Simon Bisson tried out the new Microsoft 365 tool, which allows you to create virtual machines for your staff working from home. Here’s what he learned.
Microsoft’s Cloud PC service has finally launched, integrated into its Microsoft 365 platform as a way of delivering PC-as-a-Service. The aim is to deliver virtual desktops running proven, secure Windows 10 builds where Microsoft does the heavy lifting of configuration, updates and testing; all you need to do is set up a subscription, assign licenses and get to work.
Shifting to home working has had an impact on business’ security profiles, with business data more at risk on home PCs that have been pressed into service with little or no notice. Instead of using local resources, cloud PCs run in Azure using Azure or OneDrive for Business storage, keeping work data well away from users’ PCs. All they get is a remote desktop connection to the service, with all the business software running in a controlled environment, rather than alongside games and schoolwork and random downloads.
That’s a big win for hard-pressed CIOs and CISOs, providing a hard boundary between the professional and the personal. It’s an approach that significantly reduces risk, especially if you block uploads and downloads from host PCs. At the same time, you’re outsourcing management of your cloud PCs to Microsoft, ensuring images are up to date and that they’re running the latest security updates.
Choose your version of Windows 365
There are two models for managing Windows 365: Business and Enterprise. I’ve been spending time with the Business release, which offers a simpler management experience for smaller companies. It’s a relatively basic service, but at the same time it’s quick to set up and run and easy to manage. That makes it a useful option for SMEs with existing Office 365 and Microsoft 365 subscriptions who want to give home workers access to corporate resources without taking over their personal PCs.
If you’re a larger organization using Microsoft’s Endpoint Manager tools, then you are more likely to take the Enterprise option. This is more flexible, allowing you to choose from a selection of pre-configured OS images, based around Windows 10 Enterprise, or even use your own images. Users get some options for basic self-service, rebooting and changing images.
Getting started with Windows 365 Business
Windows 365 Business is at heart a self-service platform, with users getting the PCs they’ve been assigned licenses for. That’s not a bad thing, as it’s intended for a not-particularly technical audience. There’s very little management tooling for this version; users get basic self-service options to restart or reset a machine from the portal. They can also rename it, as the default name isn’t particularly user friendly. Finally, there’s a troubleshooting option which runs tests on your connection, ensuring that you’re able to use your cloud PC.
You get to choose the type of cloud PC you use when purchasing your licenses, starting with 1CPU/2GB/64GB systems, all the way up to 8CPU/32GB/512GB, all running Windows 10 Enterprise 21H1. Microsoft aims to cover most use cases from call centers to software development. In practice, you’re likely to pick a mid-range configuration, so that users get a basic system that’s suitable for most tasks without requiring too many resources.
Licenses are assigned from the Microsoft 365 portal, giving users a virtual machine with Office installed, ready for use. Once logged in, they can then log in to Office and enable OneDrive for file storage. It’s a good idea to use OneDrive exclusively; one of the self-service options available to users is the ability to completely reset their virtual machines, wiping on-image storage. If files aren’t stored in OneDrive they will be lost in a reset.
SEE: The future of work: Tools and strategies for the digital workplace (free PDF) (TechRepublic)
One useful option for a quick start is Windows 365’s web Remote Desktop client. Log in to the Windows 365 service with any modern browser, click on your cloud PC icon to open it in a new window. Performance is good enough for most day-to-day operations, though not as smooth as working in a standalone remote desktop client. It does ensure that you can use Windows 365 on any device with an HTML 5 browser, allowing you to check email or do a quick edit on a document on any PC, anywhere.
I wrote some of this piece in Word using the web remote desktop connection to my test cloud PC, and while performance was a little laggy at times, it worked well enough. In practice you’ll want to download the appropriate client app for your device, following the links in the Windows 365 portal. Performance in Word was a lot better once I started using Remote Desktop.
There’s an experience monitor in most versions that shows details of connection performance. Oddly, my test system had been provisioned in France-central, which meant I was getting 162ms of roundtrip travel between my PC in London and the Azure servers hosting Windows 365, even though I had 25Mb/s of bandwidth available.
If you want to open a cloud PC on a mobile device, follow the link to download Remote Desktop. This page provides links to Windows, macOS, iOS, and Android Remote Desktop clients. Each client download tile includes a link to a subscription URL. Copy this link and when your chosen client has downloaded, open a new workspace using this URL.
Start by choosing your work account, logging to Windows 365 on your device. This shows your available resources, and you can open a connection to your cloud PC. Amusingly, I tried it out on a Surface Duo and was able to get my Windows desktop on one of the device’s two screens with the keyboard on the other. Using it like this is good enough for quick access on the road, and you may want to consider an approach like this for field staff or systems administrators.
The same technique is used to configure the Store Windows Remote Desktop client. Again, create a new workplace and past in the workplace URL. This will configure Windows Remote Desktop and set up connections and configure integration with your local PC. As an alternative we’d recommend downloading the new Microsoft Remote Desktop Client from the link in the Windows 365 portal.
This is a desktop version of the Store app with access to more devices than the Store sandbox allows. It’s easier to set up and use than the original Windows client, with support for dynamic screen resizing among other improvements. That allows you to quickly switch between windowed and full screen operation, a nice option if you have access to a large monitor and want a full desktop experience. If you want to use Windows 365 with cameras, say for use with Teams, you’re going to need to download this new version.
One thing to note: The default localization for Windows 365 is U.S. That’s simple enough to reconfigure, especially if you’re using Azure Active Directory to manage users. However, users may initially be a little confused when they open Edge for the first time and see a list of U.S. sites in the default new tab page.
Is it worth it?
The idea of a cloud-hosted PC that can be accessed anywhere is an attractive one. However, it’s taken a long time to get here. That’s partly because it needed widely available, low-cost, high-bandwidth connections, but also because it needed a massive virtual infrastructure that only hyperscale cloud providers can offer. There’s still a big issue of appropriate licensing for the cloud PC OS, which leaves it very much only a service that Microsoft can offer.
But now it’s here, and it’s surprisingly easy to use, with Windows 365 Business needing very little work from both administrators and users. The defaults here are more than enough for most use cases: If you want more control there’s always the option of Windows 365 Enterprise.
The result is a quick to set-up way of using cloud-hosted Windows PC. It solves most of the problems with providing secure resources to remote users, avoiding controlling their home PCs and keeping work in its own space, well away from games and homework and family photos and all the rest of the things we do on our PCs. If all it does is help manage work-life balance that would be enough. Luckily it does a lot more.