Tag Archives: Azure

Windows Autopatch: Guide to Setup and Configuration

Posted on by
1

Most businesses have several technologies that they use to help their employees operate at the highest levels of efficiency. Without them, your ability to provide high-quality products and services would be severely hindered.

But, all these devices and the associated operating systems and applications need maintenance for them to work the way they were designed to. They need regular attention as well as updates and security patches. This is so businesses can fully benefit from their productivity tools.

Windows Autopatch gives you a great solution for your Microsoft products by automating the update process. Additionally, it simplifies the maintenance process for you. In this article, we’ll be going over how your business can set up this must-have solution.

What is Windows Autopatch?

Let’s start by explaining what exactly Windows Autopatch is and what it does. According to the Windows Autopatch page:

Windows Autopatch is a cloud service that automates Windows, Microsoft 365 Apps for enterprise, Microsoft Edge, and Microsoft Teams updates to improve security and productivity across your organization.”

One of the key reasons this solution is a much-needed tool is that the process of implementing updates is not entirely seamless for a lot of organizations. IT admins are responsible for ensuring your organization’s devices get all the necessary updates upon release. And they’re responsible for overseeing that everything is working as it should.

So, even though Microsoft provides regular updates for its products and services, the task can sometimes be challenging and very time-consuming. Therefore, with a solution like Autopatch, IT admins can save a lot of time on the update processes. They can additionally cut time in positioning the overall security posture of the business, leading to improvements.

I’m sure most would agree that this is an excellent feature to have, given the increasing sophistication of cyber attacks. Additionally, end users will be able to work more efficiently with fewer distractions. Moreover, your IT personnel will potentially have a lot more time on their hands for dedicating to more productive tasks.

The role of Autopatch services

From what we have seen over the last year, we know that Windows Autopatch can manage your updates for you. But, you still need to know what exactly Autopatch will be responsible for regarding those updates. This is why it’s not too surprising that a lot of IT admins are hesitant about using Autopatch. They have concerns about losing control over their devices.

To simplify the rollout of the different updates, Windows Autopatch will place devices into groups based on their software and hardware configurations. Doing it this way enables suitable test machines to receive updates first. And if all goes well, broader deployments can proceed as well. Not only is this a crucial step for evaluating updates, but it can help alleviate some of the concerns that IT admins have.

Below is a list of what Autopatch will be responsible for updating:

  • Windows 10 and Windows 11 quality
  • Windows 10 and 11 features
  • Windows 10 and 11 drivers
  • Windows 10 and 11 firmware
  • Microsoft 365 apps for enterprise updates

In addition to the above list, Windows Autopatch will also be responsible for patching drivers and firmware that are only published to Windows Update as automatic. Also, in terms of how Windows Autopatch operates, there are four deployment rings. The first one caters to a few of your company’s devices, and the second one is responsible for 1% of these devices. The third and fourth rings will contain 9% and then 90% of the organization’s devices respectively. 

Setting up Windows Autopatch

The process of setting up Windows Autopatch includes several steps that we will be discussing in this section.

PREREQUISITES

AreaRequirements
LicensingWindows 10/11 Enterprise E3 (or higher) in addition to Azure Active Directory Premium and Microsoft Intune.
ConnectivityAll Windows Autopatch devices require dedicated connectivity to multiple Microsoft service endpoints across the corporate network.
Azure Active DirectoryThe source of authority for all user accounts needs to be Azure AD. Or, the user accounts can be synchronized from on-premises Active Directory using the very latest supported version of Azure AD Connect to enable Hybrid Azure Active Directory to join.
Device managementAll devices must be registered with Microsoft Intune, be connected to the internet, have a Serial number, Model and Manufacturer, and must be corporate-owned. Furthermore, the target devices will need to have Intune set as the Mobile Device Management (MDM) authority or co-management must be turned on.

NETWORK CONFIGURATION

  • Proxy configuration – Windows Autopatch needs to reach certain endpoints for the various aspects of the Windows Autopatch service. Network optimization can be done by sending all trusted Microsoft 365 network requests directly through their firewall or proxy.
  • Proxy requirements – should support TLS 1.2, and if not, then you may need to disable protocol detection. 
  • Required URLs – mmdcustomer.microsoft.com

                         – mmdls.microsoft.com

                         – logcollection.mmd.microsoft.com

                         – support.mmd.microsoft.com

  • Delivery optimization – Microsoft recommends configuring and validating Delivery Optimization when you enroll into the Windows Autopatch service.

