Earlier this month at the Worldwide Partner Conference, Microsoft announced a new set of enterprise features coming to Windows Phone 8 in the first half of 2014. Several of these will bolster Windows Phone’s role as an enterprise class mobile device platform and will make it much more appealing to Exchange admins who restrict access to their platform.
Extended lifecycle
First and foremost, Windows Phone’s support lifecycle will be extended from 18 to 36 months. This may not be, strictly speaking, an email feature, but it does mean that enterprise customers can count on at least three years of support for a platform they deploy, and also helps ensure that those phones we have to buy under a two year contract won’t go out of support before we qualify for the next “upgrade.”
VPN capabilities
Exchange ActiveSync (EAS) is a great way for compatible platforms to access Exchange mailboxes in a controlled and secure manner, but it is dependent upon connectivity to Exchange. Many customers don’t want to expose the EAS interface to the Internet, which kind of rules out getting to it from your phone. In 2014, one major enhancement to Windows Phone 8 will be a VPN client that can be auto-triggered to connect. That way, when a Windows Phone device wants to sync mail using EAS, it can automatically make a VPN connection to the business network first. While there are not any specifics around this yet, I expect initial support will be for Microsoft’s own SSTP VPN, perhaps with IPSEC capabilities as well.
S/MIME Support
Digitally signing and securely encrypting email are both key features for many enterprises and Windows Phone will add support for both using S/MIME.
Certificate Management
And since S/MIME uses certificates, enterprise certificate management will be included in the feature pack so that admins can enroll, update, and revoke certificates on managed devices easily.
Enhanced MDM
While EAS policies are very good at locking down mobile devices, it leaves things like application management to the end user, and does not offer ways to segregate user data from enterprise data. While there are a number of third party MDM solutions out there, Microsoft is adding more robust MDM capabilities to their own platform which should help encourage adoption without the need for companies to buy yet another management platform.
EAP-TLS
To save on costly bandwidth bills, many users like to use Wi-Fi connections when available. Windows Phone will add EAP-TLS support that will leverage certificate management so that enterprise devices can get on the corporate Wi-Fi network without the need to reduce security using PSK.
While these enhancements won’t be released until sometime in H1 2014, they will be a welcome addition for those of us who use Windows Phone, and will make it a much more appealing platform for enterprise mobility.