Why Cloud Management Gateway Is So Important Now

With the prevailing global situation requiring more and more people to work from home, businesses need to ensure that productivity does not suffer. And to do that, you need to effectively manage remote devices. Hence the need for technology such as the Cloud Management Gateway (CMG).

By utilizing the CMG, your business has an alternative to IBCM that most would consider a significant upgrade. This creates a favorable environment that allows your organization to eliminate the obstacles of having a remote workforce. Needless to say but the CMG can play a massive role in your organization and its importance is certainly worth discussing.

Requirements

Before you can use the Cloud Management Gateway you need to meet the following requirements:

  • An Azure subscription to host the CMG,
  • You need a Full administrator or Infrastructure administrator user account in Configuration Manager,
  • During the initial creation of certain components, the participation of an Azure admin is needed,
  • You need at least one on-premises Windows server to host the CMG connection point,
  • A server authentication certificate for the CMG,
  • There needs to be an integration of the site with Azure AD to deploy the service with Azure Resource Manager,
  • Depending on your client OS version and authentication model, other certificates may be required,
  • Clients are required to use IPv4.

When is it useful?

There are several scenarios where the CMG could come in handy and they include the following:

  • For management of traditional Windows 10 clients using modern identity which can either be hybrid or pure cloud domain-joined with Azure AD.
  • For management of traditional Windows clients with Active Directory domain-joined identity. The clients included are Windows 8.1 and Windows 10.
  • For installation of the Configuration Manager client on Windows 10 devices over the internet.
  • For new device provisioning with co-management.

Benefits to your business

CMG enables your Enterprise admins to perform several actions. Among the things they can do, they can manage the following over the internet:

  • Push software updates and enable endpoint protection,
  • Inventory and client status,
  • Compliance settings,
  • Software distribution,
  • Windows 10 in-place upgrades,
  • Manage branch office devices over less expensive internet instead of across expensive WAN or VPN connections.

Eliminates complications

Although Internet-based client management (IBCM) has been around for years, a lot of users tend to find it complicated. CMG aims to be a simpler solution. It is an Azure-hosted service that manages internet-based clients through a new role called the cloud management gateway connector point.

By adding the CMG to your environment, you’ll get an intermediary cloud solution. And this can be your bridge to a full cloud management solution of your Windows 10 devices through Microsoft Intune.

Also, your organization doesn’t need to expose on-premises infrastructure to the internet and neither will you require additional infrastructure. So by using the CMG, you get rid of a lot of what users don’t like about IBCM.

Manage internet clients

Cloud Management Gateway helps you to easily and effectively manage clients that are on the internet. Often, there are going to be events in your environment that will require a swift response.

However, previously this was problematic for clients that would not be currently on-premises. By leveraging the CMG, you can manage clients all over the world as long as they have an internet connection.

Furthermore, it doesn’t require you to buy any additional IT infrastructure. So unlike IBCM that would need additional hardware that you need to maintain, for the CMG you just need to have Azure.

Strengthen your security

The moment you have systems that are not directly connected to your IT infrastructure, your data security is at an increased risk. This is particularly evident with remote work.

Although a lot of businesses have responded by using VPNs, you cannot adequately protect workstations through VPN channels. Hence the importance of the Cloud Management Gateway.

With it, you can better manage devices connected to the Internet and thus improve your corporate security posture. This is further enhanced by the fact that you can leverage Microsoft Azure services so that there is no need to expose your infrastructure to the internet.

Cost management

Whenever you use cloud services, you will incur costs associated with your usage. And the Cloud Management Gateway is no exception. Fortunately for clients, Microsoft intends to help you to keep those costs under control. You can do this through client settings, for instance, where you can determine which clients can access the CMG.

Another feature you can leverage is virtual machine configuration. The latter enables you to choose between 1 and 16 virtual machines per instance of Cloud Management Gateway. Also, if you want to, you can stop the CMG so that it’s no longer serving clients.

Therefore, to optimize user experience for all clients, the CMG helps to reduce the unavoidable costs that come with cloud services.

Constantly evolving

Another reason why the CMG is so important is how the technology is constantly evolving. There has been a lot of innovation taking place such as the ability to automatically do a client install through the CMG.

This is a great option to have because it eliminates the need for the client to be on the intranet. In addition, the platform is adaptable to your organization’s needs. So it can handle several scenarios such as:

  • Traditional PC management (Windows 7, 8.1, 10),
  • Modern PC management (Windows 10 with modern identity),
  • Internet client installs.

Wrap up

Every organization should be looking for ways to make the most of its IT investments. Thus from the information available, we can see that every environment that uses ConfigMgr can benefit from using the Cloud Management Gateway. And you can leverage the CMG for clients all across the globe. The convenience that this provides you cannot be overstated. As the world changes and technology evolves, we need platforms that can help organizations to become more efficient and enhance productivity.

Benefits of Being Able to View Hardware Inventory in MEM

In July 2020, Microsoft announced the release of update 2007 for the Technical Preview Branch of Microsoft Endpoint Configuration Manager (MECM). And with that, came a feature that now allows you to view hardware inventory for a tenant-attached Configuration Manager device in the admin center. With most pieces of hardware in offices today being connected to the internet, being able to view hardware inventory is extremely important. Microsoft Endpoint Manager (MEM) now offers that capability and thus gives your business several advantages.

Getting set up

Before you can use this feature, there are several requirements that you will need to meet:

  • You need to have an environment that’s tenant attached with uploaded devices,
  • You need either Microsoft Edge (version 77 and later) or Google Chrome,
  • You need a user account that has been discovered with both Active Directory user discovery and Azure Active Directory (Azure AD) user discovery. Simply put, this means that the user account should be a synced user object in Azure.

In addition, the user account will require the following permissions:

  • Admin User role for the Configuration Manager Microservice application in Azure AD. This role will be added in Azure AD from:

Enterprise applications  >  Configuration Manager Microservice  >  Users and groups  >  Add user.

If you have Azure AD premium, groups will be supported.

Network security

The security of your network should be something of great concern. Especially in a world where cybercrime is increasing at an alarming rate. Having said that, we can begin to see why a hardware inventory in MEM feature could come in very handy.

Keeping track of all the hardware in your organization is no mean feat. Particularly for businesses that have also employed bring-your-own-device (BYOD) policies.

You need to have a system that can readily provide you with the necessary information on all devices. This helps your IT team to maintain high levels of network security, prevent breaches, and manage any potential issues that may arise.

Optimize productivity

By leveraging the hardware inventory feature in Microsoft Endpoint Manager, you can keep track of how devices are performing. The last thing your organization needs is to have computers worth tens of thousands of dollars operating at subpar levels.

