IT pros see security win with Microsoft Managed Desktop
Microsoft's Managed Desktop service extends physical device management into the cloud era, with managed security updates and a monthly subscription fee.
ORLANDO, Fla. -- Microsoft's Managed Desktop program adds cloud-like service to physical device management, and some IT pros said it alleviates the biggest pain points they face.
Microsoft launched its Managed Desktop service earlier this month and offered more details here at its Ignite conference. The new program pairs a physical device with Microsoft software and remote management services to deliver a fully managed Windows PC as a service for a monthly fee.
"In some ways, this is a response to Apple's [Device Enrollment Program], which has become extremely popular for managed devices in the enterprise," said Steve Brasen, analyst at Enterprise Management Associates, based in Boulder, Colo.
What Microsoft Managed Desktop offers
PC-as-a-service and desktop-as-a-service programs aim to simplify the delivery and management of desktops. Lenovo and Dell, among others, offer similar PC-as-a-service programs. Microsoft Managed Desktop will also compete somewhat with cloud desktop services, such as Windows Virtual Desktop, an Azure-based desktop-as-a-service offering Microsoft unveiled this week.
Microsoft administrators said they see a clear value to this managed service -- which could potentially remove some tedious aspects of desktop management -- in an age when most users prefer physical devices.
"We have folks spread across the country, so we have to wait for a shipment of laptops, and then image them and get them set up for the users," said David Bussey, systems engineer at the nonprofit Public Company Accounting Oversight Board in Washington, D.C. "What [Microsoft Managed Desktop] has to offer fits some of those pain points we're going through."
Microsoft Managed Desktop allows businesses to choose two- or three-year hardware refresh cycles from a list of available devices. Right now, that list is limited to Microsoft's own Surface hardware -- specifically the Surface Laptop, Surface Pro and Surface Book 2. It plans to expand device offerings with third-party partnerships, the company said.
Mark Bowkeranalyst, Enterprise Strategy Group
IT administrators will select a device, which Microsoft will then ship directly to the user. When the device is powered on, software will automatically configure, set baseline security policies and automatically install approved line-of-business applications. Analytics software will also allow Microsoft to detect security threats and isolate a device from the corporate network until the problem is resolved. Microsoft will apply security and feature updates to devices according to Azure Active Directory update rings.
The program also includes 24/7 tier-one help desk support for hardware and Microsoft software, and users can call Microsoft support directly to resolve problems.
For Bradley, a law firm based in Birmingham, Ala., the biggest benefits are security and ease of use, particularly because the company has a lot of compliance requirements.
"I'm going to have attorneys who are going to need a particular [desktop] experience, and I have to find a way to provide them that and make sure they have all the tools they need to do the job," said Ellen Kirby, manager of technical operations at the firm.
The service provides clear value to small and medium-sized companies with limited IT staff, but its appeal to enterprise organizations will hinge on how much they can customize it, said Mark Bowker, analyst at Enterprise Strategy Group in Milford, Mass.
"Some enterprises have highly customized desktops for a lot of different reasons. And, at first, it's not going to work for that," Bowker said. "[But] they're already consuming cloud services at scale, so they could see the value of this service at scale, as well."