By Mark Margevicius, director of enterprise solutions, End-User Computing, VMware
Microsoft’s forthcoming Windows 10 is a significant milestone for any enterprise customer today. With this release Microsoft has delivered a meaningful release that will have impact and value for many years to come. But Windows 10 has enough differences from prior versions (Win7, Win8/8.1 or WinXP) to lead me to believe that this is not business as usual. It is important to understand how this release differs from prior releases and what actions organizations should take as part of their due diligence.
Why all the Buzz?
There are many interesting aspects/features/components to Windows 10, far too many to adequately cover here. Rather, I suggest enterprises begin their own research (https://www.microsoftvirtualacademy.com/en-US/training-courses/getting-started-with-windows-10-for-it-professionals-10629) on the changes and features that they will likely encounter. For me, the most interesting aspects of this Windows release involve:
- how users will acquire Windows 10
- how old and new applications will work together
- how architectural security changes affect users and data
- how the new methods of performing Windows administration will change what administrators do on a day to day basis.
Initial excitement because of free consumer upgrades: We expect that the desire for Win10 will be strong from the get-go, in large part because consumers can get the upgrade from a previous version of Windows for free. And while organizations believe that they may be isolated from the world of consumer, the never-ending drumbeat of consumerization, BYOD/BYOPC, and self-empowered users will add pressures to IT staff to support Windows 10 in some fashion sooner rather than later. Free consumer upgrades will likely act as a catalyst for some organizations to move more quickly than they will like. And if your users are already running an older version of Windows with administrative privileges on a corporate PC today, there is a very strong likelihood that they will attempt an in-place upgrade with or without you.
Your To-Do: Get ahead of the curve by testing Windows 10 in isolation (i.e. use virtualization, spare PCs, or a VDI session) so that you can be ready for the questions. Begin your testing evaluation work now so you are ready to deal with the inevitable requests that will so be here.
Understanding the difference between Legacy and Universal Apps: Legacy applications that are dependent upon the Win32 kernel are the bread and butter foundation of most enterprise desktops today. These applications are the heart and sole of productivity, and are the tools that drive businesses. The good news is that these applications will largely work unmodified in a Windows 10 environment. While application testing is always a requirement, we expect the amount of time needed for application remediation should be minimal.
Universal applications, however, are very different from legacy applications. The concept of a universal application implies that a developer will write once so that it can be run anywhere. In Microsoft’s case that means it will work equally well across desktops, tablets, and smartphones. Universal applications designed for Windows 10 will take advantage of the unique characteristics of each platform (i.e. tablet, desktop) so that user receives the best experience possible. Organizations need to be aware that simply provisioning or writing universal applications have requirements (such as setting up the app store) that are needed as well.
Your To-Do: Test your legacy applications to ensure compatibility, and investigate whether universal applications are desirable (and if so, begin to understand the requirements associated with them).
Better Security in and out of the OS: The current state of security on older versions of Windows is complex, fragile, costly, and incomplete. Relying on agent-based security is only partially effective and is subject to compromise. With Windows 10 Microsoft has added many features to improve user and organizational data security. Features such as data policies, privileged applications, per-application VPNs, secure boots, and health attestation will all help the beleaguered Windows administrator. Further, Microsoft has also introduced/improved many polices associated with encryption, antivirus, firewalls, compliance, and enterprise wipe/factory resets.
Your To-Do: Doing anything to help security is a good thing, and administrators need to recognize that some Windows 10 projects are justifiable based on enhanced security benefits realized by organizations. The bad-guys want your stuff, and you need to do whatever you can to reduce/eliminate this threat.
Elegant Updates: Perhaps the biggest change that affects organizations will be the process and cadence associated with how and when Windows 10 updates will occur. Most customers apply a systematic approach to updating Windows, whereby they test patches, fixes, and updates over a prolonged period of time. They then deploy those updates as an image update that is scheduled well in advance. With Windows 10 Microsoft will dynamically apply updates (patches/fixes as well as features/applications) as needed and stream them directly to Windows 10 based systems. Microsoft believes (and we agree) that timelier and relevant updates (particularly updates that address security) will help customers in the long run. This approach to updating, which is nearly the same as the EMM-based approach used for mobile devices today, allows for runtime provisioning, simple rollbacks, policy-based administration, and other more advanced management techniques. This approach is very different to agent-based approaches that are common today. Recognize that these changes are different, so getting used to streamed updates will require customers to change process around application testing/verification.
Your To-Do: Begin investigating HOW Windows 10 updating is different not only technically, but the impact it will have on your operational teams as well. Specifically, investigate and understand Windows Update for Business, which allows a more managed way on how organizations can test, stage, and deploy updates within the organization.
Whether you plan on deploying Windows 10 today or two years from now, recognize that getting to a homogeneous state for version consistency is typically neither feasible nor pragmatic. Migrating users is a lengthy process and many not be desirable for all your users. Further, some users may choose to use devices/platforms that run iOS, MAC OS, Android, or older versions of Windows which do not offer the same methods of management as Windows 10.
Most of you will be diligently testing Windows 10 for the next 3-9 months, and with good reason. The cadence of updates, management features not yet available, and application regression testing (both old and new apps) are just some of the action items you will run into. A more rational approach may be to deploy Windows 10 to the right users when needed, and a slower and less disruptive deployment to others business groups over a period of months/years will be less risky. This means that organizations will continue to manage the diversity and legacy platforms within their environment.