With accurate information on hardware inventory, you can easily see how the devices in your organization are performing. You can then address any issues that may arise to ensure that productivity is optimized from top to bottom. If you are going to invest in expensive, high-tech devices, you need them to operate as they should.

Reduce overhead costs

Well-managed IT infrastructure can help your organization to reduce overhead costs. The ability to view hardware inventory in MEM is going to give IT a bird’s eye view of all your IT infrastructure. And this enables you to effectively manage all hardware from procurement till retirement.

Doing this will cut your costs by doing away with issues such as IT overspend and non-compliance. Working in this manner will fully optimize your productivity, as mentioned above, which all businesses will be happy with.

Lifecycle management

MEM’s view hardware inventory feature helps you to keep track of hardware from purchase, how it is used, and finally to its retirement. With this kind of actionable data readily available, it simplifies the decisions that you will need to make in the future such as new purchases, upgrades, and so on.

Moreover, you can easily keep track of contracts with vendors and thus know when to renew those contracts or make purchase orders. All these things add significant benefits to your business by increasing operational efficiency while minimizing risks.

Enhance IT efficiency

If there is anything that is abundantly clear from what your organization will gain from MEM’s view hardware feature it’s that it will simplify life for IT teams. Significantly. With the data available to them, it makes it far less likely for any issues to arise during audits. Also, it creates less workload by eliminating the need for manual tracking and scanning of devices. Your IT department will inevitably operate more efficiently by being able to easily keep tabs on all hardware.

Asset protection

Another key advantage that comes with being able to keep track of your organization’s hardware is increased asset protection. Keeping track of devices allows you to not only get performance-related data but location data as well.

And having this information will help to mitigate the risk of loss or theft of devices. Therefore, utilizing the view hardware inventory in MEM tool helps your organization to easily stay on top of the work status of an asset, its physical location, and disposition.

Better overall governance

Viewing hardware inventory is going to give you an increased degree of visibility. Because of the accurate data at your disposal concerning your IT infrastructure, you’ll have a better handle of key assets. Therefore, they are less likely to be misplaced, misused, or underutilized.

And so with all these advantages, it simplifies the process of coming up with more effective governance protocols. This is something that will hugely benefit the entire organization from top to bottom and not just your IT department.

Keeping track of assets

There’s no denying that keeping tabs on your hardware is just as important as the software management side of things. After all, technology is a huge investment for any business. And so how you keep track of your hardware will inevitably affect your bottom line.

Having real-time, accurate information about your assets goes a long way in the optimization of productivity. Not to mention enhancing the overall security of your business. Viewing hardware inventory in Microsoft Endpoint Manager is an incredible tool that should help your business become more efficient. The benefits are clear for us all to see.

Microsoft Intune: 7 Benefits of Remote Device Controls

It goes without saying that the year 2020, in particular, placed a new emphasis on the importance of remote work. Although a lot of organizations had already been exploring bring-your-own-device (BYOD) policies, that need is even greater today.

And so it’s not surprising to see technologies like Microsoft Intune take center stage in these discussions. Management of your remote workforce is a task that can get very complex and put your security at risk. This is why we need to look at what Microsoft Intune can offer and how remote device controls benefit you.

What does Microsoft Intune control?

Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). It can control:

  • How devices such as laptops, tablets, and mobile phones are used within your organization,
  • The configuration of specific policies to control apps,
  • The use of personal devices for school or work, and enhance security by isolating organization data from personal data.

All these controls and more will improve overall device management and data security by employing strict access controls.

Use and secure multiple devices

One of the major benefits that your employees will get from Microsoft Intune is having a choice of device. They can easily enroll and register devices from a choice of several. And then they can install corporate applications on the chosen devices from the organization’s self-service portal.

The key thing, however, is that your IT team retains control over the devices that have access to the corporate network. Administrators are the people responsible for setting up compliance and enrollment policies. Therefore, your organization can maintain high levels of security and control over all devices, especially those of your remote workforce.

Limit employee access

Sometimes, an employee who needs to check their email may decide to do so from a computer in the hotel lobby, for instance. Scenarios like this can cause huge security issues in your network. To counter this, Microsoft Intune will block any devices that are not under its management from accessing corporate resources.

Remote device controls allow you to keep out any device that does not meet the criteria that administrators have put in place. Conditional access will only be granted to corporate-owned devices, BYOD devices that meet compliance regulations, and devices that follow any other criteria that you set up.

Administer mobile devices

In a world where people are always on the go, your employees may inevitably at some point need to use their mobile devices. And Microsoft Endpoint Manager provides you with several options for administering managed devices. These include:

  • Microsoft Teams: a platform that promotes teamwork by chatting, meeting, and collaborating regardless of location.
  • Quick Assist: a Windows 10 app where two people can share a device over a remote connection.
  • TeamViewer: a third-party program that enhances remote access and support.
  • Remote Control: a feature that helps you to remotely administer devices and provide assistance.

By leveraging these tools, you can have remote device controls that give you a secure platform to administer devices.

Leverage Remote Control

Remote Control is a feature of Microsoft Endpoint Configuration Manager that you can use to remotely administer, provide assistance, or view any workgroup computer and domain-joined computer. This is something that enables IT professionals to connect and interact with a customer user session.

In addition to the remote assistance that IT can offer, the remote control viewer is also available on all operating systems that are supported for the Configuration Manager console. So instead of having to wait on someone to come in person and attend to an issue, IT can provide the necessary assistance remotely.

Enhance remote management

Microsoft has a habit of teaming up with great partners that can vastly improve the user experience for their clients. To assist IT in the remote administration of Intune devices, you can use a partner program known as TeamViewer.

The latter is a fast and secure remote management tool that will help your IT team to proactively monitor client endpoints, remote systems, and networks. This comprehensive set of remote access and support capabilities can simplify life for both IT and end-users. With its easy-to-use interface, TeamViewer helps members to remain connected from various locations.

Manage device actions

We all face challenges with our various devices from time to time. We can forget our passwords, lose devices, have them stolen, etc. With Microsoft Intune, however, you have less to worry about from these potential scenarios. And this is because your admins can remotely run device actions. From the Intune portal, it is possible to restart devices, reset passcodes, locate lost or stolen devices, and more.

Remove devices

Following on from the above point, once a device is stolen, goes missing, is no longer needed, or is being repurposed, you’ll need to remove it from Intune. Users can also use the Intune Company Portal to issue the necessary command to Intune-managed devices. You can choose to:

  • Wipe the device: this action restores the device to factory settings and can remove all data, apps, and settings.
  • Retire the device: this action removes managed app data (where applicable), settings, and email profiles that were assigned by using Intune. The device is removed from Intune management.

