets. I would definitely
recommend using them in this mobile first, cloud first
world.
Nils van Woensel
Microsoft Infrastructure Senior Analyst at Avanade
14. 13
Being online has become embedded in our lives,
checking e-mails, buying from online stores and
sharing our thoughts on social media. Each service
requiring different credentials with its own complexity
requirements and retention settings.
For the average user, estimated to have 19 passwords[1]
, you can guess there is a challenge as users re-use (a
set of) credentials at multiple services, users write down
lists of credentials and use weak(er) passwords that
allow them to remember them easily.
So, how can we enable any user to safely use the
servicesathandwithouttheriskofbeingcompromised?
Microsoft has incorporated some technologies in
Windows 10, to make things more secure without
losing sight of the user.
Bye Password…
After installing Windows 10 on his machine and logging
in with his Microsoft Account, the user is encouraged
to create a PIN to access his device. As this PIN can
only be used by one user to log into one machine
Microsoft argues this is a safer practice over entering
your password. The PIN provides a more user-friendly
experience and is easily to remember for the user, but
what if you could just login by looking at your machine?
…Hi Windows Hello!
Windows Hello is a biometric framework embedded in
Windows 10 that allows the system to use biometric
information of a user to login to the machine and
supporting (web) services. As with the PIN example
above, the combination of one machine and you,
identified with a biometric attribute, will provide access.
If you have a fingerprint reader and Windows 10
installed, you can already start using Windows Hello.
In my tests I was able to login using my fingerprint,
not ground breaking, but being able to do so without
requiring 3rd party software and a challenging setup.
This easy way of working suggests quick adoption
could be on its way.
The most interesting option is the one to login by just
looking at your machine. Windows 10 supports this
method of authentication but does require specific
hardware to allow a user to do so. Intel has developed
their RealSense 3D camera, which fully supports
Windows Hello. This camera uses infra-red and laser
technology to create a 3D image of your face. Login
in by using a printed picture of your face won’t work.
To know which devices have such a camera you can
check: devices with Intel RealSense.
What about… Microsoft Passport?
With Microsoft project ‘Passport’, combined with
Windows Hello, users will be able to access / sign-in
onto their favourite websites using their PIN, face, iris or
fingerprint. Looking at the enterprise, Active Directory
and Azure AD will support Microsoft Passport. My
colleague Nils van Woensel wrote a blog about it:
https://www.linkedin.com/pulse/secure-your-identity-
windows-10-nils-van-woensel
The future looks user- and password friendly. Hello
future! Hello Windows Hello!
Windows Hello makes the future user- and
password friendly
Maarten Smid
15. 14
In the digital world where bring your own device,
working from home and the need of sharing data
is growing, data security becomes more and more
important. In the past all data was stored within the
company’s walls and only accessible at the company.
Nowadays employees demand that data is accessible
everywhere so they can read their mail, create
documents and check financial information on every
device. If not supported by IT, employees will find
their own solution. Stroz Friedberg reports that 87%
of senior managers regularly upload work files to
personal email or cloud account.
New features in Windows 10, Enterprise Data
Protection (EDP) and Data Loss Prevention (DLP),
enable you to separate corporate data and personal
data, even within the same folder on your device. In
most 3rd party solutions you need to switch between
personal and corporate mode or use different apps like
one e-mail app for corporate and one for personal use.
With Windows 10 data is just secure without the need to
change your behavior to work. With company policies
you can set which apps and locations are corporate
so your documents, e-mails and other sensitive
information will automatically tagged as “corporate”
and will be encrypted. Your personal data will remain
unencrypted and you can do whatever you want with
these documents. When creating a new document you
can choose whether the document is corporate related
or personal. If your phone is stolen, the corporate data
is encrypted and it is not possible to read the data.
Data between corporate apps can be shared easily on
the same device and can be blocked to copy to non-
corporate apps like Twitter. This can all be arranged
from a Mobile Device Management solution (MDM)
like Microsoft Intune. Audit policies can be used as well.
In that case users get a prompt that they are copying
corporate data to non-corporate apps. The action will
be logged on the main system so a security officer can
monitor which corporate data is shared.
On top of that you can enable Microsoft Rights
Management Services (RMS)* with sharing protection
to share your corporate data securely. The encryption
and security rights travel with the storage system,
so copying corporate data to USB or external
cloud services like Dropbox won’t compromise the
encryption. You can choose who has access to the
data, which permissions they get and when the
access will expire. You can even track who is accessing
the document. You can easily delete permissions
afterwards even if the mail with a RMS protected file
has been sent. Because it is now known which files and
apps are corporate, selected wipes of your device can
be used with Intune or 3rd party solutions.
Stop compromising between business security and
personal ease of use. Start taking advantage of using
Windows 10. Life can be much easier with the right
tools.
*A separate license is needed to use the RMS cloud
service
Windows 10: no worries about business
security and personal ease of use on one
device!
Nils van Woensel
Sr. Infrastructure Analyst at Avanade
16. 15
Windows 10 Virtual Desktops
Microsoft is dedicated to bring the best user
experience possible with Windows 10: more personal
computing, mobility of the experience across
windows devices and natural interactions with all
Windows devices. One of my personal favorites is
Windows virtual desktops.
