Windows Phone comes to the enterprise

Summary:Microsoft has finally put some effort into enterprise management and security features for Windows Phone and the result looks good for customers.

For me the most perplexing thing about the design of Windows Phone has always been the lack of any real effort put into security and management for the enterprise, when these capabilities are such a strength of the Windows desktop platform. I thought they really had a chance to make a differentiating product that would appeal to IT.

But instead they were completely focused on the consumer and what efforts they made (e.g. Intune) look like they aren't meant to be taken seriously. Even the initial announcement of Windows Phone 8.1 at Build today was focused purely on consumerish features.

WP8.1 seems to signal a change. I stole the title of this story from a blog by MobileIron's Tomas Vetrovsky on this subject (a blog which seems to have preceded any public announcement of these features by Microsoft). "... Vetrovsky leads MobileIron's strategy for the Windows platform, including smartphones, tablets and laptops."

Vetrovsky and I think alike. Windows Phone is a good product but, as he writes "[s]ome customers decided to wait to deploy Windows Phone as the enterprise-oriented features were fairly basic compared with other operating systems." No kidding. But with 8.1 Microsoft woke up and started to deliver. Vetrovsky says that most of their customers' feedback about Windows Phone is addressed in the new version.

So what does 8.1 add? "When used with an EMM solution such as MobileIron, Windows Phone 8.1 delivers full certificate management, VPN and WiFi provisioning, and more than 20 device controls allowing devices to be operated in highly secure environments with disabled cameras, Bluetooth and WiFi, for example."

Version 8.1 also adds true black and whitelisting of apps. If a blacklisted app is installed, it will be grayed out. If it's not installed, the user won't be able to install it. Microsoft tracks all this using the app's unique GUID from the store.

WP81.app.blacklist.store
No, you can't install it [image courtesy MobileIron]
WP81.app.blacklist.deployed
You installed it but no, you can't run it [image courtesy MobileIron]

Vetrovsky points out that with iOS and Android, application inventory must be set before phone deployment. Windows Phone 8.1 allows it to be done live to deployed phones.

Now that Microsoft has finally caved in and admitted their mistake by  bringing the Start Menu back to Windows  on the desktop, perhaps they will fix the other mistakes they have made. Windows Phone could be a great enterprise phone if Microsoft handles it right.

Topics: Security, Mobile OS, Mobility, Windows Phone

About

Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of sec... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.