Being able to perform these actions remotely helps to ensure that the wrong people don’t get access to corporate data and resources.

Wrap up

Remote device controls offer businesses a great degree of convenience that they previously did not have. The ability to access and manage system interfaces and files serves to create a better experience for both IT and end-users. No longer do users need to wait endlessly for assistance or IT to constantly worry about access and compliance. By using the remote control tools that Microsoft Intune delivers, organizations can improve the efficiency of their remote networks and still maintain high levels of security.

What You Need to Know about Microsoft Endpoint Manager’s Tamper Protection

With cyber threats being such a huge problem, the last thing your organization needs is vulnerable security. And this can be worsened if malicious actors manage to disable your security.

So with that in mind, Microsoft introduced Tamper Protection to increase your organization’s security by making it significantly harder for cybercriminals to infiltrate your network.

It gives you a better security posture and allows your IT team to ensure greater protection over corporate resources. And so today we’re going to dive into what exactly Microsoft Endpoint Manager Tamper Protection is and what it can do for your organization.

What is Tamper Protection?

Microsoft Endpoint Manager Tamper Protection is a relatively new feature that was created to prevent potential attackers from making changes to the configuration of Microsoft Defender on Windows 10 clients. Therefore, this feature doesn’t allow malicious actors to disable features such as:

  • Real-time protection,
  • Anti-virus protection,
  • Cloud-delivered protection,
  • Removing security intelligence updates.

By blocking these actions, Tamper Protection keeps attackers from getting easy access to your data or installing malware. Without being able to do this, attackers can’t compromise your devices or exploit sensitive information.

Functionality

The key thing that Microsoft Endpoint Manager Tamper Protection does for you is it locks Microsoft Defender Antivirus to keep people from making modifications to your security system. These modifications could otherwise be made through apps and methods like:

  • Configuring settings in Registry Editor on your Windows device
  • Using PowerShell cmdlets to make changes to settings
  • Using group policies to edit or remove security settings

However, Tamper Protection won’t stop you from seeing your security settings or affect how third-party antivirus apps register with the Windows Security app. For organizations using Windows 10 Enterprise E5, it’s the security team that will manage Tamper Protection and so individual users can’t change the setting.

How to enable Tamper Protection

Your IT admins can use Microsoft Intune to turn Tamper Protection on or off for all managed computers using the Microsoft Endpoint Manager (MEM) admin center portal. And to make changes to Microsoft Endpoint Manager Tamper Protection, admins will need to have permissions such as security or global admin. To have access to Tamper Protection, your organization should:

  • Have Intune licenses such as Microsoft 365 E5,
  • Have computers running Windows 10 versions 1709, 1803, 1809, or later,
  • Use Windows security with security intelligence updated to version 1.287.60.0 or later,
  • Have machines using antimalware platform version 4.18.1906.3 and antimalware engine version 1.1.15500.X (or later).

With all the requirements met, follow the steps below to get access:

  • Go to MEM admin center and sign in with the right credentials,
  • Select Devices and choose Configuration Profiles,
  • Create a profile with the characteristics below:

Once you turn on Tamper Access, you won’t have any need to turn it off unless if it affects other validated tools.  

Tamper Protection for Configuration Manager

With version 2006 of Configuration Manager, you can leverage tenant attach to manage Tamper Protection settings on:

  • Windows 10,
  • Windows Server 2016, and
  • Windows Server 2019.

Tenant attach allows you to sync your on-premises-only Configuration Manager devices into the MEM admin center. Following this, you can deliver endpoint security configuration policies to on-premises collections and devices. A few simple steps are all you need:

  • Set up tenant attach,
  • Go to the MEM admin center > Endpoint security > Antivirus,
  • Choose Create Policy,
  • You can now deploy the policy to your device collection.

Continuous reviewing

Even with Microsoft Endpoint Manager Tamper Protection enabled, your admins need to have the ability to continually review your security posture. Otherwise, you won’t fully benefit if you cannot see the tamper attempts or report them.

To resolve this challenge, you can subscribe to the Microsoft Defender for Endpoint service. This will provide you with a dashboard that shows you all the security issues that you need to be aware of. These include flagged tamper attempts with all the necessary details to investigate further.

Using third-party security tools

Although Microsoft Endpoint Manager Tamper Protection can work with third-party security tools, some of these can make changes to security settings. By using real-time threat information, Tamper Protection can assess the potential risks of software and suspicious activities. Ideally, your IT admins should update your security intelligence to version 1.287.60.0 or later. And this action will protect the system security settings in the Registry and log any attempts to modify those settings without generating errors.       

What about endpoint management tools?

As for endpoint management tools, you can use them with Microsoft Endpoint Manager Tamper Protection. With limits, of course. Admins retain the possibility of establishing a centralized setting for Tamper Protection using management tools.

However, other tools/platforms cannot change settings that are under the protection of Tamper Protection. For that, admins would require Windows Security to manage those.

If you have a Windows enterprise-class license or computers running Windows 10 Enterprise E5, you need to opt into global Tamper Protection. Below are some unified endpoint management platforms that cannot override Tamper Protection:

  • Microsoft Intune,
  • System Center Configuration Manager,
  • Windows System Image Manager configuration,
  • Group Policy,
  • Any other Windows Management Instrumentation tools and administrative roles.

Wrap up

The key to staying ahead of cybercriminals is a continual upgrading of existing security features. And this is precisely what Microsoft is doing with Tamper Protection. With this feature, you can address one of the potential areas of weakness in your security infrastructure. You can prevent unwanted visitors from disabling critical security features.

Since Microsoft Endpoint Manager Tamper Protection was specifically designed for enterprise environments, it is ideal for enhancing organizational security and making your organization less vulnerable to attack. Class-leading security has become a necessity for all of us and features like this can play a massive role in safeguarding our enterprises.

Microsoft Endpoint Configuration Manager: Latest Improvements to the Product Lifestyle Dashboard

Information is key for any business to function optimally. That is why there has been such a massive increase in the use of big data during the last decade. But, this information is not only that which you can obtain externally, it’s also information concerning your internal operations. And this is where Microsoft’s Product Lifecycle Dashboard enters the fray.

It simplifies the way your organization functions by providing you with information concerning all the products that you have installed on devices that are managed by Microsoft Endpoint Configuration Manager. This is a fantastic feature that has had some improvements added to it and that is what we’ll be going over below.

