Windows 8: From an enterprise point of view

Some of us get to live in the world of cool.   We are on the leading edge of software (and sometimes hardware); we are not simply IT Professionals, but we are also IT Enthusiasts… we are passionate about technology, and we always want the latest and greatest.  We wait with bated breath for new operating systems and applications from Microsoft and other vendors because every little improvement is exciting… and on the odd occasion where it is a bust we love to complain about it, commiserating with our friends at user group events and on-line.

The rest of us have to live in a world of reality, where every new purchase decision has to be weighed from every angle – what advantages will it give us in relation to the cost?  We answer to bosses and clients whose favorite question is ‘Can we do without it, and what is the cost of doing without it?’  We have to be able to justify upgrades and new systems with ROI vs. TCO (Return on Investment vs. Total Cost of Ownership), justify benefits, test, test, defend, review, and finally if we are lucky we upgrade.

It is this second group who are looking at Windows 8 and asking us for guidance.  Because many of these people are also enthusiasts who would like the newer systems, they seek help in bolstering their arguments on how Windows 8 can benefit them – not at home, but in the workplace, for their end-users, who have spent the better part of two decades getting used to a Start Button that is gone… organizations that spent eight or nine years running Windows XP because they were waiting for something better… which indeed Windows 7 was.  The trouble is how do you justify implementing Windows 8 when you just completed your Windows 7 deployment?  What benefits will we see that justify the costs, end user training, deployment, and troubleshooting?

Here’s the thing: Windows 7 really rocks.  It was far and away the best operating system released by Microsoft since… MS-DOS 5.  For your users who sit at a desktop all day (and whose system is relatively new) you may be satisfied with Windows 7 for the near term.  Where Windows 8 really shines is on the go… for users on the go who may want to use a laptop or desktop in the office but also take a lightweight tablet while they are on the move, and touch computing just makes more sense.  It is in the modern work style where end users and IT Admins alike will see Windows 8 shine.


However there is more to it than that.  We have seen a big push recently for new ‘modern’ apps.  Why?  There are several reasons, but as we are discussing benefits to the Enterprise let’s start there.  Over the past few years I have asked several IT Pros why their companies still run Windows XP.  Three years ago the answers were: cost, it works so why change, a (perceived) complexity of deployment, and finally application compatibility.  Today there are far fewer companies running Windows XP, and far and away the number one answer to the same question is application compatibility issues.  Somewhere between six and fifteen years ago they invested in an application that runs fine on Windows XP, but is incompatible with the modern OS.  However they do understand the importance of support, and now that we are inside 400 days until Microsoft retires support for Windows XP (#EndOfDaysXP) they are scrambling to find or develop solutions that will work going forward.

In Windows 8 you get the best of both worlds – the powerful tablet experience as well as the trusted and proven desktop experience to support all applications – modern AND legacy.  However if Modern apps are the way of the future, why wouldn’t you consider developing your future apps for the newer ‘work anywhere’ interface, and not simply for the desktop.  So if we are ready to upgrade our apps, wouldn’t it make more sense to develop them as modern (Windows 8) apps, and not for the Desktop?  Companies have in the past seemed satisfied to keep their OS in place for a decade – which introduces support headaches and security concerns, but Windows XP saw its tenth birthday come and go before it dropped below 50% market share.  If we are planning the next application that we hope will not become obsolete and incompatible going forward then the modern app is certainly the way to go… and that means Windows 8.


You hire a new employee and they need a new computer, applications, and such.  They also want the portability and ease-of-use of a tablet.  Windows 8 is the only operating system that offers 100% cross-platform compatibility; you do not have to worry about your apps working or not, incompatible or nearly-compatible document formats and the like, because the apps on your desktop/laptop/tablet are the same apps, and not versions of the same app.  In many cases you also do not have to purchase new licenses for the app (depending on the licensing of the individual app), because the app is licensed per user and not per device.  Make sure you check with your software vendor before simply buying it once.  Users also do not have to spend time learning, relearning, converting, and verifying.  They also do not need to worry about configuring the look and feel for each device, because it goes with them… as do their documents and important files.

Security & Manageability

The vast majority of enterprises are using (or starting to use) System Center to manage their infrastructure.  By choosing System Center 2012 and Windows 8 as your platform of choice you ensure the best management solution of any operating system available on the desktop, but certainly far and away on the tablet.  Add to that the manageability functionality that Group Policy in your Windows Server 2012 environment and you can:

  • Lock down
  • Configure
  • Protect,
  • Manage your devices,
  • Encrypt your volumes
  • Manage access control
  • Deploy apps

…in a way that is simply not available with any other platform.  Is your corporate data important?  Only Windows 8 allows you to use BitLocker Volume Encryption on every device, and rest easy that a lost or stolen device will never mean compromised corporate secrets.  Windows 8 is the only system that offers Direct Access to your network from any internet connected device, meaning that your employees will always have the latest security patches and virus definitions even if they only come into the office once a year.  Only Windows 8 allows you to sit in your office, detect and resolve problems for the user before they realize there is one, deploy new or updated apps, and even offer them Remote Assistance wherever they are in the world.  And of course only Windows 8 Enterprise allows you to manage the OS license using a Key Management Server (KMS) so if a device is lost or stolen the OS falls out of activation and you can immediately reassign that license to a new system.

