News Stay informed about the latest enterprise technology news and product updates.

Thurrott Tantalizes with Interesting Intimations about MS Intune Revision

In reading a recent (11/6/2012) posting from Paul Thurrott entitled “Taking Surface to Work” I stumbled across an incredibly interesting and tantalizing set of suggestions about what an upcoming planned revision to Microsoft’s Intune cloud-based PC and device management service could mean for enterprises interesting in centralized management and security for PCs and a variety of mobile devices, including Windows 8 RT and Windows 8 Phone devices. Let me begin with an extended quote from his blog post:

Surface comes with the same desktop-based Remote Desktop Connection (RDC) you know and love from Windows 7 and Windows 8, and it works the same way, allowing you to access remote PCs and servers through RDP. (There’s a Metro version too, if you’re all in on the new stuff.) It’s also compatible with RemoteApp, meaning that you can stream individual apps from servers to the Windows RT desktop, just as you do with normal Windows versions. So that’s all good.

For now, Surface can be managed only using Exchange ActiveSync (EAS). That is, it can’t connect to a domain and be managed with Group Policy. EAS is actually pretty good: You can configure PIN and password policies, do remote wipe, and so on. But if you’re familiar with the granularity of Group Policy, you know you can do a lot more to lock down true Windows clients. And although Windows RT (and thus Surface) can’t partake in that, change is coming.

Soon, Microsoft will ship a revision to its Windows Intune cloud-based PC and device management service. And although the firm hasn’t talked too much about this update, it will include Microsoft’s implementation of the Open Management Interface (OMI), which, put simply, offers more granular management capabilities than does EAS. This will make Surface (and all RT devices) far more manageable than other mobile devices based on Android or iOS. (Yes, Windows Phone 8 will use this management infrastructure, too.) [Italic emphasis mine]

I can’t say much about OMI yet, but I’ll note that it makes a ton of sense to use a cloud-based service to manage devices that are never going to be connecting to your on-premises infrastructure anyway. It makes so much sense that my understanding is that this capability will never, in fact, be added to System Center. Instead, I believe that System Center licensees will get — free or inexpensively — the right to use Intune for this purpose, too.

What this means is that MS understands full well that enterprises simply won’t use RT unless it can be managed rationally–which is to say centrally, using standard existing tools and platforms, with a rich and varied enough set of controls to ensure proper security, data and loss protection, and ways to mitigate potential loss or theft of IP and confidential information. The new revision to Intune is supposed to deliver just that, and should make Surface much easier for enterprises to set up, deploy, manage, and control — all of which should also make Surface much easier for such organizations to adopt and accommodate.

This is the first strong evidence I’ve seen that Microsoft is taking the long view in making Windows 8 an attractive option for enterprise class organizations and their users. They know that most of these kinds of adopters will wait a year or two before adopting the platform anyway. It looks like MS is doing due diligence to make sure that when enterprises are ready to start entertaining the idea of migrating to Windows 8,  they will find it attractive. Thus, the mobile device options that Windows 8 offers will not only be appealing to their user communities, but also fit nicely into a vision of device and security management that, according to ITIL and other business process methodologies, represents the “right way” to deploy and manage technology within a modern organization. Veeeeeeeeeeeery interesting!

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.