Microsoft Windows 8: an operating system for the enterprise?
Windows 8 is not just for consumers, claims Microsoft
Visser said that some organisations are also planning to use Windows to Go as backup. So for example they might start giving people in their organisation a Windows to Go device in case something goes wrong with their tablet or laptop.
It also enables people to test Windows 8 on their current PCs without doing a full upgrade. Window To Go works on any Windows-certified system, which means that it won't work on most Apple Mac computers.
Security continues to be one of the big responsibilities of any big IT organisation. Visser said that many security improvements were made in Windows 7, but Microsoft is keen to keep innovating in this area.
Windows 8 supports a feature of the UEFI specification known as Trusted Boot, which uses a public-key infrastructure to verify the integrity of the operating system and prevent unauthorised programs such as rootkits from infecting the device.
“What that means for customers is two things. One is that it becomes virtually impossible to get rootkit viruses on any certified Windows 8 system,” said Visser
“The second thing you will see is that this process significantly speeds up the boot process. If you take two comparable devices with Windows 7 and Windows 8, you will see that Windows 8 boots significantly faster.”
McCabe demonstrated that when a rootkit was introduced to a Windows 8 machine, the device realised during boot-up that something had attacked and tampered with the startup files and went into automatic recovery mode.
All the drivers and critical startup files were scanned to identify the ones that had been compromised, and the machine then attempted repairs by restoring those that had been damaged from backup copies on Windows.
Microsoft has also enabled an enhanced version of BitLocker in Windows 8 that not only encrypts all the data on the PC but also supports data-only encryption, which means that new users can start encrypting the data and not the whole drive.
Virtual smartcards have also been included, enabling organisations to put their smartcard certificate on a Windows 8 device. This means customers can have two-factor authentication (the device with the certificate and the password), without the cost of running physical smartcards.
“The support of physical smart cards is very costly in an enterprise. If you look at the data, it's often a top three support issue. People lose them, so a lot of helpdesk tickets are around the management of those smartcards,” said Visser.
A number of organisations are now looking at implementing a virtual desktop infrastructure, in order to reduce the cost of deploying new applications and enable secure remote access to their enterprise desktop environments.
“One of the poster child cases for VDI is organisations that outsource their application development to other countries – let's say for example a bank that has people in India developing some of their banking applications,” said Visser.
“They want to keep their development system and the source code within their country, but give people in that other country secure access to that information. VDI is a great scenario to implement that.”
With Windows 8, Microsoft has tried to make running Windows in the data centre with VDI as close as possible to running Windows 8 locally. This includes improving the 3D HD graphic experience and enabling full touch support, so touch-based VDI clients are just as responsive as standard devices.
Windows 8 also includes local USB support. McCabe explained that, traditionally, if a session is running in the data centre and the user wants to plug in a USB headset, it would have to plug directly into the server, which is usually impractical. With Windows 8, the USB port can be redirected from the local device into a VDI session on the server.
He demonstrated plugging a camera into a laptop via USB and logging into a VDI session running in the data centre. The image and the UI that was rendered back down to the machine had no lag, and behaved as if it had been processed directly on the machine.
“It's that local-like experience, even though I'm running in VDI,” said McCabe.