Windows as a Service simplifies the job of keeping up to date, but challenges legacy processes

curved building facade

Although most enterprise customers are still running legacy versions of Windows – 60% by some accounts, the vast majority being Windows 7 — everyone understands the importance of getting to Windows 10.  But once you get to Windows 10 you face the new challenge of keeping it up to date.  In order to continually enhance security and productivity, Microsoft has replaced the traditional 4-year upgrade cycle with a model called Windows as a Service.

Windows as a Service sees a release of Windows 10 for business users about every six months, and those are patched for 18 months (although a few early versions have been given 24 months of support).  The approaches organizations used to keep Windows XP up to date, which were subsequently OK for Windows 7 and 8, are no longer going to work with Windows 10.

Windows-versioning-Days-in-service

Keeping Windows 10 up to date will involve re-examining core processes, application classification efforts, feature testing methodologies and deployment considerations.  We look at each area here and note the changes you’ll have to make:

Processes

It is likely your processes are designed for an operating system upgrade every 4-6 years and now Windows is updating every six months.  This raises questions about which versions of Windows 10 you will deploy and how many versions you will be operating at any time.  For the last 20 years most enterprises strived to deploy a single standard version of the operating system, but that will not be possible for most large enterprises now.  You will need multiple versions of Windows deployed in order to test apps and devices against the latest version of Windows.

Change required:  You will have to manage multiple versions of Windows in deployment rings, which “are similar to the deployment groups most organizations constructed for previous major revision upgrades,” Microsoft says. “They are simply a method by which to separate machines into a deployment timeline.”

App classification

In the old world of upgrading Windows, virtually every app would be thoroughly tested by IT and then go through user acceptance testing.  This approach, though costly, made sense when it was done only once every four years, but is too expensive to execute twice per year.

With Windows 10 servicing, only a small percentage of critical apps need that degree of validation.  Non-critical apps have compatibility assessed using new Microsoft analytics capabilities which identify known issues using a vast pool of data Microsoft has in this space.  Then the new version of Windows 10 is deployed in a phased way, starting at low volumes and scaling to broad deployments.

This process of classifying apps as critical and non-critical is the perfect time to build the case for app modernization, retirement, replacement and rationalization, and may be a good time to argue for additional investment in this critical ritual.

Change required: The traditional app user acceptance testing process must be adapted. The old approach of testing each app should be reserved only for the most critical apps.  While analytics tools capable of reporting on app compatibility with future versions of Windows will help identify problem apps before the next upgrade, they won’t catch everything.   You’ll also have to deploy new versions to small groups of early adopters using the deployment ring technique.

Taken together, these changes will involve significant process re-engineering, which will represent as big a challenge as the technical challenges. It is also worth noting that it doesn’t stop there.  Enterprises will need to continually revisit their app strategy, app rationalization and app modernization efforts.

Feature testing

The next question you’ll need to address is how to handle new features. We anticipate the number of features and capabilities being added in new releases will continue to climb, a great example being the artificial intelligence and machine learning capabilities being built into Windows 10 version 1803. So, how do you assess features every six months that could make a material difference to the business? Hint: This isn’t simply a technology question.

Which features should you adopt? How should those features be configured? What features are mandatory and which are optional?  For optional features — many of which will concern productivity and creativity — what is the security and business impact of not adopting those features?

Change required: Processes need to be in place to assess new Windows features, to make decisions on deploying and configuring features, and communicating how to benefit from those new features.

Managing deployment of Windows 10 versions

The physics of deployment take over when you have moved to the new model of servicing.  For most enterprises there will be several versions of Windows 10 deployed at any time. With the new servicing model, what used to be an occasional “major project” becomes a continuously executed “process.”

Each of the updates brings a set of new capabilities, but this is NOT the same as deploying a whole new operating system.  It’s more akin to deploying service packs in the old way of thinking.  When deploying Windows 10 upgrades you still need to consider:

  • What tooling will be used for deployment
  • How will deployment logistics be communicated to users
  • How to minimize any business or technical impact of the deployment
  • What training will be required for new features
  • If the upgrade process offers a good point in time to rollout other changes

Change required:  Move to a constant cycle of upgrades and don’t skip versions (although that advice may change over time).  This applies to the ecosystem of products, including Enterprise Mobility & Security, Azure Active Directory and Configuration Manager.

It pays off

Clearly companies are going to need a governance model to ease the deployment of Windows 10 from early adopters to the broad deployment within the enterprise, but there are several tangible benefits to keeping Windows 10 up to date:

  • Support for the latest creativity features, productivity tools and devices helps employees work better and more securely. The attraction and retention of talent is critical today and cutting edge tools can influence a working population that has high expectations because of their technology experiences outside the workplace.
  • The security in the Windows ecosystem improves with each Windows 10 release. With modern threats, enterprises can no longer afford to be years behind the curve, and while DXC will maintain patches for all supported versions of Windows, you don’t get access to the latest security features unless you upgrade and enable those features.
  • Ongoing updates avoids the accumulation of technology debt and helps IT teams focus their time where it matters, on running the digital transformation of their business safe in the knowledge they have a strong digital platform to build on with Windows 10.
  • Incremental changes will reduce the impact workers normally experience with major operating system upgrades.

The question for enterprises is, how far behind the release curve do you want to be?  How many new security features do you want to leave on the shelf?  How far behind competitors do you want the user experience of your people?   Windows as a Service gives organizations a chance to simplify the process of staying up to date, but it requires a basic rethinking of how to approach Windows management.


stu-downes-headshotStu Downes is a Director of Product Management and Product Architecture in DXC’s Workplace & Mobility offering group. Stu’s role working with product management, industry analysts, key clients and partners gives him a unique view of market trends and client needs. Stu has held a number of roles delivering, designing and leading solutions and products that make people more productive and businesses more effective. He is now shaping workplace products that enable the hyper-productive digital workplace.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: