Microsoft Surface – Technology For The Modern Worker

With the rapid shifts in how we work, live, and interact kicked into overdrive by the global pandemic since 2020, Surface technology for modern workers has moved above and beyond the requirements of the 21st-century work environment. Microsoft's offering of Surface devices has been innovatively designed and developed to provide the most critical ICT solutions – and more – for modern-day organisations and their employees. According to Jonathan Kropf, CEO of the Velocity Group, one of Tarsus Distribution's reseller partners, the Surface range has proven to be highly sought after by IT departments grappling with the demands of digital transformation at top speed. 

Surface Technology for Modern Workers

Work is no longer a place you go, but something you do,” says Kropf. “It's vital to have a device that delivers ultimate mobility so that you can stay connected and productive wherever you go. To limit distractions, the Microsoft Your Phone app syncs notifications, text messages, and photos between your smartphone and device, so no matter where you work with your Surface devices, you're always connected, and the range of intelligent features and accessories keep you productive and free of interruptions.

Covered In This Article

Surface Technology for Modern Workers: Proven Productivity and Efficiency
Fast Configuration and Deployment
Surface Technology for Modern Workers: Advanced Security
Factory-Enabled Advanced Windows Security For Microsoft Surface
Elegant and Practical Design that is User-Friendly to the Max

Surface Technology For Modern Workers: Proven Productivity & Efficiency 

Microsoft commissioned Forrester Consulting to conduct a Total Economic Impact (TEI) study to examine the financial impact and potential return on investment (ROI) companies may realise by implementing Microsoft 365 for Enterprise on Microsoft Surface devices. The study looks closely at how Surface devices augment and compound the business benefits of Microsoft 365, a well-known and trusted suite of applications for most of your office needs.

The Forrester Consulting TEI study found that by switching to Surface devices, end users become more productive due to simplified collaboration and device interfaces. Surface technology for modern workers realised benefits to IT efficiency because of simplified device deployment and management, and gained overall business cost savings thanks to enhanced security, device consolidation, and unified endpoint management solutions for remote interactions with your organisation's centralised network, making it a sensible and effective solution for the rapid escalation in digital transformation IT departments across the globe have had to face.

Fast Configuration & Deployment 

Microsoft Windows Autopilot has changed the way new devices get deployed. “Users simply take the device out of the box, turn it on and Windows Autopilot configures it from the cloud, making it business-ready quickly and easily, and you can keep track of the process while it's happening,” Kropf says.  

Surface Technology For Modern Workers: Advanced Security 

It’s more important than ever to protect your organisation’s endpoint devices, securing data and systems wherever they are. Surface technology for modern workers offers devices with proactive defences with security built-in and managed through the cloud wherever users decide to work. Security protections are built into every layer of a Surface device.

Factory-Enabled Advanced Windows Security For Microsoft Surface

For a detailed description of the various security measures implemented by Microsoft mentioned here, please refer to articles on the Microsoft website on Microsoft Surface Security and Advanced Windows Security. The most recent research in cyber security indicates that as manufacturers build more protections into the OS and its connected services, other ways of exploiting device vulnerabilities are emerging at an alarming rate, with firmware emerging as a top target.

Because device firmware mostly involves third-party providers, keeping track of how secure firmware is, is becoming incredibly complicated. Since firmware is essentially embedded software that provides a low level of control for a device's specific hardware – a standard set of coded instructions that tells the device what to do, used in all kinds of consumer electronics to computers themselves – they are an ideal entry-point to a device's actual hardware for any attacker.

Since 2015, Microsoft has been using a unified approach to firmware protection and device security through complete end-to-end ownership of both the hardware design and firmware development, which is done in-house. No third parties are involved in the supply of firmware for Microsoft devices, and this approach has proven to be highly effective in minimising the risk of firmware vulnerability.

Surface Technology for Modern Workers

For the Surface family of devices, Microsoft's Unified Extensible Firmware Interface (UEFI) is maintained in-house, regularly updated through Windows Update, and seamlessly deployed for management through Windows Autopilot.