TENANT ENROLLMENT

The first step in this next stage will require you to verify that you’ve met all the requirements discussed at the beginning of this section.

With that done, you’ll now need to run the readiness tool. This checks the settings in both Intune and Azure AD and verifies that they work with Autopatch. To access this readiness assessment tool, head over to the Intune admin center and select Tenant administration in the left pane. Once there, go to Windows Autopatch > Tenant enrollment. When the check is done, you’ll get one of four possible results: Ready, Advisory, Not ready, or Error. And if this check is showing any issues with your tenant, then your next step will involve fixing the issues picked up by the readiness assessment tool.

If everything is in order and the readiness assessment tool has given you the “Ready” result, then you can proceed and enroll the tenant. You’ll find the “Enroll” button that you need to select within the readiness assessment tool. Once you select this option, it will start the process of enrolling your tenant into the Windows Autopatch service. You’ll see the following during the process:

  • Consent workflow to manage your tenant.
  • Provide Windows Autopatch with IT admin contacts.
  • Setup of the Windows Autopatch service on your tenant. This step is where the policies, groups, and accounts necessary to run the service will be created.

Your tenant will be successfully enrolled upon completion of these actions. And then, after all this is done, you can delete the collected data by the readiness assessment tool if you want. To do so:

  • Head over to the Microsoft Intune admin center.
  • Go to Windows Autopatch > Tenant enrollment.
  • Select Delete all data.

ADD AND VERIFY ADMIN CONTACTS

After you have finished the process of enrolling your tenant, you can move on to the addition and verification of admin contacts. Windows Autopatch has several ways of communicating with customers. And there’s a requirement to submit a set of admin contacts when onboarding. Each specific area of focus should have an admin contact. This provides that the Windows Autopatch Service Engineering Team has a contact for assistance with the support request. These areas of focus are given below.

Area of focusDescription
DevicesDevice registration Device health
UpdatesWindows quality updates Windows feature updates Microsoft 365 Apps for enterprise updates Microsoft Edge updates Microsoft Teams updates

To add the admin contacts, follow these steps:

  • Sign in to the Intune admin center.
  • Head over to the Windows Autopatch section, find Tenant administration, and then select Admin contacts.
  • Select Add.
  • Now, you need to provide all the necessary contact details. This includes name, an email, phone number, and language of choice.
  • Choose an area of focus and provide information about the contact’s knowledge and authority in this particular area.
  • Click Save and then repeat the steps for each area of focus.

DEVICE REGISTRATION

  • Windows Autopatch groups device registration

Autopatch groups will start the device registration process for devices that aren’t yet registered using your existing device-based Azure AD groups. This is instead of the Windows Autopatch Device Registration group. Windows Autopatch will support a couple of Azure AD nested group scenarios, namely Azure AD groups synced up from:

  • On-premises Active Directory groups (Windows Server AD)
  • Configuration Manager collections
  • Clean up dual state of Hybrid Azure AD joined and Azure registered devices in your Azure AD tenant

For an Azure AD dual state to occur, a device needs to be initially connected to Azure AD as an Azure AD registered device. And then, when you enable Hybrid Azure AD join, the same device will be connected twice to Azure AD as a Hybrid Azure AD device.

So, what you’ll find in the dual state is a device with two Azure AD device records with different join types. However, the Azure AD registered device record is stale because the Hybrid Azure AD device record will take precedence.

About the Registered, Not ready, and Not registered tabs

Device blade tabPurposeExpected device readiness status
RegisteredShows successful registration of devices with Windows AutopatchActive
Not readyShows successfully registered devices that aren’t yet ready to have one or more software update workloads managed by the Windows Autopatch service.Readiness failed and/or Inactive
Not registeredShows devices that have not passed the prerequisite checks and thus require remediation.Prerequisites failed.