While anti-malware is still primarily managed by System Center Endpoint Protection (or whatever your anti-malware of choice may be), Windows Defender is built into all editions of Windows 8, and Windows 8 Secure-Boot ensures the integrity of the OS, detecting and preventing rootkits and other malware before Windows 8 even starts up.  Rootkits have traditionally been the hardest malware family to detect and eliminate, and by preventing them at the boot level will prevent major damage.


When you have two or three computers to manage standardization is not an issue.  When you have 10,000 computers to manage knowing that all systems are deployed to a corporate standard makes your life easier when patching, securing, and troubleshooting.  Windows 8 is the only OS available that can be deployed uniformly to any device (desktop, laptop, or tablet) with the proper drivers from a single image, using either the Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager .  Light-Touch Installation (LTI), Zero-Touch Installation (ZTI), and User Driven Installation (UDI) give you the option to deploy Windows 8 however is right for your organization… and because Windows 8 is hardware-agnostic, you can inject drivers for different hardware types into your deployment point and deploy seamlessly.

No matter where you are in the deployment process we have guidelines and tools that can help.  Check out Pierre’s article on the MAP Toolkit for planning your Windows 8 deployment here.

Virtualization – BYOD!

Gone are the days where all company work is done on company computers.  With end users bringing in their own devices our jobs as IT Pros is complicated because BYOD cannot mean deprecated security.  Windows 8 is the best OS to deploy in a virtual environment (such as Hyper-V) to deliver secure-session VDI to the end user on any device, whether that is a Windows 8 tablet, a Windows XP laptop, or even an iPad, Mac, or Android device.  The vast improvements to Remote Desktop Services (formerly Terminal Services) in the past few years mean that you can open a secure Windows session from not only an RDP Client, but using Remote Desktop Web Access you can open either a desktop session or application session from any compatible web browser.  This secure environment will allow your users’ unmanaged (and potentially infected) devices to run your desktop, applications, and data without the threat of contamination.

Another great new feature in Windows 8 Enterprise is Windows To Go, which allows you to install your corporate environment (OS, apps, security, connectivity, Direct Access, Domain Join, Group Policy) to a USB key that users can take with them.  Suddenly they can work on the road without carrying a laptop – all they need is an Internet-connected computer that has a USB port.  They boot the system from their WTG key, and their unmanaged workstation is converted into a secure corporate desktop on your network… until they are finished, at which point that computer has no memory of what happened. For workers who only occasionally need to work from home or remotely, as well as contractors who bring their own devices into your organization this is a huge advancement.  For more details on the benefits and ‘how to’ video check out our article here.

Speed & Stability

The days of patient end users is in the past, and the streamlined boot process in Windows 8 can cut as much as a minute off the boot process.  My Microsoft Surface Pro boots in 14 seconds… and the modern UEFI boot means it is more secure than ever.  However that minute saved means nothing if I have to keep rebooting my system, and the stability of Windows 8 means that will not need to happen nearly as often as in days of old.  The security built into Windows 8 coupled with the stable code result in fewer crashes, less data loss, and less downtime resulting in idle users.  In other words… more productivity.


If you went out and bought new computers for your users in 2010 or later that are running Windows 7, are properly managed, secured, and updated, then you might not need Windows 8.  For the rest of us it is clear that the increased security, better manageability, increased user productivity, lowered TCO and increased ROI will excite the CxOs, while the cool factor of the technology will appeal to the technology enthusiasts in all of us.  But don’t believe me… Try it for yourself by downloading an eval here and you will come to the same conclusion that we did… that Windows 8 is the modern OS that is the best choice for businesses going forward!

Next Steps

Our end users can download Windows 8 here and try it out.  However if you are an IT Admin / Architect type who would like to see the real benefits in a full environment, you should set up a lab on eval software to see how it runs:

  • Download Windows Server 2012 and set up a test/lab domain. 
  • Download System Center 2012 for your lab environment and see what you can do with the new System Center Configuration Manager with regard to device management.
  • Download Windows 8 Enterprise Edition and install it – try it on different types of hardware, and even in a virtual machine to see how well it works in a VDI environment.  You will be pleasantly surprised!