To summarise, Microsoft's approach to security for its Surface range includes:

  • Microsoft designed and built components
  • Factory level security protocols and inspection
  • No third-party BIOS vendors are involved in the development or production
  • Virtualisation-based security, or VBS
  • Hypervisor-enforced code integrity (HVCI)
  • Secure boot and boot guard
  • Malware protection
  • Dynamic Root of Trust Measurements (DRTM) in AMD devices
  • Remote device management control.

With these measures in place, users can have confidence that the privacy and confidentiality of their data will be protected and that their data will only be used in ways consistent with their needs and expectations.

Elegant & Practical Design That Is User-Friendly To The Max

Surface technology for modern workers consists of a very wide range of devices. Beginning in 2019, Microsoft has been introducing a rather extensive range of new devices in the Surface family, built for flexibility, portability, connectivity, and ease of group communications to meet the needs of the transformed business landscape. The range originally consisted of the Surface Laptop Go, released in October 2020, the Surface Laptop 4, released in April 2021, and the Surface Hub 2S, released in 2019.

Launched in 2021 was a variety of new devices which can be viewed on Microsoft's website. Included in this post are devices that are suited for any kind of purpose, from a home office, in-field work, graphic and technical design work, and the large interactive Surface Hub 2S. Browse the Surface range for the device that's perfect for your needs, with the Surface Pro 7+, Surface Go 3, Surface Laptop 4, Surface Hub 2S, and the Surface Laptop Go being highly recommended, powerful and multi-functional devices that enable workers to perform practically any task with ease and precision.

Not only are these devices powerful in terms of their specifications, but they are also elegant, highly portable, lightweight, and boast long battery lives. Simplicity in design makes for ultra-thin devices that communicate style, elegance, and uncompromised usability.

Surface Technology for Modern Workers

Remote Working Best Practices With Surface

Virtually anywhere can be a workplace today, whether it’s a hotel lobby, a café, or even a park bench. Ensuring productivity, having the right tools, devices, and applications, as well as connectivity and interaction that is secure from interference, are the best business practices for organisations implementing remote and hybrid working arrangements. The conditions that necessitated this shift have led us into an era where cybersecurity and interconnectivity are the main drivers of ICT development. Scattered employees using their own hardware and connecting via their own service providers to a central network means that you and your IT department have absolutely no control over the endpoint user's security measures or the security of the internet connections they use. Remote working best practices require implementing some new endpoint management and security systems that can manage these risks. Here is how Surface is keeping you safe from threats and what you can do to enhance security by implementing remote working best practices in your ICT infrastructure.

Remote Working Best Practices

Enterprise mobility (or business mobility) is a term that is often applied to remote working technology and business practices that allows employees to conduct work from outside a traditional office setting. This is used in work from home programs and touted as an employee perk – though businesses enjoy numerous benefits as well, such as:

  • Being able to tap into talent resources that aren’t local to their office’s location;
  • Increased productivity – as noted in a study conducted by Stanford University among 16,000 workers, productivity increased by an average of 13% over the past 9 months;
  • Reduced overhead for office space – companies can add more workers without needing more floor space to accommodate them.

However, managing remote employees effectively requires having the right remote working technology. This includes both the actual hardware and devices your employees work on from home as well as your organisation's networking infrastructure that remote workers log onto in order to retrieve or store information, work on team projects, and communicate with each other via company email. If employees cannot consistently access vital workplace resources and collaboration tools, then they cannot be productive in a remote work setting.

A powerful tool for remote employees is the Microsoft Surface range of computing devices. Microsoft Surface mobility tools enable employees to connect to cloud-based collaboration tools from virtually anywhere they can get a cellphone signal, thanks to their LTE capabilities. With a variety of networking and security solutions available from several Big Tech companies, including Microsoft, you can transform the ICT hardware, software, and networking that supports the activities of your workers, wherever they may be working from.

Covered In This Article:

Remote Working Best Practices: Staying Connected, Safely

Remote Working Best Practices: A Rise In Security Breaches

Surface Is Covered From Chip To Cloud

Remote Working Best Practices: Advanced Security

Factory-Enabled Advanced Windows Security For Microsoft Surface

Managing Surface From The Cloud

Remote Working Best Practices: The New Face Of Secure Login

Security Wherever You Are

Stolen Device

Malicious Intent

Remote Working Best Practices: Unsecure Network Connections

Remote Working Best Practices: Staying Connected, Safely

One of the biggest obstacles to business mobility is the need for a stable high-speed internet connection. If the employee’s access to the internet is intermittent or plagued with slow upload/download speeds, it will affect their ability to work efficiently. However, not every employee will have high-speed internet at home – or they may have to work from remote locations, such as a client’s office or a construction site (depending on industry and job role).

