Understand the role of Windows 365
Windows 365 introduces a cloud-based approach to endpoint delivery by providing users with secure, persistent Cloud PCs hosted in Microsoft cloud infrastructure. Instead of relying entirely on traditional physical devices, organizations can deliver a full Windows experience that users can securely access from virtually any supported device and location.
Windows 365 supports modern endpoint management by combining cloud-hosted desktops, centralized administration, identity-based access, and security controls.
Why this matters
Organizations increasingly support hybrid workforces, remote users, contractors, and bring-your-own-device (BYOD) scenarios. Traditional endpoint management models that depend heavily on physical devices and on-premises infrastructure can create operational complexity and reduce flexibility.
Windows 365 helps organizations modernize endpoint management by shifting Windows workloads to the cloud while maintaining centralized management, security, and compliance controls. Administrators can deliver secure corporate desktops without depending entirely on device ownership or location.
What is Windows 365?
Windows 365 is a Microsoft cloud service that delivers Cloud PCs to users. A Cloud PC provides a full Windows desktop experience streamed securely from the Microsoft cloud.
A Cloud PC includes:
- Persistent user settings and personalization
- Installed applications and corporate data
- Enterprise security and compliance policies
- Access to organizational resources
Unlike traditional virtual desktop environments that often require significant infrastructure management, Windows 365 provides a simplified Software as a Service (SaaS) model for Cloud PC delivery and administration.
Tip
Windows 365 Cloud PCs are persistent, meaning users retain their apps, settings, and files between sessions just like a traditional physical PC.
Windows 365 in modern endpoint management
Modern endpoint management focuses on centralized cloud-based management, identity-driven security, and device-independent access to corporate resources. Windows 365 supports these goals by moving the Windows endpoint experience into Microsoft cloud infrastructure.
Windows 365 helps organizations:
- Support hybrid and remote work scenarios
- Provide secure access from managed or unmanaged devices
- Simplify endpoint provisioning and lifecycle management
- Reduce dependency on physical hardware deployments
- Enable scalable cloud-first endpoint strategies
This approach shifts the management focus from the physical device to identity, Cloud PCs, policy-based configuration, and centralized security enforcement.
Windows 365 architecture and integration
Windows 365 Cloud PCs are hosted within Microsoft-managed Azure infrastructure. The service integrates with several Microsoft cloud technologies to provide identity, management, networking, and security capabilities.
Core integrations include:
| Component | Purpose |
|---|---|
| Microsoft Entra ID | Provides identity and authentication services |
| Microsoft Intune | Delivers device management, policy deployment, and compliance management |
| Azure networking | Supports Cloud PC connectivity and network integration |
| Microsoft Defender | Provides endpoint security and threat protection |
Windows 365 supports different networking approaches depending on organizational requirements:
- Microsoft-hosted networking
- Customer-managed networking
These options allow organizations to balance simplicity, connectivity requirements, and network control.
Security and access model
Windows 365 uses an identity-centered security model. Access can be protected with Microsoft Entra ID, Conditional Access, multifactor authentication, Intune compliance policies, and Microsoft Defender services.
This model supports Zero Trust by evaluating user identity, device compliance, session risk, and access conditions before allowing access to resources.
Because corporate apps and data remain in the cloud-hosted environment, Windows 365 can also help reduce risk when users connect from personal or unmanaged devices.
Management experience
Administrators manage Windows 365 primarily through the Microsoft Intune admin center and Windows 365 administration tools.
Management capabilities include:
- Provisioning Cloud PCs through provisioning policies
- Assigning applications, configuration profiles, and compliance policies
- Managing endpoint security settings
- Monitoring Cloud PC health, provisioning status, and connectivity
- Performing device actions such as restart, reprovision, resize, and restore (where supported)
- Supporting users and troubleshooting operational issues
- Monitoring utilization and lifecycle management
Compared to traditional desktop deployments, Windows 365 reduces several operational requirements:
- Traditional device imaging and deployment processes
- Virtual desktop infrastructure (VDI) architecture design and management
- Session host management and capacity planning
- Infrastructure maintenance and patching of virtual desktop platforms
- Manual endpoint provisioning workflows
Because Microsoft manages the underlying Cloud PC infrastructure, organizations can focus on user experience, security, compliance, and application management rather than virtual desktop infrastructure operations.
This simplified management model helps organizations reduce operational overhead while maintaining centralized administrative control through Microsoft Intune.
Windows 365 endpoint experiences
Windows 365 provides multiple methods for users to access their Cloud PCs, allowing organizations to choose the experience that best aligns with user requirements and endpoint strategies.
Standard Cloud PC access
The traditional Windows 365 experience allows users to access their Cloud PC through:
- A supported web browser using the Windows 365 web portal
- The Windows App for Windows, macOS, iOS, Android, and other supported platforms
This approach provides flexible access from virtually any supported device without requiring specialized endpoint configurations.
Windows 365 Boot
Windows 365 Boot enables users to sign in directly to their Cloud PC from a physical Windows 11 device. Instead of accessing the local operating system after authentication, users are automatically connected to their assigned Cloud PC.
Key characteristics include:
- The physical device functions similarly to a thin client
- Users interact primarily with their Cloud PC environment
- Simplified user experience for frontline, shared, and kiosk-style scenarios
- Centralized management through Microsoft Intune
- Reduced exposure to local device configuration changes
Windows 365 Boot is particularly useful when organizations want users to work almost exclusively within their Cloud PC while still using standard Windows hardware.
Windows 365 Switch
Windows 365 Switch integrates the Cloud PC directly into the Windows 11 desktop experience.
Users can:
- Switch between their local device and Cloud PC
- Use the Windows 11 Task View interface to move seamlessly between environments
- Access both environments without launching separate applications or browser sessions
This creates an experience similar to switching between multiple desktops, allowing users to move between local and cloud-based workloads while maintaining productivity.
Windows 365 Switch is particularly valuable for users who need access to both local resources and their Cloud PC throughout the workday.
Comparing Windows 365 access models
| Access method | User experience | Typical use case |
|---|---|---|
| Browser or Windows App | Connect to Cloud PC through a portal or application | Flexible access from multiple devices and platforms |
| Windows 365 Boot | Sign in directly to the Cloud PC at device startup | Shared devices, frontline workers, cloud-first deployments |
| Windows 365 Switch | Seamlessly switch between local Windows and Cloud PC environments | Knowledge workers requiring both local and cloud resources |
Note
Windows 365 Boot and Windows 365 Switch require Windows 11 version 22H2 or later on the physical device. Both experiences are configured and managed through Microsoft Intune and are available for supported Windows 365 deployment scenarios.
Common Windows 365 scenarios
Organizations use Windows 365 in a variety of modern workplace scenarios.
Common use cases include:
- Hybrid and remote workforce enablement
- Contractor and temporary staff access
- Bring-your-own-device (BYOD) environments
- Rapid employee onboarding and offboarding
- Secure access from unmanaged devices
- Business continuity and disaster recovery support
Windows 365 can also help organizations standardize endpoint experiences across geographically distributed users while maintaining centralized security and compliance management.