by Woody Leonhard

10 key warnings for your Windows 10 migration

Oct 10, 2017
IT LeadershipIT StrategySmall and Medium Business

If you’re looking at a Win10 rollout, like Damocles staring at the sword, there are a few important tidbits that every executive needs to understand. Here is your report from the Win10 trenches.

Broken window with Windows 10 logo
Credit: Thinkstock/Microsoft

With Windows 7 a couple years away from its end of service date, January 14, 2020, many companies face Hobson’s choice: It’s the Win10 way or the highway. For those unwilling or unable to switch away from Windows, the path forward is clear. Barring a sudden turnaround in Microsoft’s stated intentions, or a Midas-sized bag of coins to fund a private extended support agreement, Windows 10 looms in your future.

Whether you embrace the change or abhor it, there’s a handful of pesky observations and questions that you ignore at your peril. Speaking for those of us who have been slogging through (and writing about) Win10 for years, here are the Win10 migration warnings that come bubbling to the surface.

1. You’re signing up for the Windows 10 update treadmill

Unlike the versions of Windows you’re used to — where big updates happen every five years or so — Win10 is locked into a six-month update cadence. Many of those updates won’t have much that’s important for you or your customers, but you’re on the treadmill whether you like it or not.

[ Beware the 12 ‘best practices’ IT should avoid at all costs while heeding the 9 forces shaping the future of IT work. | Get an inside look at 13 real-world digital transformations. | Get the latest insights by signing up for our CIO daily newsletter. ]

In a nutshell, new Windows 10 versions (which have appeared sporadically in the past) will, henceforth, appear every six months, in March and September. Each version will be supported for 18 months. Although we haven’t gone through a full six-month cycle as yet, and the terminology changed as recently as last month, Microsoft seems intent on synchronizing Windows, Windows Server and Office 365 rollouts, all in lockstep.

Overview of Windows as a service: Feature update timing Microsoft

You may have heard terms such as “Current Branch for Business” and “Windows Update for Business” but they don’t apply any more. We now have a “Semi-Annual Channel” and its variants. Organizations are expected to run pilot programs and start broad deployment of a new version based on the results of those programs (screenshot). Microsoft will no longer give a clear go-ahead signal with the “for Business” designation.

We don’t have a lot of experience with this new approach, having seen it in action just once, on July 27, 2017, when Microsoft simultaneously announced the end of the “Current Branch for Business” designation, and declared that the Win10 Fall Creators Update is “fully available to all our customers.” It isn’t clear how Microsoft will signal its blessing in the future, but it is clear that your organization will have to evaluate new versions without a definitive “this is ready” signal from Microsoft.

2. The Long Term Servicing Channel holds some respite

If the twice-a-year new version pace makes your head spin, there’s some consolation in a separate version of Win10 called the “Long Term Servicing Channel” or LTSC (formerly Long Term Servicing Branch). Microsoft has promised that machines running the LTSC version of Win10 will receive security patches for ten years, but no feature changes.

Currently there are two LTSC versions of Win10: The 2015 Enterprise LTSC version, based on the original “RTM” version of Windows 10, commonly called version 1507; and the 2016 Enterprise LTSC version, based on the Anniversary Update, version 1607. Microsoft anticipates that new LTSC versions will appear “every 2 or 3 years” with the next one expected in 2019.

LTSC versions of Win10 are available only through Software Assurance, and only for Win10 Enterprise. Some of your machines may be relegated to LTSC, but be aware of the fact that Microsoft recommends they only be used in highly static environments:

Long-term Servicing Channel is not intended for deployment on most or all the PCs in an organization; it should be used only for special-purpose devices. As a general guideline, a PC with Microsoft Office installed is a general-purpose device, typically used by an information worker, and therefore it is better suited for the Semi-Annual servicing channel.

Also note that LTSC versions of Win10 Enterprise, to date, do not have Edge or Cortana, do not offer access to the Windows Store, and include none of the standard Store apps: Mail, Calendar, OneNote, Weather, News, Sports, Money, Photos, Camera, Music and Clock.

