Microsoft is beginning to roll out new features in Windows 11 designed to make managing and securing Windows 11 devices easier, as well as Windows 365 Boot to enable users to log directly not their Windows 365 Cloud PC and designate it as the primary Windows experience on their device.
The Windows announcements came during Microsoft’s annual Build developer conference, during which the Redmond, Wash. tech giant made several key AI announcements, including Windows 11 Copilot.
Windows 365 Boot
Among the Windows 11 IT and management announcements, the preview of Windows 365 Boot was perhaps the most notable, as it gives Windows 11 Pro or Enterprise users the ability to log directly into their Windows 365 Cloud PC as the primary Windows experience on their device. Windows 365 Boot will take users to their Windows 11 login experience, and they will then be directly connected to their Windows 365 Cloud PC with no additional steps.
Microsoft bills this as a tool for shared devices as logging in with a unique user identity can take a user to their own personal and secure Windows experience.
To deploy Windows 365 Boot to endpoints via Microsoft Intune, IT administrators will first need to ensure that they have Windows 11-based endpoints (Windows 11 Pro and Enterprise), enrollment in the Windows Insider Program (Dev Channel), Intune Administrator rights and Windows 365 Cloud PC licenses.
This Tech Community blog includes more information on how to deploy Windows 365 Boot.
Privacy and security
Microsoft is releasing several other new features designed to make Windows 11 more secure, including the public preview of ability to isolate Win32 applications for both consumer and commercial users.
According to Microsoft, this gives developers the ability to reduce the risk of security breaches by running Win32 apps in isolation to help prevent apps from having unexpected or unauthorized access to critical internal Windows subsystems, thereby minimizing the damage of an app is compromised.
Microsoft also rehashed its Sign-in Session Token Protection Policy, which it first announced at Microsoft Secure in March, which allows applications and services to cryptographically bind security tokens on the device to restrict attackers’ ability to impersonate users on a different device after stealing tokens.
In addition, Microsoft announced account badging, starting in June, which will send users an alert to their Start menu when their account needs attention.
Other security and privacy tools now available include new app privacy settings that give users the ability to allow or block access to presence sensor information and enable or disable presence sensing features, as well as a glanceable VPN on the taskbar to give users quick access to their VPN status.
For simplified IT management, Microsoft is adding new cloud-powered capabilities to Windows 11 Enterprise designed to lower the cost of managing and securing Windows devices.
This starts with Universal Print secure release with QR code for Android delivering step-by-step process authentication, including the ability to securely release a print job only to the employee for which it’s intended. This is designed to help prevent leaks of confidential information.
Microsoft is also making it easier for IT teams to connect to hybrid workers with organizational messages. The company says this allows IT in Windows 11 Enterprise organizations to send company-branded messages from Microsoft Intune to users on various Windows surfaces, including the notification panel, above the taskbar and the Get Started app.
Although it was announced last month, Microsoft also reiterated the preview release of the ability to upgrade from Windows 10 to Windows 11 Enterprise via Windows Autopatch.
Read Microsoft’s blog to learn more about these announcements.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!