New survey conveys the challenges of the Windows 10 migration
It has been heralded as the last version of Windows you will ever need. This is great news for internal IT. Rather than large abrupt OS version updates such as the cumbrous leap between Windows 7 and 8, the Windows-as-a-Service delivery of Windows 10 will allow for regular incremental improvements and updates. The expectation is to eliminate the arduous elongated process of OS migrations that require significant planning, training and working hours. For those who need any further incentive, there is also the impending end-of-life deadline in January 2020 for Windows 7. Of course, to get to Windows 10, you have to endure one final big upgrade.
Fortunately, Microsoft has taken great strides to simplify the Windows 10 migration process. New deployment methodologies that utilize images, task sequences and provisioning packages make the deployment process far more agile today. That does not mean there aren’t challenges in the process however. The hurdles instead lie in the standardization of the user workspace. It is the details of ensuring that all those configuration settings, applications, printers and security protectants are delivered to ensure a secure productive work environment.
A recent survey conducted by PolicyPak and GPanswers.com set out to learn firsthand about the experiences that businesses are having today in their Windows 10 migration projects. The goal was to find what inherent challenges they are encountering if any, the impact of those encountered issues, and how they were rectified. The results show that despite a greater array of tools to simplify the overall deployment process, some aspects of Windows 10 do not migrate in as automated a fashion as hoped. The survey involved over 500 organizations representing 30 countries and multiple industries. The organizations ranged in size from small businesses of less than 100 users to enterprises with more than 5,000 users.
Analyzing the Survey Results
The first objective in the survey was to find out where businesses currently are in the migration process. Four stages were identified as Planning, Pilot Only, Mid-Migration and Nearly Complete. On average, about 26 percent of all organizations were still in the planning stage. When comparing the survey results according to company size, the greatest disparity occurred within those organizations who are nearing completion. While 42 percent of SMBs with less than 100 employees identified themselves as being in the final phase of the migration process, only 13 percent of 5,000+ user based enterprises report their implementations to be nearly complete. 33 percent of these large enterprises identified themselves as being in the mid-migration stage, and only 10 percent of SMBs reported the same.
The survey identified four challenges involving productivity and system security. The first challenge was the issue of file/application associations. 63 percent of all organizations dealt with this issue, the biggest culprits being Office (90 percent), Acrobat Reader (71 percent), default browser (59 percent), and media players (31 percent). When asked how they managed the issue of unexpected file associations, a majority of organizations (57 percent) chose to manually update a given system or allow users to update the associations themselves. Other companies (25 percent) went about the process of rebuilding and distributing images or some type of file association policy.
The second challenge concerned the task of standardizing the Windows 10 Start Menu and Taskbar. The majority of respondents (57 percent) have a desire to standardize these two desktop areas. The most popular way to accomplish this was to use Group Policy to push out settings (62 percent). Other tools included scripts, SCCM and third party tools.
No discussion of desktop OS migration would be complete without the topic of imaging. Standardizing the Image Deployment process was the third challenge identified in the survey, and aptly so as 73 percent of organizations use some type of imaging software or MDT tools. The primary hardship of imaging is the material investment that is involved in the creation of each image. According to the survey, the process of creating an initial golden image required five staff people for enterprises with over 5,000 users, with each of those staff people devoting 62 hours. On average, organizations with less than 1,000 users allocated 2 people and 15 hours each to the process. Of course, it does not take long for golden images to lose their luster, as customized modifications must be repeatedly implemented. The three most cited customization activities were the removal of non-essential applications, security hardening and Bitlocker setup. The production and testing of subsequent images is time-consuming as well, with SMBs allocating up to 17 hours per person and large enterprises allotting 42 hours per person.
The most surprising finding of the survey concerned how many organizations continue to assign local admin privileges to low-level users. Local admin rights reduction and elimination was the fourth challenge highlighted in the survey and is one that internal IT continues to struggle with. On average, 57 percent of organizations admitted to assigning local admin rights to some portion of their "normal" user base. This percentage generally increased along with the size of the organization with 69 percent of the largest enterprises in the survey following this practice. The two most cited justifications for allocating local admin rights was the ability for normal users to install software and contend with UAC-based elevation issues. Said one survey respondent, "We give local admin rights because the business decision came down that someone might have to install software at 3AM when the help desk is closed."
In the end, the survey clearly shows that the Windows 10 migration process is not as streamlined as many would hope. There is still a sizable degree of trial and error involved in the process. Despite the introduction of new deployment tools, many organizations are in need of some way to simplify the post-deployment process and reduce the involved time and costs of overcoming experienced migration challenges.
Jeremy Moskowitz founded PolicyPak Software after working with hundreds of customers with the same problem: they couldn’t manage their applications, browsers and operating systems using the technology they already utilized. Jeremy also founded GPanswers.com, a community portal for all things Group Policy. Jeremy’s best-selling Group Policy books are on the desks of happy administrators everywhere. Jeremy holds a Computer Science degree from the University of Delaware, was one of the first MCSEs in the world, and has been designated an MVP in Group Policy by Microsoft for over a decade.