Microsoft: Windows 11 features ease hybrid work strain on IT

Microsoft has introduced Windows 11 features that tackle IT departments' challenges when supporting a corporate workforce split between the office and home.

The newly released and upcoming Windows 11 capabilities, unveiled Tuesday, will help firms remotely assist workers, protect employees from phishing attacks and automate software updates. The features will simplify managing and securing a hybrid workforce, Microsoft said.

An upcoming Windows 11 update will build phishing protection into the OS. If a worker enters their Microsoft login information into a malicious application or website, the Defender SmartScreen feature will alert them and prompt them to change their password.

Another security feature, Smart App Control, will prevent employees from running untrusted or unsigned applications on their Windows 11 computers.

Microsoft did not specify a release date for either Defender SmartScreen or Smart App Control.

Several enhancements to Microsoft's device management platform, Endpoint Manager, could help IT pros deal with hybrid work challenges on Windows 11 PCs. The features include the following:

• A cloud-based remote help service that lets administrators see an employee's screen and take control of their PC. Microsoft released the feature this week to let IT assist out-of-office employees. However, remote help comes at an additional fee of $3.50 per user per month.
• Improved automated patching for Windows, the Microsoft Edge browser and Microsoft 365 applications. The new Windows Autopatch lets companies pilot updates with a subset of users before rolling out patches to the entire workforce. The service can stop and reverse updates if they cause problems. Microsoft will release Autopatch in July.
• An enhancement that lets IT pros send pop-up messages in Windows 11. Administrators can target specific groups with messages that appear above the taskbar or on a worker's desktop or lock screen. The notes could, for example, remind new employees that they need to attend a training session and direct them to the class. Microsoft did not say when it would launch the feature.
• A new policy enforcement feature requiring workers to sign into the Microsoft Edge browser before accessing corporate resources like email. Once workers are signed in, the software will force them to abide by company policies. These could include preventing workers from copying and pasting company data.

IT departments will appreciate additional policy enforcement that protects workers from themselves, Forrester Research analyst Paddy Harrington said.

"The biggest issue in any security deployment ... is the person behind the keyboard," Harrington said. "They're going to blow up your security policies and practices quicker than [anything else] can because they want to do things their way."

Microsoft executives insist that companies like consulting firm Accenture have started using the OS. However, advertising platform AdDuplex found that between February and March, only about 0.1% of Windows 10 users had switched to Windows 11.

Consulting firm Riverbed reported that Windows 11's hardware requirements have kept enterprises on the sidelines. It estimated that more than one-third of corporate PCs can't run the OS.

Mike Gleason is a reporter covering unified communications and collaboration tools. He previously covered communities in the MetroWest region of Massachusetts for the Milford Daily News, Walpole Times, Sharon Advocate and Medfield Press. He has also worked for newspapers in central Massachusetts and southwestern Vermont and served as a local editor for Patch. He can be found on Twitter at @MGleason_TT.