Getting started

Microsoft has made a few changes over the years and from version 1806 you’ll now be able to use the Configuration Manager product lifecycle dashboard to view the Microsoft Lifecycle Policy. So what exactly does this ‘dashboard’ do?

The Product Lifecycle Dashboard is a tool that shows you the state of the Microsoft Lifecycle Policy for Microsoft products installed on devices managed with Microsoft Endpoint Configuration Manager.

Not only that, but you also receive data concerning the various Microsoft products in your environment, supportability state, and support end dates. Therefore by using both Asset Intelligence and the Asset Intelligence Synchronization Point, the dashboard can give you a clear overview of the lifecycle of each product.

By using the dashboard, you can easily find out what support is available for each product. With this information in hand, it will allow you to plan accordingly and update all products before their support expires. And then from version 1810, the dashboard also adds information for System Center 2012 Configuration Manager and later.

What are the requirements?

As a product continues to improve, the requirements to use that product will also expectedly change. For you to see data in the product lifecycle dashboard, you need the following:

  • Internet Explorer 9 or later
  • You need to install and configure a service connection point role. And the latter must be online or synchronized regularly if offline.
  • For hyperlink functionality in the dashboard, you need a reporting services point.
  • You need to configure and synchronize the asset intelligence synchronization point.

Using the dashboard

This tool is designed to make it easier for your organization to have access to up-to-date data about the products that you are using. And by leveraging the inventory data that the site collects from managed devices, the dashboard displays information about all current products. However, not all versions are supported. Only Windows Server 2008 and later, Windows XP and later, SQL Server 2008 and later, will have information displayed for OSs and SQL Server. To access the lifecycle dashboard in the Microsoft Endpoint Configuration Manager console:

1) Go to the Assets and Compliance workspace,

2) Expand Asset Intelligence,

3) Select the Product Lifecycle node.

What else do you get?

Clients will find that from the newer version of SCCM 1902, they’ll get information for installed versions of Office 2003 through Office 2016. And this data is available after the site runs the lifecycle summarization task, which is something that occurs every 24 hours. In addition, you can also benefit from using the dashboard even if you don’t have Configuration Manager. You can use Azure Monitor Logs to provide a Dashboard to help with managing the supportability of your environment.

Upgrading products

Taking a simple look at your dashboard will allow you to see any products that need to be updated urgently. When you have several computers to deal with and you need to know which ones need upgrades, all you need to do is click on the hyperlinks found in the Number in environment column and that will show you a report.

And doing this will direct you to the Lifecycle 01A – Computers with a specific software product report. This is a huge improvement when you consider that in the past you had to investigate problem clients individually to find out whether or not an upgrade was needed.

Reports in the product lifecycle set

In addition to the dashboard, you have additional reports that are available as well. These you’ll find in the Microsoft Endpoint Configuration Manager console, where you then go to Monitoring workspace and you expand Reporting. The new reports, which are found under the Asset Intelligence category are as follows:

  • Lifecycle 01A – Computers with a specific software product: You can see a list of computers on which a specified product is detected.
  • Lifecycle 02A – List of machines with expired products in the organization: This report, which you can filter by product name, shows you all the computers which have expired products on them.
  • Lifecycle 03A – List of expired products found in the organization: View details for products in your environment that have expired lifecycle dates.
  • Lifecycle 04A – General Product Lifecycle overview: Here you can see a list of product lifecycles and filter the list by product name and days to expiration.
  • Lifecycle 05A – Product lifecycle dashboard: From version 1810, this report will have similar information as the in-console dashboard. All you have to do is choose a category to view the count of products in your environment as well as the days of support remaining.

Wrap up

Every organization needs products that will help them to optimize their time. And as the number of available products increases, the choice of which product to go for becomes harder. Microsoft’s Product Lifecycle Dashboard gives your business many benefits that businesses have needed for a long time.

Reduce the time you spend trying to keep track of all the products you have installed on countless devices with a simple, easy to use dashboard. If you’re looking for a tool that gives you a more efficient way of device management, then the Product Lifecycle Dashboard is one that is certainly worth a look.

Reconsidering Certifications for Digital Transformation

The way that IT departments have worked for years is by having your IT professionals take up specific responsibilities to cater for. Now, however, as technology continues to evolve, you’ll find the responsibilities overlapping from one role to another. And it’s because of situations like these that we need to be reconsidering certifications across the board.

As a business, you should be looking at what changes you can make. How can you equip your IT team to become more efficient at what they do? Are there any tech companies offering potential solutions to these challenges?

Understanding key concepts

The first thing we need to do is to clear up the confusion surrounding some of these concepts so that we’re on the same page. When we talk of certification, this refers to an independent evaluation of knowledge and/or skills.

Essentially, what this means is assessing an individual to see if they have the necessary skills, and how they got them doesn’t matter. Because of this, an individual that has acquired certain knowledge and skills should be able to get certification without the need to undergo training. And quality certification is demonstrated only when:

  • The identity of the individual can be verified beyond any doubt,
  • The work has been checked to ensure that it was done by the person that submitted it,
  • Taking a prescribed learning path is not necessary to pass the exam,
  • The evaluation process has been proven to be psychometrically sound.

The difference between certification and a certificate is that the latter is what you receive on completion of a training program. Therefore, in this instance, you’ll need to take part in training after which an assessment will be carried out.

Microsoft is making changes

As already mentioned above, the complex nature of the responsibilities facing IT professionals is rapidly increasing. So to better equip your IT teams and have them operate effectively, Microsoft has made some rather significant changes. By now, most people are aware that Microsoft Technology Associate (MTA) certifications and exams are reaching the end of the road.

The reason that Microsoft has given for retiring these is that this change will help students build the technical skills they need to keep pace and succeed in emerging jobs. How? By redesigning the certifications in such a way as to align with industry and hiring trends. The recommendation is for people to start moving to the new certifications in anticipation of the retiring of MTA certifications by June 2022.

The exams listed below are the ones that will be retired:

  • Database Administration Fundamentals
  • HTML5 Application Development Fundamentals
  • Introduction to Programming Using HTML and CSS
  • Introduction to Programming Using Java
  • Introduction to Programming Using JavaScript
  • Introduction to Programming Using Python
  • Mobility and Devices Fundamentals
  • Networking Fundamentals
  • Security Fundamentals
  • Software Development Fundamentals
  • Windows Operating System Fundamentals
  • And Windows Server Administration Fundamentals.

What is an MTA certificate?

An MTA certificate is an entry-level certification for anybody who wants to start a career in the IT industry or is thinking about changing their career to one in the IT industry.

The targets for this certification are beginners, IT generalists, and students lacking technical experience or specialization. The certification is an online-based program where people can learn new material and demonstrate their skills.

