The key to end-user computing


IT pros share their Windows 10 deployment trials and triumphs

Real Windows 10 adopters dish on the ups and downs of migrating to the OS, including struggles with automatic updates and the strong security benefits.

When Microsoft released Windows 10 in July 2015, many IT professionals sat back, crossed their arms and waited. It's a general rule of thumb in IT not to jump on any technology when it's brand new, and following the flop that was Windows 8, that was especially true for Windows 10. But that wasn't the case at the largest insurance company in Switzerland, which leapt in right away.

The firm, Die Mobiliar, began its Windows 10 migration in October 2015. The IT department planned to upgrade its PCs because they were at the end of their lifecycle, so it made sense to implement new software at the same time, system engineer Sacha Thomet said.

"It was very early, so the project was a little hard," Thomet said. "We had to fight with a lot of issues."

For Thomet and other IT pros with hands-on experience planning and executing a Windows 10 deployment, those issues included software incompatibility, back-end resource consumption, frequent updates and more. But despite the fits and starts for many organizations, Windows 10 has also brought stronger security and a reason to upgrade hardware.

Installation in the trenches

There are a number of different ways to approach Windows 10 migration, and each brings its pros and cons.

At Die Mobiliar, the first step was to test its applications, drivers and other components for Windows 10 compatibility. But a month after that process began, Microsoft released the first update to the operating system. Some of the drivers already installed on the new hardware didn't work afterward, and IT had to start its testing over again because the two builds were so different, Thomet said.

Guys are tasked with constantly testing, constantly readying themselves for the next update.
James RankinHowell Technology Group

Die Mobiliar wasn't the only organization to struggle with the frequency of updates and the significant changes they included. Microsoft automatically updates Windows 10 once a month with a bundle that includes all of the patches and new features from the previous month, giving IT little control. It also takes away features in some updates. The Wi-Fi Sense network sharing feature, which allowed PCs to share Wi-Fi connections and automatically connect to hotspots, saw its end in the August 2016 Anniversary Update, for example.

"Guys are tasked with constantly testing, constantly readying themselves for the next update, finding out what's coming down the pipeline," said James Rankin, end-user computing solutions architect at Howell Technology Group, an IT consultancy in the U.K. "When you get all that sorted out … you've got to start doing it all again. I don't really think anyone expected it to be such a moving platform."

The University of Massachusetts (UMass), Lowell took a gradual approach for just this reason. The school offers so many different customized applications to employees that a mass Windows 10 migration across all computers would have caused major disruption, said Steve Athanas, director of platforms and systems engineering. Instead, individual users get Windows 10 when they're due for a PC upgrade, which is every four years. This method means the university can move to Windows 10 little by little and address any problems with a smaller number of users at one time.

"We have to go a little slower," Athanas said. "We can't really run with it because … we'd break a ton of stuff."

Dealing with the automatic updates was a problem at first, however.

"It's the annoyance of coming in in the morning and turning your computer on and it says, 'Give me 30 minutes while I update' … that we hadn't really planned on," Athanas said. "I don't think Microsoft did a great job of explaining exactly how to sort of manage that in a larger environment."

To better manage that process, the university implemented the Long Term Servicing Branch, which allows IT to receive fewer large updates and defer ones they don't want for several months.

Deploying Windows 10 on new PCs, rather than upgrading old Windows 7 PCs, also means that IT can more easily determine the causes of problems. The desktop image is brand new, so if it blue screens when you turn it on, there must be an issue with the device itself, for example, Athanas said.

"We'd rather deliver people a brand new clean image that we know is fresh is for them," he said.

Windows 10 plans

A large law firm based in Boston, on the other hand, chose to take the mass migration approach. The company moved 1,200 users to Windows 10 over the course of one month early last year, and new hardware was a driving factor.

"Any hardware you buy today is really intended to run Windows 10," said the firm's CIO, who spoke on condition of anonymity. "Hardware today isn't meant to run old operating systems."

To make such a large Windows 10 deployment easier on IT and users, the company set up an appointment system through which people could sign up for specific time slots to make the move. At the appointed time, IT called the user and took remote control of both their new and existing PCs. IT moved the user's apps, data and settings from the existing device's hard drive to a back-end server, then transferred it all to the new PC. Third-party contractors delivered users' new laptops and removed their old ones.

It was an easy process for users, and the only hang-up for IT was the amount of time it took to rebuild the Microsoft Outlook cache on new PCs because of the sheer volume of emails attorneys had saved, the CIO said.

Windows 10 benefits

The biggest plus in Windows 10 is its strong security, said Rankin, who assists organizations with Windows deployments -- including one company's 16,000-seat implementation. Features such as Device Guard and Windows Defender Application Guard can help lock down devices and apps to prevent the spread of malware and other threats throughout corporate networks.

"It's a lot more secure than previous versions of Windows," Rankin said. "It really gives you an extra layer of defense built into the operating system."

At the Boston law firm, the major improvements to BitLocker in Windows 10 meant IT no longer had to rely on third-party tools for encryption, as it did with Windows 7, the CIO said. The data protection feature has existed as far back as Windows Vista, but it now comes with more encryption algorithms that prevent against more types of cyberattacks. UMass Lowell also relies on BitLocker to provide encryption for 100% of its content, Athanas said.

"That's a major bullet in the gun for us," he said. "We want to make sure that we're being very diligent with our student and employee data."

From the user perspective, Windows 10 doesn't have too much of a learning curve. Plus, many business users took advantage of a Microsoft offer that allowed some Windows 7, 8 and 8.1 customers to upgrade to Windows 10 for free during the operating system's first year on the market, Die Mobiliar's Thomet said.

For those that need a little extra help, UMass Lowell provides a website where users can learn about Windows 10 features and other IT services.

Windows 10 drawbacks

But the operating system comes with its downsides, too.

User privacy was a big concern off the bat, for instance, because the first Windows 10 release by default collected data about everything from system diagnostics to device location. Microsoft updated the privacy settings in the Creators Update earlier this year to allow users and IT to turn some data collection capabilities off, however.

"People were very afraid of it," Rankin said. "You've got to be able to turn various bits of this off and be confident that Microsoft is using it in a way that's … legitimate."

Windows 10 also tends to consume more back-end resources, which can lead to performance degradation if the infrastructure isn't prepared, IT pros said. That was the case at Die Mobiliar, but the company had provisioned enough storage and servers on the back end that it didn't have to purchase any new infrastructure systems in the migration's first phase. Instead, it simply reallocated spare hardware, such as file servers, to support the Windows 10 deployment, Thomet said.

James RankinJames Rankin

Microsoft's changes to file-type associations, which determine what application a document opens in, have also caused some problems in Windows 10. If the operating system detects any abnormal file-type associations, it automatically resets them to a default without alerting IT, and the defaults are often not what IT wants. That means users can't access their files, and it has resulted in a lot of support calls among Rankin's clients, he said.

Organizations preparing for their own Windows 10 deployments can learn from the ups and downs of these IT pros' experiences. With automatic updates being a common problem, it's a good idea to get to know all of the available update branch models before adopting the operating system. IT departments should also make sure their applications, infrastructure systems and users are ready for the upgrade -- as well as IT staff themselves.

"That's not hard because they always want to use the latest and greatest," Athanas said.

Read part two of this story about Windows 10 deployment experiences here.

Article 1 of 5

Next Steps

How to upgrade to Windows 10

In-depth guide to Windows 10

Is Windows 10 right for you?

Dig Deeper on Windows 10