Virtual desktops provides for more space to group
related windows per desktop and it makes organizing
your work easier. The virtual desktops feature in
Windows 10 is called ‘Task View’ and is located
on the Taskbar. Just click the Task View button on
the taskbar and click the ‘New Desktop’ button. Of
course you can also use the various shortcuts to
manage your desktops:
• WIN + CTRL+D:
Create a new desktop
• WIN + CTRL + F4:
Close the current desktop
• WIN + CTRL + LEFT/RIGHT:
Switch to previous or next desktop
• WIN + TAB:
Launch task view
One feature which was requested by insiders
who tested the Windows 10 Preview is
‘Drag and Drop’ to move windows between virtual
desktops. Microsoft added this feature which helps
to organize your desktops as you go. You can even
drag a thumbnail to the ‘New Desktop’ button to
create and move it to a new desktop in one step.
Windows 10 indicates when a program is open
on another desktop by putting a line under that
program’s icon on the Taskbar. Clicking the icon
not only activates the program, but also launches
the desktop on which it is open. To view on which
desktop your application is located use WIN + TAB
to open the task view. There you can hover over the
desktop to get a thumbnail preview of the opened
programs on that desktop.
Windows virtual desktop makes life less complicated
by enabling you to work smarter, clearer and more
efficient. Whatever your preference, organizing your
work was never easier!
Ralph Blokpoel
Microsoft Infrastructure Consultant at Avanade
17. 16
As the first, Microsoft brings all possible platforms
together with their newest version of Windows. This
development started already in Windows 8.1, where
Microsoft introduced Universal Windows 8 apps
on BUILD2014. With the Universal Windows apps
developers can target both Windows Store and
Windows Phone with a shared code base.
Universal Windows Platform (UWP) apps for
all Windows 10 Devices
With the introduction of Windows 10, Microsoft took
the universal apps development even further by
introducing the Universal Windows Platform (UWP)
apps which makes it possible to create one application
that runs on every Windows 10 powered device.
Windows 10 introduces three new form factors to the
platform, IoT, HoloLens and Surface Hub. The Xbox
One, which already made use of Windows Kernel, does
now also have the ability to run UWP apps.
But how can all these different devices families, with
a large variety of hardware configurations, deliver the
same kind of experience to your users? Taking into
account a number of different screen sizes and pixel
densities or even processing power or input modalities.
In the Universal Windows Platform, Microsoft
introduced a number of new techniques. These
techniques are part of the UWP design basics. To
enable UWP apps to run on every Windows 10 device
Microsoft created a number of adaptive UI controls
and new layout panels to help tailor the UI across a
broad range of screen resolutions.
These adaptive UI controls use a number of
design basics, like “Effective Pixels Design”, “Design
BreakPoints” and “Responsive Design Techniques”.
Effective Pixels Design
Every screen has a specific size and the number of
pixels available defines the pixel density of a screen.
With scaling techniques Microsoft enabled the platform
to automatically scale the UI on every device.
When designing a UWP application you need to take
into account that you aren’t designing the app for
physical pixels but “effective pixels”. This enables you
to focus on the actual perceived size of an UI element.
For example, when you design a 1” by 1” element that
will appear approximately at 1” on all devices, but what
actually happens is that the element is 200 by 200
physical pixels on a large high density screen, while
on a smaller devices like a phone, it might be 150 by
150 physical pixels. In the image below is the example
shown.
By designing the application using effective pixels
makes the number of screen sizes and densities where
you have to account for much easier.
Design Breakpoints
When you start to think about designing an application
for the variety of devices and form factors across the
Windows 10 ecosystem it can be quite overwhelming.
In responsive design, breakpoints are used to scale,
rearrange or to hide certain elements in the UI.
This common technique is used frequently in web
development.
Microsoft recommends to design the application for a
number of key widths, or so called Breakpoints. The
adaptive UI controls utilize these breakpoints to apply
the different responsive design techniques.
In the graphic below are the three Breakpoints shown
that Microsoft recommends when designing your app.
These breakpoints also use effective pixels to adapt the
UI when a certain width or height is detected.
Windows 10 brings all platforms together
18. 17
Now we seen two techniques to enable you to apply
the responsive design techniques, for an adaptive UI.
Responsive Design Techniques
Another important part in the Window 10 Design
Basics are the responsive design techniques. Microsoft
defined six different techniques for developers to use
when scaling and adapting the UI.
Reposition
You can alter the location and position of UI elements
in your app to get the most out of each device.
Dependent on the screen size it is possible to reposition
UI panels.
Resize
In this example you can optimize the bounds of a UI
element by adjusting the margins and size.
Reflow
By changing the flow of UI elements based on device
and orientation, your app can offer an optimal display
of content. For instance, when going to a larger screen,
it might make sense to switch larger containers, add
columns and generate list items in a different way.
Reveal
You can reveal UI elements based on breakpoints
in place. Using this technique it is possible to enable
additional functionality.
Replace
When the controls on a larger device don’t make sense
it is possible to replace the UI elements for different
ones to optimize the experience for the user.
19. 18
Re-architect
You can collapse or fork the architecture of your app to
better target specific devices. The example above uses
a master detail page. On a larger device it makes sense
to display the records and the details on one screen. In
this case it makes sense when using a smaller device, it
divides the UI in separate screens.
More guidelines and design basics can be found at
the Window Dev Center.As of now these techniques
are available for developers to use while creating UWP
apps. Making it easy to create great application with a
similar experience across different devices.
• Design Basics - Windows 10
• Responsive design 101 - Windows 10
There is more to come on the October 2015 event on
October 6.
During this event Microsoft will share some exciting
news about the new Windows 10 devices lineup. Add it
to your calender if you don’t want to miss this:
http://www.microsoft.com/october2015event/en-us
Auteur lijst
Geert van der Cruijsen
Ralph Blokpoel
Nils van Woensel
Christiaan Veeningen
Danny de Vries
Sander Schutten
Maarten Smid
Stefan van den Braak
Stefan van den Braak
Senior Analyst Solution Development at
Avanade