The MTA exams, which are part of the MCP program, can help beginners to boost their career progression and function as a springboard to getting advanced certifications such as MCSD, MCSE, and MCSA. 

The way forward

With the above changes coming into place, students and educators alike will be wondering where they go from here. And Microsoft offers us fundamentals certifications as the place to start. The certifications you’ll find are the ones below:

  • Microsoft Certified: Power Platform Fundamentals
  • Microsoft Certified: Azure AI Fundamentals
  • Microsoft Certified: Dynamics 365 Fundamentals Customer Engagement Apps (CRM)
  • Microsoft Certified: Dynamics 365 Fundamentals Finance and Operations Apps (ERP)
  • Microsoft 365 Certified: Fundamentals
  • Microsoft Certified: Azure Fundamentals
  • Microsoft Certified: Azure Data Fundamentals
  • Microsoft Certified: Dynamics 365 Fundamentals
  • Microsoft Certified: Security, Compliance, and Identity Fundamentals

The above certifications should enable students to validate foundation understanding with mixed concepts and applied learning of Microsoft technologies. With these certifications, you can easily proceed to role-based training and certifications across emerging and in-demand career areas. These include but are not limited to Microsoft 365 and Dynamics, Power Platform, and Microsoft Azure.  

Reasons for these changes

The modern business environment and its various problems are making greater demands on IT professionals. Because of this, it’s now very common to find responsibilities completely ignoring traditional role boundaries.

For example, when looking at the roles at Microsoft, you can often find Azure solutions architects performing some of the responsibilities of Azure data engineers, enterprise admins, and Azure admins. And this overlapping of responsibilities is visible in many different roles.

Consequently, if you’re a security administrator, for instance, you also need to be familiar with the responsibilities of enterprise admins, Azure solutions architects, and messaging administrators. Furthermore, roles work with various technologies so you’ll also need to familiarize yourself with a broad range of technologies to operate successfully in these roles.

Transitioning to role-based certifications

From the reasons stated above, it is becoming clearer as time goes on that changes need to be made. The current approach has worked well for decades but now the industry is evolving, and it is doing so at a very fast pace. And according to Microsoft, there has been plenty of feedback from its customers and other partners that have inspired this shift from product-centric certifications.

With role-based certifications, you’ll get a program that covers many different technologies instead of focusing on technologies in general.

Therefore, the new certification program is designed to offer credentials and skills that are tailor-made for jobs and areas of responsibility that are in-demand. So these role-based certifications will validate the skills that technical professionals at beginner, intermediate, and advanced level learn in any of the following job roles:

  • Developer
  • Administrator
  • Solutions Architect
  • Data Engineer
  • Data Scientist
  • AI Engineer
  • DevOps Engineer
  • Security Engineer
  • Functional Consultant

Taking your business forward

All businesses need to put themselves in a position to carry out digital transformation. And you need to be able to do this effectively. But, without the necessary skills to carry out the process, most organizations will face great difficulty when it comes to ensuring their IT infrastructure can meet their business needs.

This is why it’s crucial to reconsider the training of your IT personnel and in particular their certifications. The current way of training your IT personnel is beginning to lag behind and that could have huge repercussions in the future. With the right sets of skills available to you in-house, you can vastly simplify tasks such as digitally transforming your data centers, migrating workloads to the cloud, app development, and data integration.   

New skills development methods

The changes that Microsoft is bringing in should enable the certifications program to remain current. By doing this, it will fully equip IT professionals with the knowledge and skills they need for the latest Microsoft technologies as well as those technologies that Microsoft Certified Professionals use every day.

Leveraging up-to-date certifications from technology vendors is extremely important if your organization is to retain IT professionals with the skill set to build a successful IT organization.

When considering certification programs you’ll need to look at a few things such as whether the skills on offer are evolving with technology, whether the program is relevant to your business’ needs, and whether the program will include performance-based testing among other things.

What does this mean for other certifications?

Microsoft will stop offering MTA licenses for purchase on June 30, 2021 and you’ll have until June 30, 2022 to register and take the exam. So if you pass the exam by the deadline date then you’ll earn the certification.

However, if you need to retake a failed exam after the deadline for purchasing passes, you may not be able to do so unless you have an additional purchased voucher. And for those that are pursuing exams that are retiring, you can still earn your certification provided that you pass the required exam before it expires.

Also, Microsoft won’t allow you to trade in your MTA voucher for another exam so you’ll have to make sure that you make use of it before it expires.

Furthermore, you don’t need to worry about the MTA certification that you already have because they will remain on your certification transcript and will be printable even after the exams retire. Two years after the retirement of the certifications, they will be moved to the Certification History section of your transcript.

Steps to take

Now that you know what role-based certifications are, what steps will you need to take in order to start?

  1. Choose a learning path depending on your current role or the one you aspire to. Then, prepare for the exams with a series of courses through online learning, books, instructor-led training, etc. To check your progress, there are practice tests that you can take to assess your strengths and weaknesses.
  2. Plan for the exam. You’ll need about 3 hours, including 30 minutes for the introduction, instructions, and comments. You can expect 40–60 questions, and, since your job is hands-on, the exams will be, too. The idea is to test you on real-world situations that you will potentially face in your day-to-day activities.

When all is said and done, you should be able to fully demonstrate the knowledge and skills you have that you have learned for you to attain your certification.

Why Microsoft certifications?

A lot of people will understandably not be too thrilled about all these changes that are taking place. So the question they will need answers to is why should they be concerned about Microsoft certifications anyway?

Well, with Microsoft certification, you can easily demonstrate your expertise, prove your skills, and thus place yourself at a great advantage as an IT professional. As a Microsoft certified professional, you can expect to receive higher recognition of your skills due to validation.

Also, 23% of IT professionals that are certified by Microsoft will earn 20% more. And if that’s not enough, up to 49% believe that having cloud certifications will increase your employability. Therefore, if the knowledge and skills alone are not enough to get you to consider Microsoft certifications, then the other potential benefits should.         

For an organization to grow, you need to perform consistently at a high level. And this is what Microsoft’s role-based certifications aim to offer. You need to have IT professionals that will consistently outperform other colleagues across all roles.

As the cliché goes, time is money. So if you can have highly-skilled IT professionals, they can save you plenty of time on tasks such as setting up infrastructure, determining the scope of impact of security issues, and designing and implementing Microsoft 365 services to name a few.

Therefore it’s easy to see how certifications that focus on the broad responsibilities of the various IT roles can be of immense value to your organization.

