In a recent vendor briefing with Gartner about how to best manage the Windows Servicing process, the Gartner analysts mentioned that they are currently getting a lot of questions from enterprises are stuck on Windows 10 1809. This reflects our experience as well. In the past five or six months, we have increasingly gotten inquiries from large companies who had initially migrated from Windows 7 to Windows 10 and had planned to use the support windows to sort out their Evergreen IT management, but they never got around to it because COVID struck.
That is why today I want to take a closer look at why these organizations are getting stuck and show you the steps you can take to get unstuck in the fastest and most efficient way possible.
Microsoft's Windows 10 support timeline has changed so many times that it is hard to keep track, but over the past few months, a LOT has happened that caused a difficult situation for enterprises and other large organizations. First and foremost, four enterprise versions of Microsoft's current OS lost support in just seven months (between October 13th, 2020 and May 11th, 2021):
A lot of organizations had initially migrated from Windows 7 to Windows 10 1803 or 1809. After that big bang migration was completed and project resource disbanded, many IT organizations found themselves with the responsibility to figure out how to manage the ongoing Windows 10 upgrades. But without any additional budget or resources, adequate tooling, or sufficient project management experience, many organizations struggled to figure out how to deliver the required change efficiently.
To make matters worse, the pandemic hit. Many IT organizations we spoke to were just preparing to upgrade or had just started their upgrade cycles in the late winter / early spring when the Stay-At-Home orders at the beginning of March were issued. Over the next weeks and months, almost all organizations came to a screeching halt with their Windows 10 Servicing programs and instead focused their efforts first on supplying their employees with everything they needed to be able to work from home and then on facilitating Digital Transformation projects that were suddenly prioritized to adjust to the changing market demands (contactless payments, online ordering, etc.). Rightly so, organizations were nervous about forcing upgrades to remote machines in unmanaged locations with no easy way of supporting any major resulting issues.
Now that the worst is over and things are returning to a somewhat (new) normal, upgrading all those business users on unsupported versions of Windows is, once again, becoming an urgent priority — one which is now often under intense scrutiny fueled by the anxiety of executive managers who don't want to see their company in the headlines for ransomware attacks due to unsupported and outdated software.
There are many hurdles that not only make it more difficult for organizations to upgrade continuously to the next version of Windows, but also ultimately cause them to get stuck, forcing them to run expensive big bang migration projects rather than smaller, more iterative Evergreen IT management streams. However, there are four issues that, across the board, cause organizations with tens or even hundreds of thousands of users the biggest troubles.
The first issue we almost always see is inadequate and manual application management, especially when it comes to packaging and testing. When organizations moved to Windows 10 initially, many didn't put anything in place to manage their application estate properly. This caused an increase in Shadow IT and, with it, application sprawl, making it close to impossible to know what applications are currently installed, not to speak of keeping them properly updated and maintained. Consequently, there are lots of applications that aren't packaged and distributed centrally.
In addition, the app owners that were documented during the Windows 7 to Windows 10 upgrade haven't been maintained since then, which causes a mess every time an app needs to be re-packaged or tested. Finally, most organizations do not have a good application catalog, which makes it harder to manage the apps. Basically, they are back to square one every time with application compatibility and testing, requiring extensive discovery, analysis and inventory work before they can even start.
Microsoft's marketing message shortly after the release of Windows 10 may be partially responsible for enterprises expecting that no or very little additional work was needed to manage subsequent Windows upgrades once the initial migration was completed. A lot of enterprises drastically underestimated the efforts involved and therefore did not provide Business-as-Usual teams with any or adequate additional budget and/or resources, nor did they have sufficient project management skills to handle such a workstream.
This resulted in many Business-as-Usual organizations having to figure out how to quickly turn the remnants of a big-bang migration (that had been managed as a one-off project and had been thrown over the fence to the operational teams) into Evergreen IT-driven upgrades. This was only made worse by the fact that with COVID, everyone had to work from home, making an OS upgrade even more difficult to manage as there were a lot more variables involved and it was therefore much riskier.
Another important reason why enterprises got stuck on 1809 (or another version) is that they theoretically understood the concept of managing Evergreen IT, but found it very hard to translate the concept into practical processes that they could implement. For example, a big issue we see all the time is that IT teams struggle to define their ring scoping and, more importantly, struggle with determining how to define their Windows Deployment Rings. Additionally, they don't really know what this would involve from an application testing perspective, and they don't know how to monitor failures or, once the rollout is done, how to feed back on any failures that happened in the live environment.
Finally, all processes involved must be streamlined and optimized before they can be automated. It is human nature to stick with what we know, and we often do things the way we always have done them because that way worked. But with the enormous velocity of change and the increasing complexity of today's IT environments, manual processes simply won't cut it.
While a one-off project is literally defined by the project scope, managing BAU often involves a lot of changing dependencies. For example, there are a lot of changes happening in the market right now that make certain hardware obsolete. This now unsupported hardware causes drivers to fail and applications to not work as expected on the upgraded operating system. In this new environment, the BAU team has to now create a new image and certify it against all the hardware configurations and applications being used, making everything a lot more complex.
Oftentimes, the things that get us stuck in the first place are the things that get us unstuck again as well. Here, as so often, it comes down to three things: people, tools, and processes. You need enough of the right people with the right skills, the proper tooling to get the job done as efficiently as possible, and optimized processes. However, these components do not operate independently of each other. Instead, they are intricately interwoven and interdependent. Let's go through these three components in more detail and explain what they mean.
The easiest way to approach this is by starting with the process. As we have outlined many times in the past, to manage Windows 10 Servicing or Evergreen IT Management (because we understand Windows 10 Servicing is a subset of Evergreen IT), you must first carefully put an optimized, industrialized, and repeatable process in place. To make this step as easy as possible, I have shared our Evergreen IT project plan template that can be fully adapted to your unique situation. This gives you a nice jumping-off point from which you can get started.
Once you have your process, you should also know how to support them. You must know exactly which people you need, what skillsets you must have, and how much budget you will need to allocate. Finally, you will need to put the right tooling in place to support your processes and empower your people.
This includes not only the ability to have central command and control (which means a single version of the truth for your entire team and all stakeholders) but also implement end-to-end automation of the entire process and the ability to dynamically create the path of maximum velocity. Of course, your tooling must offer self-service capabilities, T-minus-based automated communication, and automated application packaging and testing integrated within the upgrade and deployment management process. To learn more about the tooling you'll need, check out our Evergreen IT Management solution, Juriba Dashworks, as well as our app packaging and testing automation.
I hope that you have found all of this information useful and that it inspires you to take the necessary steps for getting your Windows 10 servicing program moving again. If you have any questions or comments, I would love to hear them. Just comment below or directly email them to me.