Microsoft’s first major operating system upgrade in five years, Windows Vista, is expected to hit the retail shelves in January.

Originally scheduled for 2003, Vista’s release date was pushed back many times due to development delays. And the delays have created openings for the growth of competitors, such as Apple on the desktop and Linux on the server. But Microsoft’s market share remains overwhelming. Like it or not, Vista will eventually become Microsoft’s default OS. So the question is not whether you’ll be making the switch to Vista, but when.

In fact, if your company has a volume licensing agreement with Microsoft, you’ll have a chance to upgrade to the client version of Vista as early as November, when the operating system will be shipped to computer manufacturers and other large customers. (The server version of Vista, still nicknamed Longhorn, isn’t scheduled to ship until 2007.)

Still, there are good reasons why IT managers are saying "wait and see." Upgrades are time-consuming and expensive, requiring lots of testing, training and support. Then there’s the hardware. Vista’s almost certainly not going to run well on older machines.

"IT managers probably won’t make the investment [in upgrading] until after Vista has been on the market for awhile," says Jim Michael, secretary of the board of directors of Share, an IBM users’ group with more than 2,000 member companies representing a majority of the Fortune 500. "You may not see widespread enterprise deployment until after the first service pack comes out." And that could be as much as a year after Vista first ships.

But you’d better begin planning now. Once the OS is widely available, end users (like your CEO) will start asking about it. It will begin showing up on new desktops and laptops. And, if there’s a major security attack aimed at legacy Windows XP systems, you could find yourself under very serious pressure to upgrade fast.

Security and Manageability

Vista offers some enticing features for CIOs. Perhaps primary among them are its numerous security enhancements. "This is an operating system that was built and architected in the age of the Internet," says Michael Gartenberg, VP and research director for JupiterResearch. In contrast to Windows XP, Vista will be much more resistant to Internet-based attacks, he says.

Vista also offers authentication via smart cards in addition to user name and password checking, provides more nuanced user account restrictions and offers strong, hardware-based encryption, which can protect documents when an employee’s laptop is stolen. It will also make it easier for developers to customize their own authentication strategies with biometrics and tokens.