Wrap up

The success of your organization may very well hinge on the skill and expertise of your IT department. In a fast-paced business environment, you need IT professionals that are capable of leveraging new technologies to boost productivity. And this is what Microsoft role-based certifications are all about.

The goal is to equip your IT professionals with all the knowledge and capabilities required to execute their day-to-day tasks. So rather than having individuals who are great with specific technologies, you can now get a group of people who are experts at performing across a wide range of responsibilities and technologies. 

Top 10 Benefits of Windows Autopilot

Gaining even the slightest advantage over your competitors can make a massive difference to the success of your business.

With so much technology available, you need to choose the right solutions for the growth of your organization. Windows Autopilot is a collection of technologies that helps you to make better use of your time. It does this by helping you to pre-configure new devices and thus reducing the time to productivity.

So, not only is this going to simplify the operations of your IT department, but it will also empower your employees. Below we’ll go over the top 10 benefits of Windows Autopilot to your business.

1.    Self-deployment

There are few better ways to enhance your productivity than by having new devices ready for business straight off the shelf. Any new Windows 10 devices that have been pre-enrolled in the Windows Autopilot program will be ready to use on arrival with zero-touch and no involvement from your IT team. When a user takes possession of such a device, all they’ll need to do is turn it on, connect to a network, and then wait a little.

2.    No OS re-imaging

This part of setting up new devices is one that has always taken up a significant amount of time. With IT departments having to manually install apps and drivers, manage infrastructure, and set policies, the process took relatively long. But, Windows Autopilot does away with all that. By using a smart and easy pre-configuration, all of this becomes an automatic process. Once you have set up an Autopilot profile in Microsoft Intune, all the Windows devices that you have under that profile will have these settings applied.

3.    Customize OOB experience

To save time, Autopilot allows you to customize the out-of-the-box experience (OOBE) in advance. All you need to do is set your organization’s preferences. And this will simplify things for end-users by eliminating entire sections during setup that previously required manual input. So now they’ll be able to get through the setup process much faster and with a lot less hassle. With this kind of capability, you can ship devices directly to end-users and they’ll be up and running in no time.

4.    Enrollment status

Bypassing IT when setting up devices is something that will understandably concern some people. However, Autopilot has an enrollment status feature to alleviate those concerns. What this feature does is to ensure that a device is fully configured, compliant, and secure before the end-user gains access. That way, IT still gets to assess devices, make sure that they are properly set up, and resolve any errors when issues arise.

5.    Independent of MDM

Can you use Autopilot if your organization doesn’t use Microsoft Endpoint Manager/Microsoft Intune? The answer is yes you can. Any MDM will work with Autopilot but for an optimum experience with all the features then Intune would be best. So for any business that prefers other non-Microsoft technologies, you can still reap the benefits that Autopilot offers. You may be missing out on using this fantastic technology because of some of the misconceptions that people have.

6.    Available for existing devices

This is another area that often requires clarification as some existing devices can qualify. To be specific, users with Windows 1809 and above can also benefit from Windows Autopilot for existing devices. IT people can now facilitate processes like Windows 7 to Windows 10 migration through Autopilot. They can do this by using a ConfigMgr task sequence and then followed by an Autopilot user-driven mode.

7.    Simple redeployment

Occasionally, certain devices will need to be given to new users or repurposed entirely. Autopilot makes wiping a device a simple process that you can do in minutes. And once that is done, you’ll have a device back in OOBE status and ready to be handed over to someone else. This new user will receive the device with the specific configurations that they need already in place. By making resetting devices this easy, Autopilot further empowers IT teams and enhances their productivity.

8.    Avails latest technology

By pre-configuring devices, Autopilot enables end-users to immediately gain access to the latest versions of essential tools. These include Microsoft technologies such as Teams, Word, PowerPoint, Excel, etc. And so without the need to wait on IT, end-users will have all the essential apps they need with all the necessary settings already applied. Furthermore, you no longer need to worry about third-party bloatware that is often a nightmare to deal with. 

9.    No maintenance of images and drivers

Custom images require a significant time investment to create and maintain. And they will need you to wipe every single device that your organization acquires. Undoubtedly, they place a lot of work on the schedules of your IT people. With Autopilot, however, these custom images become unnecessary. All you have to do during provisioning is to get in touch with the manufacturer to get the device ID.

What’s New with Windows Autopilot for HoloLens 2

Billedresultat for hololens 2

In early 2020, Microsoft announced that it was going to bring Windows Autopilot to the HoloLens platform. Initially, it was only in private preview on HoloLens 2. However, later on that year, Microsoft made it available for public preview. Windows Autopilot plays a key role in simplifying deployments and reducing the time required to productivity.

As a result, it helps your organization to cut down on costs and enhance efficiency. So if your business needs to introduce new devices, then Autopilot offers you a great solution for that. This announcement from Microsoft expectedly aroused significant interest so we’re going to take a look at what all this could mean for you.

HoloLens 2 overview

HoloLens 2 is the next step in the evolution of Microsoft’s revolutionary mixed reality headset. This device is one that you place over your head and has a visor that goes over your eyes offering users a new way to interact with information.

The technology provides apps and solutions that will enhance communication, learning, collaboration, and much more through the use of mixed reality. The challenge that organizations have had to face is that as this technology has grown in popularity and use, its deployment at scale has become a laborious and costly affair. Hence the need for Windows Autopilot to provide a simpler, more effective, and more streamlined deployment solution.

Device set up

To get started, you’ll need to go through the process of device set up. Fortunately, setting up your devices will only involve a few simple steps. Once a user has started the self-deployment process, Autopilot then proceeds with the following steps:

  • Join the device to Azure AD. However, it’s important to remember that Autopilot for HoloLens does not support Active Directory join or Hybrid Azure AD join.
  • Enroll the device in Microsoft Endpoint Manager (or another MDM) using Azure AD.
  • Download certificates, apps, device-targeted policies, and networking profiles and then apply them.
  • Provision the device.
  • Present the sign-in screen to the user.

With the public preview, Windows Autopilot for HoloLens devices can be configured using Microsoft Endpoint Manager (MEM) controls. And this applies to all customer tenants. To get started, you’ll have to log into the MEM admin center. Once there, select Devices > Windows > Windows enrollment. And then under Windows Autopilot Deployment Program, select Deployment Profiles > Create profile > HoloLens (preview).

Requirements

To use Windows Autopilot, you’ll need to have Windows Holographic, version 2004 (released May 2020) or newer. However, Microsoft only began shipping devices with this version pre-installed in late September 2020.

