06-21-2017 08:14 AM
06-21-2017 08:14 AM
Some companies, including very large enterprises who elected to run Windows 7 Pro, will not be able to make a business value case to invest in Windows 10 Enterprise with SA or a per-user model.
What risks or functional limits would an enterprise have to accept if they continue to run Windows 10 Pro rather than Enterprise?
What user experience issues might an enterprise experience when running Windows 10 Pro vs Enterprise?
06-21-2017 08:46 AM
With Windows 7 the value proposition for Enterprise was challenging. If you didn't love most of the features the math didn't work. With Windows 10 on of our goals was to make Enterprise an easy choice and so we've beefed up the feature set, particularly in security. Features like Credential Guard, Device Guard, and soon Application Guard, just to name a few, are major editions that can make you more secure and possibly they can even reduce your need for 3rd party alternatives. We think we've hit the tipping point on value for Enterprise edition, making it an easy choice, and we will continue to add more value as you will learn later in the year. As a proof point we've landed some key, and very large accounts, that formerly, didn't feel the value was enough on 7. These companies were deeply entrenched in this thinking.
As far as risks go the short answer is you'll be less secure and will need more 3rd party solutions to cover the gap. For instance Credential Guard is the only market solution that fundamentally breaks Pass the Hash which is one of the number one attack vectors in all attacks.
As far as user experiences go I can't point to anything in terms of security that you would lack since the security features largely operate in the background.
06-21-2017 08:53 AM
In Pro you are missing all the fancy new features, all the Guards e.g. Credential Guard that is a simple to implement line of defence against Pass-the-Hash attacks. We decided that we will allow Enterprise only in our company, from our point we can't secure a Pro like an Enterprise, so why should we put parts of the company at risk or waste money on 3rd party products that try to solve the same issues