Device readiness statuses

Readiness statusDescriptionDevice blade tab
ActiveShows devices that: +have passed all prerequisite checks +registered with Windows Autopatch +have passed all post-device registration readiness checksRegistered
Readiness failedShows devices that: +haven’t passed one or more post-device registration readiness checks +aren’t ready to have one or more software update workloads managed by Windows AutopatchNot ready
InactiveShows devices that haven’t communicated with Microsoft Intune in the last 28 days.Not ready.
Prerequisites failedShows devices that: +haven’t passed one or more prerequisite checks +have failed to successfully register with Windows AutopatchNot registered

Built-in roles required for device registration

Roles are permissions granted to dedicated users. And there are a couple of built-in users in Autopatch that you can use to register devices:

  • Azure AD Global Administrator
  • Intune Service Administrator

Less privileged user accounts can be assigned to perform specific tasks in the Windows Autopatch portal. You can do this by adding these user accounts into one of the two Azure AD groups created during the tenant enrollment process:

Azure AD group nameDiscover devicesModify columnsRefresh device listExport to .CSV
Modern Workplace Roles – Service AdministratorYesYesYesYes
Modern Workplace Roles – Service ReaderNoYesYesYes

Details about the device registration process

The process of registering your devices with Windows Autopatch will accomplish a couple of things:

  • Creation of a record of devices in the service.
  • Device assignment to the two deployment ring sets and other groups required for software update management.

Windows Autopatch on Windows 365 Enterprise Workloads

As part of the Windows 365 provisioning policy creation, Windows 365 Enterprise admins will have the option to register devices with Windows Autopatch. This means that Cloud PC users will also benefit from the increased security and automated updates that Windows Autopatch provides. The process for registering new Cloud PC devices is as follows:

  • Head over to the Intune admin center and select Devices.
  • Next, go to Provisioning>Windows 365 and select Provisioning policies>Create policy.
  • Type in the policy name, select Join Type, and then select Next.
  • Pick your desired image and select Next.
  • Navigate to the Microsoft managed services section, select Windows Autopatch, and then select Next.
  • Assign the ideal policy, select Next, and then select Create.
  • Your newly provisioned Windows 365 Enterprise Cloud PCs will then be automatically enrolled and managed by Autopatch.

Windows Autopatch on Azure Virtual Desktop workloads

Azure Virtual Desktop (AVD) workloads can also benefit from the features that Windows Autopatch has to offer. Your admins can use the existing device registration process to provision their AVD workloads to be managed by Autopatch.

One of the most appealing features of Windows Autopatch is how it offers the same quality of service to virtual devices as it does to physical ones. This ensures that if your business is looking to migrate to virtual devices or is already using them, then you won’t miss out on what Windows Autopatch offers.

It is worth noting, however, that any Azure Virtual Desktop specific support is deferred to Azure support unless otherwise specified. In addition, the prerequisites for Windows Autopatch for AVD are pretty much the same as those for Windows Autopatch and AVD.

The service will support personal persistent virtual machines. But, there are some AVD features that are not supported such as multi-session hosts, pooled non-persistent virtual machines, and remote app streaming.

Deploy Autopatch on Azure Virtual Desktop

Another great feature that you’ll get with Autopatch is that you can register your Azure Virtual Desktop workloads using the same method as your physical devices. Microsoft recommends nesting a dynamic device group in your Autopatch device registration group to simplify the process for your admins. And this dynamic device group is going to target the Name prefix defined in your session host while also excluding any Multi-Session Session Hosts.

Client support

Windows Autopatch provides businesses with excellent support services to ensure that any issues are addressed. You can access the appropriate support services through Windows 365, or the Windows Autopatch Service Engineering team for device registration-related incidents.

Device management lifecycle scenarios

Before you proceed and register your devices in Windows Autopatch, there are a few device management lifecycle scenarios that you may want to consider. These include the following:

  • Device refresh – devices that were previously registered in Autopatch and require reimaging will require you to run one of the device provisioning processes available in Microsoft Intune to reimage these devices. Subsequently, these devices will be rejoined to Azure AD (Hybrid or Azure AD only) and then re-enrolled into Intune. And because the Azure AD device ID record of that device will not be altered, neither you nor Windows Autopatch will need to perform any additional actions.
  • Device repair and hardware replacement – when devices require you to repair them by replacing certain hardware, then you’ll need to re-register these devices into Autopatch when you’re done. We are talking about the kind of repairs that include replacing parts such as the motherboard, non-removable network interface cards (NIC), or hard drives. And the reason why re-registration is necessary is that when you replace those parts, a new hardware ID will be generated, including:
  • SMBIOS UUID (motherboard)
  • MAC address (non-removable NICs)
  • OS hard drive’s serial, model, manufacturer information

So, even though you still practically have the same device, whenever you replace major hardware, Azure AD will create a new ID record for that device.

