BrandPosts are written and edited by members of our sponsor community. BrandPosts create an opportunity for an individual sponsor to provide insight and commentary from their point-of-view directly to our audience. The editorial team does not participate in the writing or editing of BrandPosts.
By Cy Whitfield, Stefan Grigorov
Migrating from legacy Windows 7 and 8.1 operating systems to Windows 10 (Win10) was no small undertaking. The migration encompassed all VMware’s global regions and their on-site/remote colleagues. There were numerous challenges, including converting colleagues to a Unified Extensible Firmware Interface (UEFI) from the traditional BIOS firmware, how to migrate settings/files/applications with little or no downtime, how to handle incompatible hardware, and did VMware IT even have the requisite resources to migrate everything internally. Our team chose two upgrade methods—wipe & load and in-place upgrades—as a singular approach might not fit all scenarios across VMware’s multitude of offices. In less than 18 months, VMware IT had achieved 99% migration for 14,000 devices with significant success rates. It also opened the door for success in other areas as well.
Lessons learned—and applied
The sheer magnitude of the Win10 infrastructure upgrade also enabled VMware IT to adapt a modern management (MM) approach for all IT operations. MM enables enterprises to create a solid yet flexible foundation ideal for a world of remote colleagues, cloud- based applications, and all-new security threats. Implemented via VMware Workspace ONE®, MM focuses on four key areas—cloud, deployment, security, and identity.
All management is handled through the cloud, and is always securing VMware colleagues 24/7/365 via our cloud service providers (CSPs). The Workspace ONE Unified Endpoint Management (UEM) enables device provisioning, autopilot (automated updates/installations), and direct factory-to-colleague device delivery (eliminating classic imaging, shipping costs, and ‘middleman’ delays in IT support). This resulted in savings of over $1M. Advanced security features enable a more secure OS that is always up to date regardless of the device or application. And identity protection is assured thanks to Azure Active Directory, VMware Identity Manager TM, single sign-on (SSO), and Windows Hello for Business (WHFB).
We had to ease into things
MM is substantially more complex to implement than it may seem in concept, which is why our teams took a co-management approach that combined both the traditional and the new. While ultimately only a stop-gap measure, co-management means Workspace ONE and the current workplace management solution coexist, enabling a stable and smooth transition to full MM. This allows our IT teams the ability to ‘modernize’ workloads on their timing and with a phased approach—workload by workload and group by group.
Of course, there were other challenges beyond what we encountered in the Win10 migration, like BitLocker management. Migrating this service to Workspace ONE gave our colleagues self-service recovery abilities while omitting the additional tools typically employed. Our team also had to deal with the many corrupted endpoint management agents unable to execute the silent enrollment to Workspace ONE.
What an age we live in
Once MM is fully implemented and our enterprise becomes truly ‘modernized’, there will be significant (and obvious) differences in the company’s IT footprint versus a few years ago. Seamless compliance, over-the-air (OTA) updates, simplified push-button resets, and other advances are allowing an unprecedented colleague experience not bound by time, geography, or device.
Stay tuned to see how this fascinating journey continues to play out.
VMware on VMware blogs are written by IT subject matter experts sharing stories about IT’s transformation journey using VMware products and services in a global production environment. Visit our portal to learn more.