The Microsoft Surface with LTE helps solve this problem by using radio frequency communications (similar to how cellphones work) to connect to an LTE network tower. This allows remote employees using Microsoft business on the go tools, such as the Surface Pro 7, to access the internet (and thus any cloud-based apps needed for their work) from anywhere they can get a cellphone signal. By allowing employees to connect to mission-critical business apps and databases from virtually anywhere with a cell signal, work in whichever mode (laptop or tablet) is the most comfortable for them, and providing secure access to the internet, Microsoft’s Surface with LTE makes remote workers more productive and easy to manage.

Remote Working Best Practices

Remote Working Best Practices: A Rise In Security Breaches

Without the security protections that office systems afford us – such as firewalls and blacklisted IP addresses – and increased reliance on technology, we are far more vulnerable to cyber-attacks. The most obvious risk is that most of our tasks are conducted online. After all, if something’s on the Internet, then there’s always the possibility of a cyber-criminal compromising it. Your Cloud documents, emails and attachments, instant message clients, and third-party services are all vulnerable – and with so much information being shared digitally, the possibility that your information could be intercepted or corrupted has become bigger.

Many employees are using their personal devices for two-factor authentication, and they may well have mobile app versions of IM clients, such as Microsoft Teams. These blurred lines between personal and professional life increase the risk that sensitive information will fall into an insecure environment.

To protect against this risk, all work where possible should be done on a business-provided device subject to remote access security controls. The deployment of Surface for business can be done swiftly and without risking timely setup costs thanks to Microsoft’s integrated system, making remote setup for IT departments a breeze. Achieve peace of mind with a built-in, proactive defence. Security protections maintained by Microsoft are built into every layer of a Surface device.

Surface Is Covered From Chip To Cloud

Surface works closely with Windows and the Microsoft 365 security stack to ensure that the device not only meets every standard for a highly fortified PC but is also capable of automatically receiving updates from the dynamic world of defensive security. A product such as Microsoft's Endpoint Manager gives your IT department administrative abilities that can monitor remote devices connected to your network and easily deploy security and other software updates. Featuring the latest AI-driven automated scanning and monitoring, threats and intrusions on an individual device or on your network as a whole can be detected and disabled before they can damage your network infrastructure. Products such as Endpoint Manager are essential in any organisation's remote working best practices arsenal.

Remote Working Best Practices: Advanced Security

It’s more important than ever to protect your organisation’s endpoint devices, securing data and systems wherever they are. Surface technology for modern workers offers devices with proactive defences with security built-in and managed through the cloud wherever users decide to work. Security protections are built into every layer of a Surface device.

Factory-Enabled Advanced Windows Security For Microsoft Surface

For a detailed description of the various security measures implemented by Microsoft mentioned here, please refer to articles on the Microsoft website on Microsoft Surface Security and Advanced Windows Security. The most recent research in cyber security indicates that as manufacturers build more protections into the OS and its connected services, other ways of exploiting device vulnerabilities are emerging at an alarming rate, with firmware emerging as a top target.

Because device firmware mostly involves third-party providers, keeping track of how secure firmware is, is becoming incredibly complicated. Since firmware is essentially embedded software that provides a low level of control for a device's specific hardware – a standard set of coded instructions that tells the device what to do, used in all kinds of consumer electronics to computers themselves – they are an ideal entry-point to a device's actual hardware for any attacker.

Since 2015, Microsoft has been using a unified approach to firmware protection and device security through complete end-to-end ownership of both the hardware design and firmware development, which is done in-house. No third parties are involved in the supply of firmware for Microsoft devices, and this approach has proven to be highly effective in minimising the risk of firmware vulnerability.

For the Surface family of devices, Microsoft's Unified Extensible Firmware Interface (UEFI) is maintained in-house, regularly updated through Windows Update, and seamlessly deployed for management through Windows Autopilot, Microsoft Endpoint Manager, while Surface Enterprise Management Mode (SEMM) enrolls and configures any new devices that are added to your network.