UPDATE MANAGEMENT

Software update workloads

Software update workloadDescription
Windows quality update – on the second Tuesday of every month, Autopatch deploys monthly security update releases. Autopatch also uses mobile device management (MDM) policies to gradually release updates to devices. These policies are deployed to each update deployment ring to control the rollout.Requires four deployment rings to manage these updates
Windows feature update – in this instance, you’ll be the one to inform Autopatch when you’re ready to upgrade to the new Windows OS version. The feature update release management process has been designed to make the task of keeping your Windows devices up to date much easier and more affordable. This also has the added benefit of lessening your burden, thus allowing you to dedicate more time to more productive tasks.Requires four deployment rings to manage these updates
Anti-virus definitionUpdated with each scan
Microsoft 365 Apps for EnterpriseFind information at Microsoft 365 Apps for Enterprise
Microsoft EdgeFind information at Microsoft Edge
Microsoft TeamsFind information at Microsoft Teams

Autopatch groups

Autopatch groups play an essential role in helping Microsoft Cloud-Managed services work with businesses according to their various needs. When it comes to update management, Windows Autopatch groups provide an excellent tool that allows for the combining of Azure AD groups and software update policies. These might include Windows Update rings and feature update policies.

Reports

If there are any Windows Autopatch managed devices in your environment that are not up to date, you can monitor and remediate them using Windows quality and feature update reports. Not only that, but you can also resolve any device alerts to bring Windows Autopatch-managed devices back into compliance.

Policy health and remediation

To enable the management of Windows quality and feature updates, Autopatch needs to deploy Intune policies. Windows Update policies must be healthy at all times should you plan to remain up to date and receive Windows updates. Microsoft ensures continuous monitoring to maintain the health of the policies, as well as raise alerts and provide remediation actions.

Wrap up

The threat of attacks against businesses is something that is always lurking. And as we have seen on far too many occasions in recent years, these attacks can be devastating. Business operations can be severely compromised. Additionally, the financial penalties can be massive. Therefore, there is a need to do everything within your power to fortify your system defenses. Windows Autopatch allows you to bolster your security by automating certain tasks.

Make sure that update and patch deployments occur in a timely fashion. It can significantly reduce the risk of attacks against your business. And this is precisely what Autopatch is ready to help you prevent.

It helps you by automating the update process and simplifying tasks that are sometimes difficult and time-consuming. As a result, you get an easier and less expensive way of equipping your business with all the latest security updates necessary. Ultimately, it allows you to enhance your operations.

Understanding The Microsoft 365 Stack For Cloud Security

Posted on by
Reply

Microsoft 365 (M365) provides businesses with a solution that empowers people to fully utilize their creativity while working together securely. The Microsoft 365 Stack is your IT security blanket.

All of the features that you get should enhance the productivity of your business. But, the key to all of this is keeping your data secure.

Incidents of security breaches have been steadily increasing over the last few years so data security should be a top priority for all businesses. By understanding how the Microsoft 365 stack operates, we can see how the available features can strengthen your cybersecurity.

What’s in it?

The first question that one may ask is what will you get with Microsoft 365? And is it actually any different from Office 365 or is this merely a rebranding exercise?

Firstly, clients get local apps and cloud-based apps, and productivity services. These include both M365 Apps for enterprise, the latest Office apps (such as Word, Excel, PowerPoint, Outlook, and others), and a full suite of online services.

Secondly, you’ll also receive Windows 10 Enterprise which is the most productive and secure version of Windows. It meets the needs of users and IT for both large and medium enterprises.

And finally, you also benefit from device management and advanced security services including Microsoft Intune. So all in all, Microsoft 365 is designed to be a more comprehensive solution and the name change is more reflective of the range of features and benefits in the subscription.  

Businesses are vulnerable

The importance of cloud security to a business cannot be overstated. Especially when you take into consideration the study by the University of Maryland showing that cybercriminals infiltrate business data about once every 39 seconds.

