Microsoft details enterprise features in Windows 10 Creators Update

Microsoft today is announcing new enterprise-oriented features coming to Windows 10 with the release of the Creators Update, which is due out in early 2017.

For one thing, Microsoft is including new mobile application management (MAM) capability that can run on Windows 10 devices for those users who are part of Azure Active Directory (AAD). It can integrate with existing first- and third-party MAM and mobile-device management (MDM) services.

“As employees use their own devices at work more and more, we are providing IT with oversight to apply policies to the applications employees use to be productive. This helps keep corporate data more secure without taking on the added responsibility of managing employees’ personal devices,” Rob Lefferts, director of program manager for Windows Enterprise and Security at Microsoft, wrote in a blog post.

Also with the Creators Update, enterprises will be able to deploy differential downloads, or essentially only downloading the diffs, or changes, to existing builds so that file sizes are smaller and they can be ultimately installed more quickly. Microsoft is also looking to make updates up to 90 percent smaller when sent through Microsoft’s System Center Configuration Manager software, Lefferts wrote.

And Microsoft will introduce a tool that make it easy to enable UEFI — which is a requirement for certain security features like Device Guard — on devices that have older BIOS. That process can otherwise involve lots of manual work. The tool is designed to automate it across lots of devices.

Microsoft is also enhancing its Windows Defender Advanced Threat Protection tool for detecting and responding to cyberattacks with the release of Windows 10 Creators Update for enterprises that hold Secure Productive Enterprise licenses.

The feature will be able to pick up on memory and kernel-level exploits. And it will be possible for admins to “isolate machines, collect forensics, kill and clean running processes and quarantine or block files with a single click in the Windows Security Center and further reduce response time,” Lefferts wrote.

Plus, organizations will be able to customize the Windows Security Center with alerts that are triggered based on their own data.

Some of the new features will appear in Windows Insider builds in the next few weeks, Lefferts wrote.