To date, most of the conversation around Windows 10 has focused on surface-level niceties like the new Start menu and the ability to run Universal mobile apps on the desktop side-by-side with other applications. These are important changes, to be sure. But other advances in Windows 10 rival and even surpass anything that Microsoft has ever attempted in the past. And with this in mind, it is very clear that Windows 10 isn't just another major new Windows release. It is inarguably the most audacious release in the history of the platform.
I don't state that lightly.
My initial reaction to Microsoft's claims of platform unification across PCs, tablets, phones, Xbox, Internet of Things (whatever that means) and other devices was somewhat contemptuous. Why? Because I feel that this work is just an evolution—the next step, as it were—to work that had been underway for years, and claiming otherwise artificially over-emphasizes that these platforms are coming a bit closer together in this release.
But here's the thing. While I haven't changed my stance on the claims of a single Windows 10 platform, the reality (or fantasy) of this merging has absolutely nothing to do with my growing belief that Windows 10 will regardless stand above all previous Windows releases. This is, without a doubt, the biggest and most important Windows release ever. And the commonality here is that each of the reasons why this is so are all, in their own ways, evolutions of work that had come before. That is, in evolving everything, Windows is in its own way a revolution.
Here's a list of reasons why that's so.
As noted, Microsoft talks about platform convergence with this release and I've made my case that this is nothing more than the current step down a direction that started long ago. But that doesn't obviate the fact that the platform is indeed converging, that developers will be able to soon target Windows PCs and tablets, phones, and Xbox One with (sort of) a single Universal app, and that they will at some point be able to target other device types, too, like IoT devices and large PPI displays.
One Windows platform means more than just a single app platform, however. It means one security model that is consistent across a dizzying array of device types. One security model. One management system. One deployment model, where rip and replace is no longer necessary thanks to underlying improvements in servicing. And, where possible, one user experience, or at least a consistent set of user experiences.
On that note...
User experience changes
Adding the Start menu back to Windows, and letting users run Universal apps side-by-side with legacy desktop applications is a nod to users, of course. But these changes are likewise important because they let Microsoft and its partners bring forward everything that was good with the Universal app platform—sandboxing security, management, seamless and automatic updating, and more—while also advancing the desktop interface on the PCs where that makes sense and the Modern user experience on the tablets, phones and Xbox One. I wrote about this in Windows Technical Preview is Microsoft's Alchemy Moment, but it bears repeating. From the user's perspective, Windows 10 is a wonderful upgrade for both Windows 7 desktop PC users and Windows 8 2-in-1/tablet/phone users. That means less training, regardless of what users were previously using. But it also means a consistent and positive upgrade experience. Both are miracles of a sort.
My initial reaction to this week's security revelations in Windows 10 was similar to my initial reaction to quantum physics. But that's just me being dumb in my own way. Now that I've calmed down and really assessed what's happening here, I see a nearly-complete security picture that does indeed go far beyond anything Microsoft has done in the past.
There's a lot going on here.
Businesses will be able to use Azure Active Directory (AAD) instead of Microsoft accounts (MSAs). This is the evolved notion of "connected accounts" I've been discussing recently, and it enables corporations to federate their on-prem Active Directory with AAD and continue using the Universal apps platform and other features that formerly required an MSA in a way that respects their internal policies.
Integrate multi-factor authentication more deeply into the platform. And do so in a way that doesn't require one of those factors to be a complex password. This is an evolution of the virtual smart card technology in Windows 8 that almost no one knows about. Or uses, because it's too complex and expensive.
Information protection. And do so while seamlessly separating personal and corporate data on any device, including those devices that are owned by users (BYOD). This is of course an evolution of the rights management technologies Microsoft has been working on for over a decade: Windows Rights Management, Information Rights Management, Windows Azure Rights Management and so on, but combined with more recent Mobile Device Management (MDM) advances.
Secure remote access. This is an evolution of the managed VPN technologies that debuted in Windows 8.1 and Windows Phone 8.1, and will be extended to individual desktop and Universal apps (per-app VPN) and managed via MDM. It will be available to all third-party VPN providers.
In the old days, Microsoft would ship an operating system and then, over time, service packs and many other updates and fixes. But mobile and web platforms have inspired Microsoft to evolve its own platforms so that they can be updated more frequently, while of course respecting the needs of its business customers, which often need to test updates before deploying them and, in many cases, would prefer to hold off on certain updates. The trick here is navigating the divide between continuous updating (consumers) and more regimented updating (businesses).
As with security, this work occurs through a number of advances in Windows 10.
MDM is now a first-class management citizen. Yes, businesses can still use Active Directory and group policy to manage existing PC infrastructure. But modern PCs and other devices—tablets, phones, whatever—can be managed entirely through simpler MDM solutions like Microsoft Intune, System Center or third party offerings. That's because in Windows 10, any device—including desktop computers and even IoT devices—can be fully managed via MDM. This is an evolution of the work that started in Windows 8, where tablets and phones could be managed this way.
Deployment reimagined. Traditional Windows deployment technologies are essentially a difficult and error-prone rip and replace affair. But thanks to functionality that debuted in Windows 8 and in OEM deployment toolkits, Windows 10 will let businesses and even individuals more easily migrate from previous Windows versions to this release, upgrade to Pro SKUs, or add new features.
Application compatibility. This is hardly a new story—Microsoft had similar goals for all previous versions—but Windows 10 will run any application that runs on Windows 7 or Windows 8.x, and do so without modification. This includes both desktop applications and Modern apps.
App store for businesses. In Windows 10, Microsoft is extending the Windows Store so that its business customers can present a special company version of the store to their employees that includes their apps, the public apps they've approved. It will accommodate volume app purchasing, flexible distribution rules, and license reclaim/reuse so that when a user leaves, the business can redistribute app licenses.
Letting businesses determine when and how they upgrade. This is the sticking point, as noted, and Microsoft's approach—which is now basically being field-tested with such products as Office 365 (for businesses), Azure and even the Windows Technical Preview, seems to hold promise. Under this scheme, consumers will always be kept up-to-date. Information workers will be able to take non-security updates in a delayed fashion if desired, so they can test the updates. And businesses can choose long-term serviceability agreements similar to today's model, which will only automatically receive security updates. They can group users and provide updates accordingly.
In the Windows community, people often point to never-realized projects like Cairo or, especially, Longhorn, and pine for some alternate reality in which these visions came to life in actual products. But I look at what Microsoft is planning for Windows 10 and see something that is more important, both because it is a bigger vision and because it will really happen. Looked at in perspective, Longhorn was very much a closed-minded PC-centric view of what a platform could be. Windows 10 speaks to a more modern world of connected devices of all kinds.
Likewise, some point to Windows 95 as a high-water mark of sorts, a level of success that the firm will never again achieve. But that's only true from a marketing perspective: Windows 10 will impact far more users than Windows 95 ever did, and it will do so across a far more diverse and powerful range of device types. More to the point, where those same people often believe that Windows 95 was something new for the time, it was really just an evolution of 32-bit technologies that had debuted first in Windows for Workgroups and Windows NT. Windows 10 is a similar technological evolution, but is again far broader, and more profound.
Ultimately, that's what Windows 10 is. Profound. Revolutionary. Audacious. It's more than I could have imagined was possible for something that is "just" the next version of Windows. And it's not a canned presentation, but a reality. It's really happening.
Pinch yourself, Windows fans. This isn't Longhorn. This is real.