And as remote work continues to expand, the use of personal devices to access sensitive data can be a massive additional risk. This is why businesses need platforms like Microsoft 365 Stack to not only enhance productivity but safeguard business data as well.

Backing up your data

Arguably one of the first things to consider in your data protection strategy is cloud backup. Because there are so many threats – internal and external – to data security, having your data backed up is a must. Using the Microsoft 365 Cloud Backup comes with several benefits that you simply cannot ignore. And these include:

  • Protection against accidental deletion of data which is something that will happen occasionally.
  • Protection against data losses resulting from cyberattacks.
  • Threats don’t always come from outside actors so backups will also protect you from the nefarious actions of internal actors.
  • Backups can help you to manage legal and compliance requirements.

Working from anywhere

One of the key selling points of Microsoft 365 is how it enables people to collaborate on various projects from just about anywhere. And this is made possible because the responsibility of your data’s security lies with Microsoft.

Businesses can rest easy knowing that their data is highly secure on the OneDrive platform or when shared across Teams and SharePoint.

What this also means is that you have fewer expenses by eliminating the need to maintain expensive hardware.

Furthermore, built-in security features such as the robust data loss prevention policy, Advanced Threat Analytics, and Exchange Online Protection will enable your employees to work remotely as securely as possible.

Secure access to data

The Microsoft 365 stack ensures that even when employees are using personal devices, the security of your data is still maintained. This is possible because of features like multi-factor authentication (MFA) that add a layer of protection to the sign-in process.

So users will have to provide additional identity verification, such as scanning a fingerprint or entering a code received by phone.

Also, you can add solutions like Microsoft Intune to use advanced capabilities that can enforce mobile device encryption and enable the use of PIN numbers. Microsoft ­365 has several threat protection tools that all businesses should know:

  • Microsoft Defender ATP: offers clients excellent endpoint protection and prevents cyberattacks and data breaches. With the increase in use of personal devices, this feature works great on mobile devices, which are particularly vulnerable to attacks.
  • Office 365 ATP: this feature aims to secure your communications by dealing with phishing attacks, zero-day threats, and other types of malware that users may encounter in emails and links.
  • Microsoft Cloud App Security: detects abnormal usage and incidents, alerting you to threats to your cloud apps.
  • Azure ATP: makes use of on-site active directory to keep your identities secure and also reduce the attack surface.

Simplifying update processes

One of the major advantages of having cloud-based software is the ability to have regular updates. This is particularly necessary when we consider the sophistication of the constant cyber threats that businesses have to contend with.

And the great thing about these updates is that Microsoft allows organizations to sign up to an update schedule that is convenient for them. By doing this, regular updates will stop being a nuisance that people sometimes ignore.

Especially given how important they are for bug fixing and patching up security issues. When organizations can have the most up-to-date software versions in their hands, this can significantly enhance their cloud security.

Securing your business

Cyber threats are targeting all kinds of organizations and small businesses are no exception. Without effective solutions in place, you are at risk of being shut down by cybercriminals. But by using Microsoft 365 Stack, you get a robust solution that is designed to provide companies with all the features they need to run a more secure and efficient business.

All the available tools and features will help you to address the data security and compliance issues that you are bound to encounter as time goes on. It may just be time to utilize the enterprise-grade service and protection of the M365 stack. 

Microsoft Launches Windows 365

Posted on by
1

An argument could be made that the need for tools that not only simplify but improve remote work has never been greater than it is today. In an increasingly connected world, leveraging cloud computing can be the answer to a lot of the challenges that businesses are currently facing.

With Windows 365, Microsoft is aiming to improve on existing technologies to make the cloud experience even better. By enabling the computing to be done remotely in a data center and then streamed to users’ devices, Microsoft can offer something that can be compared to game streaming.

As a new way of using a computer as hybrid Windows for a hybrid world, there’s plenty that we need to look into.

What are we looking at?

Just when people were thinking that Windows 10 would be the last in the line of Windows versions, Microsoft gives us another one.

A platform that in Microsoft’s own words is going to take the operating system to the Microsoft cloud and stream the full Windows experience to personal or corporate devices.

This will include settings, data, and apps. It’s what Microsoft calls the Cloud PC. Simply put, this is a service that allows business clients to access cloud PCs from anywhere.

