You used to see it anywhere business workers congregated: the BlackBerry. Some of them are still out there -- secure messaging devices that can be centrally managed; the heart of the business mobile fleet. But the day of the BlackBerry is over and something new is needed -- a mobile operating system that is built for work as well as personal use.
Microsoft's latest phone OS is trying to make a play for the enterprise high ground, with a mix of its Windows 10 Mobile platform, a new application development model and a suite of business-focused cloud services. But how well does it fit the needs of today's companies?
Enterprise license: Manage phones and deliver your own apps
To start with, there's one key feature that differentiates Windows 10 Mobile from other mobile operating systems: The ability to unlock a series of additional enterprise functions when connected to an Enterprise Mobility Management (EMM) suite. Microsoft recently made available an XML file which converts the standard version of Windows 10 Mobile into Windows 10 Mobile Enterprise when deployed onto a device. There's no need to install a new OS --just deliver the file, reboot and you're ready to go.
The app store model used by most mobile platforms makes it hard to deploy and manage a company's internal applications on mobile devices. If you're using an EMM solution, then you should be able to sideload internal apps -- either your own code or volume-licensed applications -- onto managed devices. Unlocking Windows 10 Mobile's Enterprise features allows you to install an unlimited number of self-signed applications on managed devices (as opposed to a limit of 20 on consumer devices).
Removing limits sounds good, but then there's the question of just how many corporately licensed apps you'll be installing on your users' mobile devices. In practice, users will likely need only one or two business apps, along with business email, all of which can be managed on consumer devices using any EMM that supports Windows 10 Mobile.
Another advantage: Devices opted into Windows 10 Mobile Enterprise gain access to alternate update options that allow administrators to control how and when devices get updated. Like the PC version of Windows 10, Windows 10 Mobile Enterprise is able to use the deferred update option of Windows Update for Business to deliver the Current Branch for Business flight of Windows 10 Mobile. Using Windows Update for Business, companies can arrange for updates to run well after consumer updates have been deployed -- up to an additional 90 days -- allowing bugs and issues to be identified on consumer devices before the updates are installed on corporate-managed phones.
Windows 10 Mobile does not offer access to Windows 10's Long Term Servicing Branch. That's not surprising, as the Windows 10 Mobile deployment model can currently only refresh an entire system image, making it difficult to deploy individual critical fixes to devices. By opting in to Current Branch for Business, enterprise admins will be able to reduce the risk of disruption due to problematic updates, while still being able to ensure that devices are able to work well with consumer applications and services alongside business tools.
Microsoft is delivering updates for Windows 10 Mobile on a much faster cadence than it did for Windows Phone 8 and 8.1. The result is an update model closer to that of iOS, with key applications updating out-of-band through the Windows Store, in a manner similar to Google's unbundling of apps like Mail from Android. That makes it easier for Microsoft to update Windows 10 Mobile, though it can also mean an awkward initial setup, with devices requiring many app updates before they're ready for use.
Since the launch of its flagship Lumia 950 and 950 XL devices, Microsoft has already released one update roll-up that keeps the OS on track with the PC version, and a second is being tested by Windows Insiders. The initial release of build 10586.29 wasn't particularly smooth, and Microsoft had to withdraw the update temporarily in order to fix some installation issues. There have also been a series of updates to Windows 10 Mobile's mail, contacts, and Skype-based messaging tools, as well as its core phone app.
Continuum: The phone as business PC
Microsoft's Continuum model allows users to hook a phone to a screen, keyboard and mouse -- turning a phone into a PC. It's an interesting approach and one that seems to work well, though only with apps built using Microsoft's cross-form factor Universal Windows Platform (UWP) that have been designed to work on larger screens.
You can use Continuum with Microsoft's own custom USB-C docking station, which will charge a phone and let you use USB mice and keyboards to work with it. There's an option for running third-party hardware too, using Miracast to project the phone screen onto a larger display, with loopback extensions used to handle keyboard and mouse interactions with remote hardware. And Microsoft has finally added Bluetooth input device support to Windows 10 Mobile, so you can use an external keyboard with your phone.
