Why Your Windows as a Service Updates Need a Strategy
According to our Death of Windows 7 survey, 15% of IT professionals aren’t aware of Windows 10’s need for continuous updates. Another 43% of enterprises still have machines running Windows 7, so even those who are aware of its update schedule might not have a full understanding of what it will entail, and ultimately the impact and risk this introduces to their businesses and how this will affect their underlying strategy. Meanwhile, 46% of IT professionals said they don’t have a formal plan in place to manage Windows as a Service updates.
For these professionals, the success of their transition to Windows 10 will be directly tied to their strategy for handling updates. To make a long story short, there’s a significant difference between an effective Windows 7 update strategy and an effective Windows-as-a-Service strategy. In this article, I want to share what to expect from Windows 10 updates so you can start to build a strategy that matches reality and adopt new processes that meet the demands of today’s WaaS model.
The Endless Updates of Windows 10
Unlike Windows 7, Windows 10 will feature two major semi-annual feature releases, in addition to 12 Quality Update releases per year for security hygiene. That’s not all, since many Windows 10 enterprise users also run Office 365, that productivity software will also see two semi-annual releases on top of regular Office-specific security updates. When you add this all up, I hope you can begin to realize a new approach is needed.
Many enterprises utilize 3rd party freeware tools and applications to improve the functionality of Office 365. Increasingly, hackers are targeting these products’ vulnerabilities as a way to break into the network. Expect to update these tools just as regularly as Office to ensure that your enterprise minimizes its overall attack surface.
In addition to managing machines inside the internal corporate network boundary, enterprises need to think about protecting remote workers outside the network as the trend for mobile working grows. Often, a security risk is determined by the small number of unpatched machines that pose the greatest risk. Even if these remote endpoints don’t touch the network frequently, all it takes is one connection from an unpatched and infected machine to cause a security event and that could lead to a serious data breach, compromising not just the intellectual property of the organization and its customers, but potentially their reputations as well.
Finally, an effective update strategy needs to incorporate the need to respond quickly to Zero Day Attacks. With these attacks vectors, malicious code has been published publicly, which means an attack on unpatched machines can be conducted by anyone willing to cause harm. When these exploits become known, Microsoft will work rapidly to release a permanent or at least temporary patch to address the issue (known as out of band) of the once-a-month Quality update.
The Impact on Enterprises
To recap, that’s twice a year major updates, monthly updates, updates to 3rd party tools, and updates with no warning whatsoever. As you can see, the volume, frequency and size of Windows 10 updates far outstrips managing any OS which has gone before it.
Rather than spending months testing and validating an update against both the core operating system and interoperability with critical Line of Business applications and functions, enterprises will have one month tops to be fully deployed and considered current before the next release cycle comes out, causing the enterprise to fall behind. Enterprises often have complex infrastructures containing multiple dev/test pre-production environments, and all these environments will also need to be patched and maintained to the same level as the production environment. All of this can leave little time for the actual deployment of updates to the edge of the business network.
And that’s before you consider the fact that many enterprises often restrict the distribution of updates to outside of normal business hours or prevent deployments during change freezes at peak times of the year critical to their specific industry sector. While under Windows 7, this strategy somewhat limited the network and normal business operations from being disrupted, the “always updating” cadence of Windows 10 makes this schedule is a non-starter.
With Windows 10, updates are bundled and non-elective. While they can be delayed, they can’t be declined. That means an enterprise running Windows 10 will also see a dramatic increase in network traffic due to the larger size of updates, which existing network architectures using distribution points aren’t always designed to handle.
Power Your Windows 10 Update Strategy With Software
The bottom line: Windows 10 updates are going to become more frequent and more data intensive. Therefore, an effective Windows 10 update strategy should seek ways to gain time while reducing bandwidth. That’s where a Software-Defined Enterprise Content Delivery Network (SD ECDN) like Kollective can help.
By adopting an ECDN overlay to your existing ConfigMgr infrastructure, you can leverage the power of a peer to peer technology to dramatically reduce the need to deploy distributions points that serve content to your end user computing estate. By streamlining your ConfigMgr, you’ll not only significantly accelerate the time it takes to deploy updates, but also reduce the amount of update-related data moving through the corporate WAN, by offsetting this to the LAN.
This will allow you to deploy updates during business hours without impacting the network and disturbing critical business functions, buying you an additional 10-12 hours a day in which to deploy. You can then use the extra time you gain during deployment for testing and validation, reducing the risk of failed deployments.
Without a doubt, Windows 10 requires a change to the way you approach updates. For IT staff who are used to taking their time or putting off updates, Windows 10 is going to feel like going from a walk in the park to a never-ending sprint. But with the right strategy and technology in place, enterprises will be able to keep pace with Windows as a Service without compromise.
Counting down to the 'Death' of Windows 7
THE DEATH OF WINDOWS 7 REPORT
How today's enterprises are preparing for tomorrow's security disaster
Microsoft will officially end support for Windows 7 on January 14, 2020, yet 43% of enterprises are still running the outdated platform. Learn how far enterprise businesses are in their migrations to Windows 10, the challenges they are facing and why IT leaders need a software distribution strategy to prepare for WaaS.
Related Blog Posts
From the “maker movement” to how-to videos, we live in a DIY era. Whether it originates from punk rock or anti-consumerism, the movement today leverages technology to connect people with similar interests and empowers them to fix, build, or hack their way through a...read more
It’s June in the Bay Area and there are rainbow flags on almost every building as we celebrate Pride month. There are Pride events happening all over the world celebrating the impact that LGBTQI+ people have had on the world. Over the past few years, we have seen a...read more
Let me tell you, video is never easy to do well across an entire enterprise. I know first-hand as we host a mandatory monthly All Hands Meeting at Kollective. While my event services team can share details on the planning, logistics and technology that it takes to...read more