To summarise, Microsoft's approach to security for its Surface range includes:

  • Microsoft designed and built components
  • Factory level security protocols and inspection
  • No third-party BIOS vendors are involved in the development or production
  • Virtualization-based security, or VBS
  • Hypervisor-enforced code integrity (HVCI)
  • Secure boot and boot guard
  • Malware protection
  • Dynamic Root of Trust Measurements (DRTM) in AMD devices
  • Remote device management control.

With these measures in place, users can have confidence that the privacy and confidentiality of their data will be protected and that their data will only be used in ways consistent with their needs and expectations.

Managing Surface From The Cloud

Through coding, you can geo-locate and monitor surface devices anywhere. Another great feature is the ability to survive any reboot if the device is stolen, reimaged, or wiped, which prevents thieves from disabling it. Surface devices also automatically activate and report location using GPS, Wi-Fi triangulation, or IP address.

Remote Working Best Practices: The New Face Of Secure Login 

There have been significant advances made in how a computer device identifies a user. Surface devices provide more than just the ability to log in with your face. With the Windows Hello for Business feature, passwords get replaced with 2FA on Surface. In addition, you can use biometric security – facial and iris recognition – to authenticate via a certificate stored in the Trusted Platform Module (TPM) located on the motherboard.

Security Wherever You Are

The adoption of mass remote working during the COVID-19 pandemic has helped to keep workers safe but it has also introduced further security challenges for businesses. As a result, the extra hardware security enhancements packaged with the Microsoft Surface devices are sure to be welcomed by firms and employees alike.

Keep data secure from a Surface device’s first deployment to its last, no matter how many times and under what circumstances it changes hands.

  • Cloud-First Deployment and Management: Deploy and manage down to the firmware layer through the cloud with Microsoft Endpoint Manager and Device Firmware Configuration Interface (DFCI);
  • Reduce IT complexity with Windows Autopilot;
  • Windows Azure Virtual Desktop: Meet complex business and security requirements with broad device redirection support, endpoint protection, and Microsoft 365 virtualised in Azure;
  • OneDrive for Business: Access and protect your business and school work with this intelligent files app. Share and collaborate from anywhere, on any device;
  • Collaborate with Teams: Work better together. New integrations allow you to create shareable links, grant expiring access and follow configured policies.

Surface with Microsoft 365 provides unique protection at the front line of multiple vulnerabilities such as:

Stolen Device

  • Data on the hard drive is encrypted. Surface devices ship with BitLocker drive encryption enabled by default, so the data on the hard drive cannot be accessed without credentials or the encryption key. Even if the hard drive is removed from the device and inserted into a new device, it cannot be decrypted;
  • USB booting is prevented because the organisation used Microsoft Endpoint Manager to proactively turn off the ability to boot from USB through the firmware-level control that the Surface device offers;
  • There is zero access to data even if the SSD is removed. If a Surface’s removable SSD is tampered with, the device will shut off power, erasing any residual data in its memory. Since the device is cloud-managed through Microsoft Azure and Intune, the organisation can wipe all the machine’s contents remotely.

Malicious Intent

  • A Zero Trust approach means that even if a device is authenticated, the current user profile can only access data and content they have permissions for. The retail establishment assumes that a breach is always possible and maintains strict controls over data access. Conditional access capabilities in Microsoft 365 prevent data leakage from both internal and external actors;
  • Any unusual behaviour on the device is automatically detected and remediated with Microsoft Defender for Endpoint, which analyses signals from the device to recognise any abnormal behaviour, like an uncommon executable running on the device. As part of the remediation path, the device is automatically quarantined from the network until the situation is resolved.

Remote Working Best Practices

Remote Working Best Practices: Unsecured Network Connections

  • Instead of worrying about encrypting data that could be shared on a public network, the organisation takes a proactive approach to having a guaranteed secure connection, especially for employees in the field, by equipping frontline workers with LTE-enabled devices. The entire Surface 2-in-1 portfolio (Surface Go 2, Surface Pro 7+, Surface Pro X) has LTE available;
  • Any websites, cloud resources, or internal networks not explicitly defined as “trusted” are contained with Microsoft Defender Application Guard. These untrusted sites or files are opened in a virtualised container – essentially a separate PC within the existing PC – to isolate those potentially harmful sites or files from the rest of the device.