Fortunately, though, Microsoft allows you to use the Advanced Recovery Companion (ARC) to re-flash your devices to the latest operating system. Using ARC, you can also check the build version that is currently installed on your devices.

The process is not overly complicated and you can find instructions here. Ideally, it would be best to request from your distributor that they supply you with Autopilot-ready devices.

Tenant Lock for HoloLens 2

This feature allows organizations to permanently bind devices to their Tenants and keep them under management after initial enrollment. With this feature, your device will always be deployed by Autopilot and managed by MEM. Even in the event of OS updates, accidental or intentional resets, or wipes.

If your organization deploys HoloLens 2 devices with Autopilot, you can set up a specific policy. This policy which is deployed post-enrollment enforces:

  • the permanent enforcement of Autopilot deployment,
  • the prevention of local user creation during device setup,
  • mandatory network connection,
  • the prevention of all other escape hatches during device setup, and
  • the prevention of device ownership during the device setup process except for the organization Tenant it is registered to with Windows Autopilot.

Using Autopilot with Wi-Fi connection

Microsoft will also allow you to use Windows Autopilot Deployment for HoloLens 2 with a Wi-Fi connection in addition to the regular Ethernet-based connection. This is something that you can get as part of Insider Preview (Build 19041.1364 or above).

What this means is that you do not need to use ethernet to USB C or Wi-Fi to USB C adapter. Instead, all you simply need to do is to connect the device to your available Wi-Fi internet network and deploy the device with Windows Autopilot.

User experience

After the process of configuring Autopilot for HoloLens 2 is complete, you then move on to the provisioning of the HoloLens devices. The Autopilot experience needs internet access and you have several options to choose from. You can connect your device to a Wi-Fi network in OOBE and then let it detect Autopilot experience automatically.

Alternatively, you can use “USB-C to Ethernet” adapters for wired internet connectivity and let HoloLens 2 complete Autopilot experience automatically. And with the third option, you can connect your device with “USB-C to Wifi” adapters for wireless internet connectivity and let HoloLens 2 complete Autopilot experience automatically.

During the next step in the provisioning process, the device will automatically start OOBE and all that is required of you is to let HoloLens 2 detect network connectivity and leave it to complete OOBE automatically. And when the OOBE process is complete, you can then sign in to the device using your user name and password.

Simplifying deployments

Windows Autopilot has provided countless benefits to a lot of organizations by reducing the complex nature of deployments at scale. This cloud-based platform significantly reduces time to productivity and empowers end-users. And so it only makes sense that HoloLens 2 is now able to leverage the capabilities of this fantastic technology. Organizations cannot afford to spend vast amounts of time dealing with deployment scenarios for which fast, cost-effective solutions are available. From medical institutions to academic ones, HoloLens 2 gives you an amazing new way of interacting with information and Autopilot enhances that experience.

Philips Hue Bridge POE

IOT, Smart Home, Intelligent home; Meaning a lot of connected devices (and power adapters & cables!)
I have been using the Philips Hue system from the very beginning, recently upgraded to the Philips Hue Bridge 2.1 Square-shape bridge (supports Apple HomeKit)

After my last upgrade to the home infrastructure. with the new and improved UniFi Switch PRO 24 PoE I wanted to get the most out of the switch with POE (Power-Over-Ethernet)

I would have loved to see the Philips Hue Bridge with build-in POE, but unfortunately that was not the case of the 2.1 release. Luckily with a bit of creativeness this can be achieved with the correct equiptment and cables.

The bridge comes with a regular DC barrel plug adapter

Parts list for the items you will need:

Barrel adapter to USB – NOTE: The V2 bridge barrel is 5.5 x 2.5 mm
Direct link: 5.5 x 2.5 mm DC USB
If you buy a barrel adapter to USB, you will be able to use any POE adapter.
Ubiquiti Instant 802.3AF to USB adaptor requires not configuration plug and play!

NOTE: 2 Networking cables will be needed with this solution, 1 for POE, and 1 for the actual device connection.
If you do not want to use 2 ports, go for a POE splitter with barrel adapters (802.3af POE splitter with 5 volts DC)

Amazon.com: 802.3af PoE Splitter with 5 Volts DC Plug | PLUSPOE Power Over  Ethernet for 5v Devices Like Foscam, Amcrest, Dropcam and More, 3.5x1.35mm DC  Barrel: Kindle Store

The wall mounts used printed on the Ender-5 Pro
– Philips Hue wall mount: https://www.thingiverse.com/thing:2458638
– Ubiquiti Instant wall mount: https://www.thingiverse.com/thing:4497478

Latest Updates for Windows 10 Driver Management

Microsoft has claimed that the main cause of Windows 10 or hardware failures has been the hardware drivers themselves. And this happens to be an area in which Microsoft has had no control.

In the past, Microsoft has given the driver update authority to the various hardware manufacturers. As a result of that, these manufacturers have retained the ability to directly push drivers to their users through the system update.

Given the number of issues that users have been facing, Microsoft has decided to make some adjustments to their driver update management policy. These updates will likely have a significant impact so let’s take a look and see what this means for us all.

Addressing the issues

In early 2020, Microsoft quietly went about the process of starting to address the driver issues that have been plaguing users. It started with the announcement that there was going to be an introduction of rolling out drivers in phases.

And this would differ from the past where all Windows 10 computers were receiving major and minor updates automatically via Windows Updates that were released on the same day for everyone. The idea with the phase system is to allow the pushing of updates to highly active devices from where Microsoft can then collect diagnostic data that helps to assess compatibility issues.

Also, Microsoft mentioned implementing a new policy where their hardware partners can now ask them to block Windows 10 feature upgrades on a PC running an incompatible driver. The widespread problems that arose from Microsoft being the only one doing the assessing and blocking necessitated this change in approach. By doing all of this, Microsoft can begin the process of resolving the countless headaches that we have been facing.

Driver installation

So to bring an answer to this issue, Microsoft made another announcement to the effect that they would be adjusting the automatic driver installation strategy for Windows 10 20H2 from November 2020.

This update is meant to provide users with a greater degree of control over the driver update and in this way you will have better stability. This new driver management model is going to give hardware manufacturers options, either automatic or manual.

This is what Microsoft has said regarding the adjustments that came in to effect on the 5th of November last year:

1. Automatic driver updates will automatically be installed on your machine either when you plug-in a peripheral device for the first time, or when a device manufacturer publishes a driver to Windows Update. In other words, there will be no change to the plug-and-play scenario when an automatic driver is available on Windows Update.

2. Manual driver updates can be installed manually on your machine if you specifically request them by navigating to Settings > Update & Security > Windows Update > View optional updates.

