<img src="https://secure.leadforensics.com/51024.png" style="display:none;">

What Every IT Executive Should Know About Evergreen App Management

I don't know about you, but I don't know of any single enterprise-size organization that does not do some formal application compatibility testing as they roll out a new OS — except one: Microsoft.

According to a webinar, Microsoft's application portfolio consists of 1,650 applications, 96% of which are browser-based. That leaves them with about 250 business critical apps, but surprisingly the company hasn't undergone a formal app compatibility testing program since rolling out Windows 8. Instead, the software giant has been able to roll out at least four Windows 10 versions to 95% of its full-time employees in less than nine weeks by running a 20,000 device pilot phase in which issues are tracked through the help desk, Feedback Hub, and Yammer before rolling it out company-wide. 

If that makes you feel a bit queasy (or full-blown anxious), stick with me as I walk you through what choices organizations have to manage their application packaging and testing efforts in an Evergreen IT mode, what the prerequisites are for doing so successfully, and what an optimized process would look like. At the end, I will also include some general pointers to keep in mind.


[Please note, the article is part of the Definitive Guide to Successful Windows 10 Servicing series.]


Different Evergreen IT App Management Strategies

Every organization is different and will manage their application portfolio differently. But ultimately, it comes down to these basic four approaches:

  • Test 100% of your applications with each new platform change — regardless of their usage or risk factors.
  • Don't test any applications before and fix what breaks in flight — this is the Microsoft internal approach.
  • Identify and test all business critical apps but only do a quick certification testing (or rely on sources such as Windows Analytics) for the rest to catch obvious culprits
  • Identify and test all business critical apps but don't test any of the other applications and fix what breaks in flight (the currently publicized Microsoft external methodology)

While the first two approaches won't be feasible (or recommended) for the vast majority of enterprises, the last two are worth considering. The only difference is whether or not you categorize your applications based on usage and risk levels (see below). 

Prerequisites For Successful Evergreen Application Management

Compared to traditional application management exercises that were often tagged onto larger IT Transformation projects, Evergreen IT app management requires a more strategic approach and a lot more preliminary set-up work to function properly. Because the cycles are much faster (e.g., 2/year for Windows 10 and Office 365), applications must be managed much more tightly than ever before. To set yourself up for success, you should consider the following:

  • Centralized management of all app components. Creating a centralized repository of all application components and meta data (e.g., name and email of the responsible application owner, documentation) will immediately cut down on the time and effort involved in managing your estate.
  • Maximal rationalization and normalization of products. Secondly, you will want to cut down on the number of applications you are maintaining. According to CapGemini, 48% of CIOs claim their business has more applications than required and 25% of in-house applications are never even installed! One of our clients was able to eliminate more than 70% of their applications through a combination of usage tracking and self-service user validation)!
  • Strict categorization. Once you have rationalized and normalized your portfolio, it is worth going through the rest and categorizing them according to their risk factors (business critical and low risk) as well as their usage (high and low). This way, you can prioritize your packaging and testing and accelerate your rollout. Low hanging fruit, for example, would be finding a high-usage, but low-risk app that would allow you to set migration status to "Go" for the majority of your users.
  • Relentless policy enforcement. Once the above steps are in place, your business groups need to understand the consequences of creating Shadow IT organizations and the application sprawl they cause. Position your organization as an IT-as-a-Service and encourage them to use self-service as much as possible — but be sure to get executive and business managers' backup for strictly enforcing policies or your process will crumble. 
  • Automated Testing and Packaging process. Last but not least, try to automate wherever possible — whether this is creating documentation automatically in the background as application owners run through a test, or leveraging smart workflows to route your packages through the process. If it is repetitive, tedious, and time-consuming, consider automating it!

Now that we have talked about the set-up, let's have a look at the process itself.

Optimized Application Management Process In An Evergreen Context

Running through a streamlined application packaging and testing procedure in an Evergreen fashion is simple enough. There are five major steps that will help you create a scalable, repeatable, and fast process:

  1. App Re-Certification. With the right tooling, you can trigger an email containing log-in details for a virtual machine running the new, to-be-tested-in environment to your application owners. They can quickly and with little effort test their application and track the results. 
  2. Determine Which Apps Need Further Intervention. Once the re-certification is completed, 70-80% of your applications can be switched to "Green" and only 20-30% will require further investigation. This can be anything from an automated testing and packaging process to manual intervention.
  3. Packaging Into MSI Or For Virtualization. Depending on your strategy, you can now either repackage your applications into new MSI/MST files or transform your already signed-off apps into virtual packages. This process can be very tedious and labor-intensive and requires automation wherever possible to keep pace with the fast velocity of Evergreen IT.
  4. Non-Functional & User Acceptance Testing. Now that all applications are packaged, they need to be tested vigorously under the new conditions before they are released into mainstream deployment. This first round of testing will focus only on the technical aspects: can it be installed, started and shut down without any issues; does it use too much CPU or memory capacity? Once the app passes the non-functional testing, it will be routed to the responsible application owners who will take it for a user acceptance testing spin. Again, using automated tools and virtual machines makes this a fast and painless process. As with any testing, ensure you can track, analyze, and act upon the test outcome. 
  5. Release Into & Enable For Mainstream Deployment. All applications that had to be re-packaged and tested will need to be made available for mainstream deployment. They need to be released and signed off by users before they can be made visible and accessible in your corporate application store.

Your process might vary slightly, but this gives you a general idea of the milestones you should aim to hit on your journey. It is important to optimize each step to be as fast and efficient as possible — without sacrificing the end-to-end operation or rushing it and risking business disruption. For example, the black mystery screen for Dell computers on application of the April 2018 Update, caused by Windows 10 having an adverse reaction to a third-party antivirus tool. 

Conclusion & Recommendations

I cannot stress enough that organizations have to find the right balance between volume application testing and velocity deployment readiness. For some, this might mean testing only a small portion of their application portfolio, but for most, this means a slick certification process using the tools available in the market today.

As you are thinking how to design your Windows-as-a-Service update process, I recommend that you:

  • Rationalize your application portfolio as much as you possibly can, but also make it an ongoing action item (rather than a one-off project). A good understanding of the application estate will reap huge rewards later on.
  • Err on the side of caution when testing your applications for compatibility. Have a protocol in place to remediate the issues right away.
  • Consider how Windows 10 Universal Apps will fit into your application readiness process.
  • Have a plan for web apps (Edge, Internet Explorer 11) and Office plugins as this will increasingly become an issue.
  • Increase your agility and time to market by automating as much of the process as possible.
  • Make sure that whatever process you build is repeatable, industrialized and allows for the simultaneous running of multiple upgrade projects.
  • Investigate the tooling in the marketplace today to help manage the WaaS process.

New Call-to-action