Remote Normal Is Transforming Media And Entertainment

Microsoft Surface is powering the new normal when it comes to the way we create content in the entertainment and media industries with its unique brand that is #anythingbutordinary.

Microsoft Surface

The roar of the crowd in the stadium celebrating a goal; fans screaming ecstatically at a virtuoso performer’s amazing concert; the audience’s smiles of delight as the characters come to life at a Broadway show. We all know the power of experiences like these that are built on the energy of groups and shared locations – stadiums, theatres, concert halls, convention centres, meeting rooms, even classrooms – and their power to transform us in the moment and beyond, whether we are at work or in our personal lives. Real-time events collectively attended are the apex of entertainment, shared collaboration, and engagement. These experiences delight us, inform us, and become part of us. We are made even better because we are active participants in them. This expands and deepens bonds between participants and brands.

We now know that pandemics change everything. Our unique ability to adapt is tested to the limit as the business and personal landscape literally changes and shifts day-to-day. Digital is the new normal and remote work and life is now fully standard operating procedure (SOP). Remote normal will transform entertainment events, too. Content creation – an entire pipeline from camera to screen – has become virtual, supported by cloud technologies at scale.

Microsoft is hard at work to deliver better technologies and tools to bring the true power of both shared experiences to geographically diverse audiences and participants and content creators at a massive scale. They are creating platforms for a new world where powerful shared experiences and collaboration by groups of all sizes, spread across locations and time zones, will be the norm. In entertainment, creative work will require constant collaboration to achieve great things, despite our having or wanting to be geographically disbursed. Together and close, yet physically far. Microsoft’s vision here is clear: they provide cloud platforms and solutions, networks, and edge technologies that close this gap of making remote simply normal, and the Surface range of devices play a big role in all of this.

Adobe Creative Cloud And Surface

Adobe Creative Cloud And Surface

Solving the challenge of mobile creativity and untethered creativity is really important to Microsoft. The power of touch-enabled, scaled, and pen-optimised user interface for Surface Pro resonates with creatives the world over. Surface is powerful enough to run the real-deal, uncompromised creative apps you love.

Showcasing Adobe’s partnership with Microsoft, Illustrator CC has introduced a new workspace that is designed for Surface. This touch workspace lets designers create on the go what they could once only accomplish sitting at their studio workbench before. This new workspace exposes the core tools and controls for drawing and editing, making it super simple to start creating with pen and touch.

Immersive Media And Collaboration

Immersive Media And Collaboration Partnerships

More powerful, shared experiences and collaboration opportunities at-scale for global participants demand technologies and software approaches that can deliver dazzling experiences for users and scalable performance from the core to the edge of the network. Whether producing and delivering a shared live concert experience with thousands of participants across the globe, or conducting an important content editing or post-production review with multiple offices including real-time 4K video or renderings, Microsoft’s intelligent media and entertainment framework brings the power of shared and the power of the cloud to any high-fidelity user end-point, from a smartphone, to large screen, to even more immersive AR/VR/XR, and gaming environments.

Remote Normal

The Remote Normal Is Opportunity

With the new remote normal, we have an incredible opportunity to design and deliver the most engaging real-time, distributed entertainment and collaboration experiences the world has ever seen. Microsoft is passionate about helping brands create new, more powerful, high-fidelity collaborative experiences. With all the creative and commercial possibilities this new opportunity space holds, we hope that bringing a global digital audience together in real-time will do amazing things. From deeper brand engagement to increased viewer and fan interactivity. With AVID, we are redefining remote normal for news organisations globally. Journalists are now able to capture and deliver content into the virtual editing suite and control room to immediately publish to broadcast.

Creating With Surface

Surface Book 3

Meet the laptop that can handle your biggest demands. The most powerful Surface laptop yet combines speed, graphics, and immersive gaming with the versatility of a laptop, tablet, and portable studio. Available in 13.5” or 15” sizes, both with a high-resolution touchscreen.

Surface Pro 7

Surface Pro 7

The Surface Pro 7 is the creative hardware of choice for creatives. Professional vector artists and graphic designers who rely on demanding tools such as Adobe Illustrator. It’s also a great tool for creative directors and designers for whom easy portability and the ability to draw are important.

Surface Go

Surface Go

the lightest and most affordable Surface Laptop ever to power everyday experiences. With its balance of performance, battery life, value and style, Surface Laptop Go helps you get the job done. Surface Laptop Go is ultra-light with a portable profile comprised of premium materials, running essential apps, and available in a variety of modern colours.

Your Window To The World

Your Window To The World

As a hybrid tablet computer, Microsoft built this Surface for people who need the performance and graphics processing power to work, create, and game from anywhere. Now, anyone who needs desktop-class power, from designers, developers, and engineers to scientists, artists, and gamers can have the freedom and flexibility of a laptop and tablet.

Integration with Windows 10 and Beyond

Save time and money with streamlined deployment, modern device management, and built-in, cloud-powered security with connected experiences from Surface and Microsoft 365.

  • Cloud-First Deployment and Management:Deploy and manage down to the firmware layer through the cloud with Microsoft Endpoint Manager13 and DFCI.6 Reduce IT complexity with Windows Autopilot.
  • Windows Virtual Desktop:Meet complex business and security requirements with broad device redirection support, endpoint protection and Microsoft 365 virtualised in Azure.
  • OneDrive for Business:Access and protect your business and school work with this intelligent files app. Share and collaborate from anywhere, on any device.
  • Collaborate with Teams: Work better together. New integrations allow you to create shareable links, grant expiring access, and follow configured policies.

Bring your biggest ideas to life with performance that fuels demanding software. Edit stunning photographs. Run circles around renders. Create rich 3D graphics for every reality. Complete your creative workspace with clean, modern design. One hand can tilt the display weightlessly from upright to the perfect drafting table angle.

Microsoft’s tablet computer is also becoming an option for artists whose digital mark-making follows the process of traditional drawing and painting – artists who would currently be drawn to Apple’s iPad and apps such as Procreate – though this has less to do with the upgraded hardware but that Adobe has released a Windows version of its new painting app, Fresco, that’s only available for Surface tablets and Wacom’s MobileStudio Pro.

Staying Connected, Safely

Staying Connected, Safely

One of the biggest obstacles to creative agency mobility is the need for a stable high-speed internet connection. If a designer’s access to the internet is intermittent or plagued with slow upload/download speeds, it will affect their ability to work efficiently. However, not every employee will have high-speed internet at home – or they may have to work from remote locations, such as a coffee shop or a rent-a-desk.

The Microsoft Surface with LTE helps solve this problem by using radio frequency communications (similar to how cellphones work) to connect to an LTE network tower. This allows remote employees using Microsoft business on the go tools, such as the Surface Pro 7, to access the internet (and thus any cloud-based apps needed for their work) from anywhere they can get a cellphone signal. By allowing employees to connect to mission-critical business apps and databases from virtually anywhere with a cell signal, work in whichever mode (laptop or tablet) is the most comfortable to them, and providing secure access to the internet, Microsoft’s Surface with LTE makes remote workers more productive and easy to manage

Integrating With IT

Integrating With IT

As workers increasingly interact with workplace applications using mobile devices, tablets, or other mobile form factors, organisations face higher risks of these devices being lost, stolen, or temporarily misplaced.

Surface devices can better protect their devices and data against attacks or accidents. With security capabilities built into the firmware, operating system, and Microsoft 365, Microsoft has taken a comprehensive chip-to-cloud approach to help organisations deliver more protection for employees using Surface devices with Microsoft 365.

In addition to the ways that Surface with Microsoft 365 can help keep frontline devices secure, with cloud management and Windows Autopilot, Surface devices can also be shipped directly to a worker’s location without IT ever touching the device, saving time and effort. As frontline workers increasingly use devices in public spaces, the need to protect sensitive information at the front line has never been more important.

Do more with less – less resources, less complexity, less associated risk. Improve IT efficiency and reduce costs with remote Surface device deployment and management. Realise cost and time savings with a device portfolio that optimises Microsoft software in the environments your apps are deployed.

Do more with less
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]