However, these changes will only affect devices that receive updates directly from Windows Update. So if you’re an IT professional who manages drivers for a business, then these adjustments won’t affect the way you operate.

Manual driver updates

According to Microsoft, the abovementioned adjustments should now enable you to see a clear distinction between automatic and manual updates in Windows Update. With the end goal being to create a total transformation of the management of drivers, something that began earlier in the year with the rolling out of updates in phases.

All this should give users greater control by redefining the servicing of manual drivers for machines running Windows 10, version 2004 and later. Previously, when a user would connect a peripheral device with an optional driver such as a camera to their machine for the first time, there would be an automatic installation of that driver. Instead, with the changes that Microsoft has implemented, you now have control over how you proceed.

Driver distribution

When you submit a driver to Windows Update, the Driver Delivery Options section will present you with two radio buttons: Automatic and Manual. Under the Automatic option, there are two further options:

  • Automatically delivered during Windows Upgrades – under this option, drivers are classified as a Dynamic Update. When upgrading the OS, this is where Windows will automatically preload drivers.
  • Automatically delivered to all applicable systems – when you select this option, the drivers will be downloaded and installed automatically on all applicable systems once they are released.

How to submit a driver to Windows Update

Publishing a driver to Windows Update will require the creation of a hardware submission. Once that is done you can then proceed with the steps given below:

1) Find the hardware submission with the driver that you want to distribute.

2) Head over to Distribution and select New shipping label.

3) Under shipping label, go to Details and enter a name for the shipping label in the space provided. It’s this name that will allow you to search for and organize your shipping labels.

4) In the Properties section you will need to fill in the following fields: Destination, Specify the partner (if any) that is allowed visibility into this request, and Driver Delivery Options.

5) Go to Targeting and choose the driver package that you want to publish.

6) At this point, Select PNPs is now available so you can go ahead and choose the hardware IDs that you want to target.

7) Enter each CHID into the text box and select Add CHID(s) if you would like to add them.

8) You can limit public disclosure of your Shipping Label in the Windows Update Catalog and WSUS Catalog, by checking the Limit Public Disclosure of this Shipping Label information box.

9) If your driver targets Windows 10 in S mode, then you will need to select both boxes.

10) Select Publish to send your request to Windows Update or Save if you don’t want to publish as yet.

Optional installation

The optional updates feature is now available to users that have upgraded to Windows 10 20H2. With this feature, the system will let you know of the availability of device drivers other than the ones that the PC is currently using. If you go to the View optional updates section, you’ll see where it says Driver updates. And if you click on it, it will display a list of all the device drivers that are available for the target PC. Essentially what you get with this feature is the ability to install specific drivers if and when necessary. Otherwise, automatic updates will keep your drivers updated.

To install any of these drivers, simply follow the steps below:

1) Press WinKey + I to launch the Settings app.

2) Go to Update & Security and click on Windows Update.

3) Over on the right side, you’ll see View Optional updates just under the Check for updates button. Click on it.

4) Under the Driver Updates section, you’re going to find a list with all of the available updates for the computer.

5) Check all the boxes corresponding to the device drivers that you want to install. Click Download and install.

Windows 10 October 2020 Update common problems — and the fixes | Windows  Central

Windows 10 will then immediately start downloading the chosen driver updates. Once the process is complete, the system will install the updates and prompt the users to Restart Windows.

Should you install optional updates?

As mentioned above, you can install optional device drivers if the need for them arises. For instance, when doing a clean install of Windows 10, some may find it preferable to manually install graphic drivers that you download from Intel and NVIDIA.

However, it’s important to note that Windows will still automatically install all mandatory updates, including security updates and non-optional cumulative updates. Therefore you don’t need to worry about automatic driver updates because this new approach won’t affect them. This is because they will continue to be installed via Windows Update when they are published by the manufacturer or when you connect the device.

So with optional updates, Microsoft has changed the system such that driver updates are no longer forced on you. You can select those that you want and block any that give you problems. Most users will probably be leveraging this functionality for those times when compatibility issues arise.

Potential issues

Microsoft’s new model for driver management aims at resolving the multitude of problems that users have been grappling with. However, this new model is not without its potential issues. As much as it may give users more control, it’s also going to present challenges for peripherals that don’t have automatic drivers readily available.

This is because not everyone may be aware that they need to go to Windows Update and manually download the necessary driver for the hardware to work. Without this, Windows will return a Driver Not Found error that may leave more than a few people stuck.

Since Microsoft is also going to be blocking users from applying OEM or manufacturer drivers if Windows can’t verify software publisher, this will probably lead to a few driver errors when Microsoft is unable to verify the drivers. If verification fails, there are two error messages that you’ll likely see with the first being “Windows can’t verify the publisher of this driver software” and the second “No signature was present in the subject”. Microsoft’s advice in these scenarios is that you contact the manufacturer and ask them to upload the driver with appropriate fixes.

Key differences

Under the View Optional updates link, users get to view the optional updates that they won’t receive automatically. Using this link will replace having to use Windows 10’s Device Manager controls to find optional updates.

With Microsoft making minor adjustments to how Windows 10 drivers arrive for Windows Update service users, it’s important to note that this change is more than just a simple user-interface modification.

Those using the newer version of Windows 10 will get updated drivers only when they search for them using the View optional update command. And they’ll be getting only the drivers that are already on the device without searching for new ones via the Windows Update service.

In Windows 10, version 1909 and earlier, Windows Update automatically distributes manual drivers when:

a) a device has no applicable drivers available in the Driver Store (raising a “driver not found” error), and there is no applicable Automatic driver

b) a device has only a generic driver in the Driver Store, which provides only basic device functionality, and there is no applicable Automatic driver

But for users of Windows 10, version 2004, Windows Update distributes only Automatic drivers for a system’s devices. When Manual drivers are available for devices on the computer, the Windows Update page in the Settings app displays View optional updates.

Time to enhance driver management

The challenges that we have all witnessed in recent years were in dire need of a solution. And a major one at that. The countless incompatibility issues that saw the trashing of Windows 10 were slowly but surely eroding the confidence that users have in the operating system.

Problems such as audio not working, system crashes, slow performance, etc, are significant issues that can severely hinder the productivity of a business. So it’s not really a surprise when we look at all the updates that Microsoft made to its driver management policy in 2020.

Security has improved and the new driver management model is a more stable platform that gives users greater control. And all of this you’ll get without having to worry about key updates being affected. Those are still performed automatically to ensure that your system remains as secure as possible. Undoubtedly, there are still a few bugs to iron out here and there, but the rapidly improving system is certainly enhancing the Windows 10 experience.