3. Application compatibility issues are supposed to be getting better

Microsoft says that upgrading your line of business (LOB) programs to Windows 10 from earlier versions of Windows should be much easier than any previous version upgrade:

Most Windows 7–compatible desktop applications will be compatible with Windows 10 straight out of the box. Windows 10 achieved such high compatibility because the changes in the existing Win32 application programming interfaces were minimal. Combined with valuable feedback via the Windows Insider Program and telemetry data, this level of compatibility can be maintained through each feature update. As for websites, Windows 10 includes Internet Explorer 11 and its backward-compatibility modes for legacy websites. Finally, UWP apps follow a compatibility story similar to desktop applications, so most of them will be compatible with Windows 10.

In my experience, many traditional Win32 LOB programs come through a Win7-to-Win10 upgrade relatively unscathed — although you have to pay particular attention to .NET changes, and the Internet Explorer Compatibility View may save your bacon. When it comes to upgrading Win 8.1 UWP apps to Win10, thar be tygers.

If you aren’t sure whether a particular third-party application is up and working with Win10, and what version changes may be in store, Microsoft has an exhaustive list on the Ready for Windows site.

The problem, of course, is that you have to re-evaluate and re-test your programs every six months (or, if you decide to skip a version or two, every 12 to 18 months). That argues well for an automated app testing regimen.

4. Automate upgrades as much as possible

In fact, the whole process of testing version upgrades — Windows itself, programs such as Office, drivers, and LOB apps — is screaming for automation. Michael Niehaus — who’s become the face of Microsoft’s Windows as a Service — recommends that you look at the process in three steps:

Windows as a service deployment cycle Microsoft

The never-ending six-month cycle that Niehaus recommends goes like this:

  • Plan and Prepare: run the Insider beta builds on test machines
  • Targeted Deploy: when the new version is released, deploy it on 10% of your machines to see if there are any problems
  • Broadly Deploy: “For some organizations, broad deployment can begin quickly; for others it can take longer. It is up to each organization to determine when to make that transition.”

It’s important to realize that the steps overlap each other: If you’re going to stay on the every-six-month schedule, you need to be at the Plan and Prepare stage at the same time you’re on the Broadly Deploy stage, particularly if shaking out bugs takes four months.

If that sounds like a full-time job, you’re likely right. In a larger organization, planning and churning through new versions of Windows every six months may well warrant a sizable staff. It will certainly require hardware and software resources.

David das Neves, an engineer at Microsoft Germany, has developed a detailed procedure to break out the steps and automate some of the process. At the core of his idealized deployment infrastructure: System Center Configuration Manager (SCCM). His description is lengthy and complex, but larger organizations may well save time and resources if they can put the full mechanism in place.

5. Plan on a backlash

No matter what you do when you roll out a new version of Windows, you’re going to get backlash. Some of it’s trivial, but a lot of it has to do with “muscle memory” and retraining. The initial step from Win7 to Win10 will draw howls of pain, frequently from your most experienced users (and staff!).

You can ease some training concerns by changing the way Win10 works, to align the Start menu more closely to the familiar Win7 Start menu. Two third-party tools draw a great deal of praise: Start10 and Classic Shell. They won’t silence your harshest internal critics, but either will help bridge the gap.

6. Licensing gets hairy

Windows 10 brings new twists and turns to the arcane art of Windows licensing. You are no doubt familiar with the old world: Enterprise (and Academic) Edition, Volume Licensing, Software Assurance. In the new world, you get to work with E3 (roughly analogous to Software Assurance), E5 (includes Advanced Threat Protection), and many variations on those themes. And then there’s Azure.

You can rent Win10 E3 and E5 with a Volume License from Microsoft, or from Cloud Solution Providers. In addition, you can rent the Win10 Secure Productive Enterprise E3 or E5 package, which includes Office 365 and Enterprise Mobility + Security. If you currently have a license for Win7 (or 8.1) and you jump to the Secure Productive Enterprise level, your older machines can be upgraded to Win10 free.