Continuum is surprisingly easy to use, and works with a wide range of adapters -- including low-cost TV sticks like Roku's. That offers an interesting set of options for working on the road with just a phone. Plug a TV stick into a hotel or home TV's HDMI port, connect a Bluetooth keyboard and mouse, and open any of the built-in Office apps. Microsoft's new UWP Office apps for Windows 10 devices work well on Continuum, scaling up to big screens effectively. That shouldn't be surprising, as they're the same Office apps offered to Windows 10 users in the Windows Store.
On the other hand, apps that won't scale to external screens are faded out (and thus unlaunchable) on the Start menu -- and sadly, that also shows just how few applications currently take advantage of Continuum. As it stands, if you're not planning on using Office or the Edge browser, then at this point Continuum is at best an interesting experiment.
One key application is about to make the transition to Continuum. Remote Desktop may have a reputation as a tool for system administrators, but it's also the hub of Microsoft's virtual desktop offering. Administrators can use Windows Server or Azure to wrap apps for delivery to Remote Desktop, giving Windows 10 Mobile the ability to use traditional Win32 desktop apps in full-screen mode with keyboard and mouse.
A cloud phone OS
There's a lot to be said for Microsoft's pivot to the cloud. Certainly much of what it's doing with Windows 10 Mobile relies on its cloud services, particularly Office 365 and OneDrive. Even so, a lot of what's here is carried over from Windows Phone 8.1, in some cases with new applications, in others with new ways of doing the same old thing.
Most useful remains the capability to link phones to both personal and work accounts, with the new ability to store both sets of credentials on a device. Adding a work account, especially one associated with Office 365, will make it a lot easier to connect the Windows 10 Mobile Office apps to your cloud-hosted documents, giving you access to files on a phone or in Continuum.
More of Microsoft's cloud services have made their way into the new mobile platform, particularly Skype (though not yet a UWP version of Skype for Business). Skype is now the hub for Windows 10 Mobile's messaging, with a hybrid SMS and Skype chat service and a Video app that uses Skype's service to handle video conferencing.
OneDrive integration is such an important part of the Windows 10 Mobile experience that Microsoft's recent decision to pull back on its cloud storage offerings makes little sense.
Security with Hello and FIDO
Securing mobile devices remains a perennial issue, and it's one area where Microsoft can bring to mobile what it's learned from 30 years of handling PCs. Like its Windows Phone 8 predecessors, Windows 10 Mobile offers whole-device encryption and has a PIN option for quick access using processor-level security hardware. Devices with fingerprint readers can offer biometric access with Windows Hello, and Microsoft's Lumia 950 and 950XL can even use an iris camera to identify users.
Hello is part of Microsoft's Passport authentication architecture.aspx), which mixes it with consumer Microsoft accounts, Azure Active Directory and on-premises Active Directory. Users who log on to a device with Hello are authenticated into any paired directory -- for example, using the stored tokens to connect to Office 365 or a cloud service linked to Azure Active Directory's single sign- on service. Hello and Passport support is rapidly being added to third-party applications, such as Dropbox's Windows 10 application and in password manager tools like Password Padlock.
There's also support through Passport for open Fast ID Online (FIDO) authentication protocol. Once set up, Hello becomes a quick biometric authentication tool for both cloud and on-premises services; in a future update, Windows 10 Mobile devices should be capable of pairing to Windows 10 PCs over Wi-Fi or Bluetooth in order to provide two-factor authentication using Hello. There's also the prospect of using a Windows 10 Mobile device to work with other FIDO-compliant services, giving you cross-platform secure authentication from a phone.
It may seem odd today to use an iris scanner to unlock a phone, but as strong biometric keys for token-based authentication become more common, it and other techniques could become part of our standard device interactions. However, it will mean adding FIDO token support to applications and cloud services, and will take time to be a common feature. It also won't be exclusive to Windows 10 Mobile devices, as FIDO is a cross-platform, cross-industry open standard.