So technically speaking, we should not look at this service as a new version of Windows. Rather, we should take it for what it truly is — a platform that is designed to stream the full experience of Windows 10 or 11 to any browser.

Regardless of which operating system your device may be running. If we are to consider how Microsoft’s Software-As-A-Service (SaaS) model has evolved over the last decade, this move was probably going to be the next step.

Launch date

The announcement from Microsoft was made on the 14th of July and in that statement, it was made known that we should expect Windows 365 on the 2nd of August. This, however, will be for businesses. Chances are that at some point, Microsoft may eventually avail the service to consumers and small shops — sole proprietorships.

Giving clients virtual PCs

By providing this service, Microsoft can potentially cut partners out and provide virtual PCs directly to its clients. Rather than only offering operating systems, applications, productivity suites such as Microsoft Office, etc. Windows 365 can give Microsoft an even bigger slice of the pie. Because of the massive cloud system available with Azure servers, Microsoft won’t have a problem running virtual machines.

This can provide a great tool for the evolution of the Desktop-As-A-Service (DaaS) offering. As Microsoft CEO Satya Nadella said in a statement, “Just like applications were brought to the cloud with SaaS, we are now bringing the operating system to the cloud, providing organizations with greater flexibility and a secure way to empower their workforce to be more productive and connected, regardless of location.”

How does it work?

According to the information that has been made available so far, we know that there will be two versions of Windows 365 — Business and Enterprise. Both of these will be powered by Azure Virtual Desktop. Users will be able to use Windows 365 on any modern web browser or through Microsoft’s Remote Desktop app.

What this means is that users can gain access to their Cloud PC from a variety of devices. In a statement by one of Microsoft 365’s general managers, Wangui McKelvey, he says, “Windows 365 provides an instant-on boot experience.”

This capability simplifies how users can easily stream their Windows sessions. And Windows 365 enables them to do that with all of their same apps, tools, data, and settings across Macs, iPads, Linux machines, and Android devices. As McKelvey goes on to explain, “You can pick up right where you left off, because the state of your Cloud PC remains the same, even when you switch devices.”

Advantages to businesses

Windows 365 can enable your businesses to create Cloud PCs within minutes and assign them to employees. And this can be done without the need for expensive, dedicated physical hardware.

Without a doubt, this could prove to be a very attractive option for plenty of businesses. Especially those that may need to hire remote workers or even temporary contract staff that need to securely access a corporate network.

Because your entire Windows PC is in the cloud, your employees can work comfortably on a very secure platform. Furthermore, they won’t need to navigate VPNs or worry about security on personal devices.

Other advantages that you can get include lower maintenance costs, better protection against cyberattacks and malware, faster provisioning, less downtime in case of cyberattacks, easier patching, and far less disruptive updates.

Licensing concerns

Expectedly, clients are going to have some concerns with regards to how this will affect their current licenses. Will you have to pay more, for potentially the same services? The way Microsoft puts it, that’s not what will happen.

For instance, if you already have a Microsoft 365 E3 license, then you have paid for that service and you won’t need to do so again. This means that you can continue to use the software you have paid for and that includes Windows 10.

When it comes to Windows 365 licenses, what you’ll need to pay for is access to the virtual PC service. The latter will be maintained by Microsoft on its vast network of servers with the aim of running the software that you already have.

In a way, you could consider it similar to purchasing a computer and then purchasing the operating system and applications that you need. As a new offering, things are still hazy but hopefully, Microsoft will further clarify the concerns and confusion that people may have.

One thing that we do know are the licensing requirements and they are as follows:

  • On Windows Pro endpoints: Windows 10 Enterprise E3 + EMS E3; or Microsoft 365 F3, E3, E5 or BP (Business Premium),
  • On non-Windows Pro endpoints: Windows VDA E3 + EMS E3; or Microsoft 365 F3, E3, F5, or BP (Business Premium).

In addition, you also need to know the non-licensing requirements:

  • Azure subscription,
  • Virtual Network (vNET) in Azure subscription,
  • Hybrid Azure Active Directory (AAD) join-enabled.

Cost of service

With the licensing issues out of the way, clients need to know just how much they will need to pay to use Windows 365. Unfortunately, despite the service launching so soon, Microsoft has yet to officially provide a guideline with regards to how much clients will pay. But, during a session at its Inspire partner conference, Microsoft did inadvertently mention how much Business plans would cost. And that came down to $31 per user, per month.