While your head’s spinning anyway, you can now rent E3 with Azure Active Directory and other cloud support, through the Windows 10 Enterprise E3 in CSP program for $7 per user per month. You can rent E5 in a similar fashion, but the Cloud Solution Providers set the price. Both let you run Win10 Enterprise on up to five devices per user, but the rules for managing those devices is complex.

Licensing is a minefield. Best to consult an expert.

7. Security is better in Win10, but you need people who can manage it

To many people the No. 1 reason — arguably the only reason — for moving to Windows 10 is its improved enterprise-level security. There’s a great deal of merit to that assertion. Microsoft always claims that its latest version of Windows is “the most secure ever.” With Win10, though, the defenses have certainly ratcheted up.

In no small part that’s because the nature of attacks has changed significantly over the past few years. In the not-so-good old days, the attackers were largely ad-hoc individuals or small groups, frequently with nothing greater than creating mayhem in mind. Nowadays, attacks run the gamut from ransomware to personal data mining on a massive scale. Attackers are frequently both well-versed and well-heeled.

Microsoft has a good high-level view of the problems and their Win10 solutions in “Mitigate threats by using Windows 10 security features.” As you read that article, keep in mind the caliber and commitment of individuals you’ll need to hire to make it work.

8. Your Win7 machines can likely handle the shift — but watch out for drivers

I hear a lot of complaints from organizations that tried to upgrade to Win10 but hit a stumbling block and quickly returned to Win7. They’re once burnt and twice shy, don’t want to head down that trail again, and for good reason.

If you’ve encountered problems making the move, and you’re caught between a rock and a hard end of lifetime deadline, keep two things in mind. First, at least in my experience, drivers are responsible for a lot of the angst. Make sure you have the right drivers (and firmware!) before you try again. Many hardware manufacturers refuse to update their drivers for Win10 — they stand to make more money by convincing you to buy a new machine (or new version of their product), rather than provide a free update for an older one. Unfortunately, there isn’t much you can do about it, other than vote with your pocketbook.

Second, the Win10 installer is getting better. If you bounced off the version 1507 installer (that’s for the original version of Windows 10 “RTM”), you’re going to find the upgrade to 1703 (Creators Update) or 1709 (Fall Creators Update) may go much more smoothly.

It’s quite unusual for a working Win7 machine, with updated BIOS and Win10 drivers at hand, to crash and burn on an upgrade to Win10 1703.

9. Don’t try to go cold turkey

There will be many people — perhaps a majority, and especially your most experienced users — who don’t want to dump the old, familiar machine and its quirks, replacing it with a new operating system, or even a flashy new machine. Bribing a stalwart Win7 user with a fancy new tablet may not be the best approach.

Several times, I’ve seen a gradual approach work better. When influential users are given the option of running with their old machine at the same time they’re trying out a new machine, they’ll frequently find themselves migrating to the new machine, even if they feel more comfortable in Win7. The biggest impetus I’ve seen: They start using Win10 outside of work, and warm up to using it at the office.

Lots of carrots. Hold off on the sticks.

10. Expect everything to change, quickly

The concepts, terminology and approaches of “Windows as a Service” have all changed in the past couple of years. Some of the defining aspects of Windows as a Service, as it was first defined, no longer exist. There’s no Current Branch for Business, for example, nor is there a coherent Windows Update for Business framework. Both of those concepts were tossed away in the past few months, compliments of a handful of official blog posts.

You can think of the morphs as Microsoft making it up as they go along, or adapting to changing circumstances. Or you can view it as a result of stumbling to do something that’s never been done before. Regardless of the backstory, what you know now about Windows 10 may well become obsolete in the next few months.

Unlike the days of XP and Win7 and 8.1, when you had a major shift at most every few years, the future won’t be so stable.

That means you have to keep up to date. No, you don’t have to don a Mixed Reality headset (although you may enjoy it!). No need to consult Cortana or ink a web page in Edge, write a Linux program, use emojis (much less animojis) or remix a story. Running the latest beta builds will drive you nuts, guaranteed, but that’s always been the case.

The world’s changing fast. Even with Windows.