Some questions remain
Microsoft has some considerable hurdles to overcome with Windows 10 Mobile. Its market share, while reasonable outside the U.S., remains small. That's led to Microsoft delivering many of its newer productivity tools to other platforms -- leading to at least one blogger noting that the "iPhone is...arguably the best mobile platform for Microsoft apps."
In fact, you only have to look at the differences between the Windows 8.1 version of OneNote, the iOS version, and the Windows 10 Mobile version to see how much work Microsoft needs to put into its applications. For example, OneNote for Windows 10 Mobile no longer supports voice recording, while the iOS release has added features such as a radial menu for color choices. The result is a significant divergence between versions.
Also, Windows 10 Mobile is a new platform, one that requires new applications and new development resources, giving rise to a whole new "app gap." That's going to remain a problem for Windows 10 Mobile for some time, though there are already signs that the new UWP development model is attracting developers who had sidelined the platform. For example, Bank of America recently confirmed it was working on a mobile banking app for Windows 10 Mobile after publicly dropping support for Windows Phone earlier in 2015.
Even so, delivering more UWP apps really should be a matter of urgency at Redmond. If we're to get the pocket business computers promised by Windows 10 Mobile and the high-end Lumia phones, then we're going to need many more apps -- and not just business apps. Continuum is the one feature where Windows 10 Mobile stands out from iOS and Android, and it really needs to be encouraged to grow -- and that's going to need apps.
Licensing is also an issue. While editing Office documents in Continuum is free for now, it's only a trial version and will require a full Office 365 subscription after the end of March 2016. Microsoft's move to shift users to its subscription services makes sense for its new business model, but could well reduce adoption by smaller businesses that are unwilling to switch from one-off purchases to recurring subscriptions.
There's also the added problem that while Continuum is a key selling point for Windows 10 Mobile, it's only available on high-end smartphones like the Lumia 950 and 950XL. Businesses are unlikely to invest in devices like these for all their employees. Instead, lower-cost hardware, like the Lumia 550, is more likely to be used as a corporate device. While it's a reasonable mid-range device, it doesn't support Windows 10 Mobile's flagship features, including Continuum and Hello.
A mobile OS for the enterprise?
Will Windows 10 Mobile succeed in business? That remains the big question.
The question facing IT administrators and CIOs is a complex one. Even though older Windows Phone applications will still run, Windows 10 Mobile is a new OS and a new platform. That means to get the most from it you're going to need to invest in the environment around it; which means building apps with UWP and using Azure Active Directory for single sign-on.
If a company has already made the decision to make those investments, then Windows 10 Mobile becomes the logical choice for its mobile OS. But if not, then company executives will need to make the same support decisions as they've done for every other platform on the market. It's a secure and well-designed phone OS, but that's not the only reason why users choose a device and an OS.
Windows 10 Mobile is certainly a business-friendly mobile operating system. With an Enterprise variant giving organizations more control over updates, and with built-in support for Office 365 and Azure Active Directory, it's easy to control and manage. But it's hard not to also see it as a missed opportunity. Key features are available only on high-end devices, and Microsoft is giving other mobile operating systems access to many of the same applications and services -- often earlier, and in some cases with more features.
Microsoft's Windows 10 Mobile flagship phones are well-designed, aspirational devices. But they're not the phones that you'll see in coffee shops and on public transit. Cheap Windows 10 tablets will do much of what Continuum on a phone does, and with HDMI ports on $100 7-in. tablets, they're more likely to be deployed at scale; especially with no license needed to edit Office documents on their increasingly high-resolution screens. They'll also benefit just as much from UWP applications as their phone siblings.
There are many factors that come together to make a good business mobile device. Microsoft has done a lot in Windows 10 Mobile, but it hasn't yet quite come together. A faster update cadence for the OS, with out-of-band application updates, may go some way to resolve Windows 10 Mobile's issues, though that approach may cause concern in conservative IT departments.
Whatever happens, Microsoft doesn't have long to deliver on the Windows 10 Mobile promise, especially considering the recent enterprise pushes from its more consumer-focused competitors and the arrival of new devices equpped with security-conscious third-party versions of Android.
This story, "Windows 10 Mobile: Will it play in the enterprise? " was originally published by Computerworld.