For this, you will get support for 2 CPUs as well as 4GB of RAM and 128GB of storage. However, it is worth noting that we can expect at least one other plan that will cost less. Clients can look forward to having an option for 1 PC, 2GB of RAM, and 64GB storage, aimed at small businesses.

Furthermore, there will also be Enterprise plans that can offer support for 4 or 8 different PCs, in addition to 8/16/32 GB of RAM and 128/256/512GB of storage. For now, however, clients can only guess how much they will have to fork out to access these plans.

Enhancing the capabilities of hybrid work

The global pandemic has changed the way that enterprises look at some of their business practices. With people having had to spend long periods of time at home, businesses had to increase their dependence on virtual processes and remote collaboration. It was necessary to keep businesses running and retain employees.

Although the situation is getting under control in several regions across the globe, the way businesses operate may potentially change. With Windows 365, businesses can tackle head-on the challenges that cloud computing and remote work has often presented.

Organizations will be able to provide employees with greater flexibility and more options to work from different locations. All of this while still ensuring the security of the organization’s data. This is because by taking advantage of the Cloud PC, you get hybrid personal computing that can turn all of your devices into a personalized, productive, and secure digital workspace.

Having this capability will simplify the process of managing seasonal workers without the challenges of issuing new hardware or securing personal devices. As said by Microsoft itself, Windows 365 offers you a better, more modern way to deliver a great productivity experience with increased versatility, simplicity, and security.

Are we getting two Windows versions?

As mentioned above, most people were of the belief that Windows 10 would be the last version we would get. And then in June, Microsoft announced Windows 11. Barely a few weeks after that announcement, along came Windows 365. So not one, but two new versions? But, it’s not quite as simple as that.

Windows 11 is the actual successor to Windows 10. It’s a new operating system packed with new features such as a brand new Start menu that no longer uses Live Tiles. It also comes with new system requirements such as CPUs based on the x64 architecture since there is no 32-bit version of Windows 11. That’s in addition to the 4GB of RAM and 64GB of storage you’ll need to install Windows 11.

So basically, Microsoft has only actually provided one new product, Windows 11 to succeed Windows 10. Windows 365, on the other hand, is something of a hybrid between a virtual machine and Microsoft Remote Desktop.

It’s the subscription service that allows you to create Cloud PCs that run Windows 10 or eventually Windows 11. So the platform is not tied to a particular operating system version therefore you pay a monthly fee based on the hardware configuration you want your PC to have.

What about Azure Virtual Desktop?

Another point that requires clarification is with regards to Azure Virtual Desktop (AVD). Why does Microsoft feel the need to have another VDI? For starters, Windows 365 appears to be more user-friendly than AVD.

Navigation has been made easier and the process of setting up an Azure Virtual Desktop system in the Azure cloud is also significantly less complicated. This is because Windows 365 focuses more on simplicity as compared to Azure whose goal is flexibility.

With Windows 365, you can let Microsoft handle the core infrastructure and platform piece. This is because the platform comes in the form of Software-As-A-Service. On the other hand, with AVD, clients need to manage a supporting Azure subscription, configure and implement the platform services required to allow a thin-client or Remote Desktop client to connect in.

So basically Windows 365 is an automated version of AVD that is aimed at companies of all sizes, including small businesses. Unlike AVD which targets the enterprise market. Below are some guidelines that Microsoft provides for you to choose the product that best suits you.

Azure Virtual Desktop:

  • Windows 10 personalized and multi-session desktops and remote app streaming.
  • Full control over management and deployment plus options for Citrix and VMware integration.
  • Flexible consumption-based pricing.

Windows 365:

  • Windows 10 personalized desktops.
  • Management and deployment with familiar desktop tools and skills.
  • Predictable per-user pricing.

Wrap Up

Windows 365 is introducing a whole different concept to both the Software-As-A-Service and Desktop-As-A-Service environments. This new platform seeks to set the tone for a more modern computing experience that can benefit businesses as well as individuals.

It’s still early stages and there is still a lot that we don’t know.

However, what is certain is that this is more than just a cloud-based version of Windows and can offer ersatz hardware as well. All of this is definitely going to make the future of cloud computing a lot more interesting.