Managing Windows Upgrades: Why Desktop Analytics Is Not Enough

avatar
Published on November 18, 2020 by

Andrew Sweeney

Managing updates to Windows endpoints has changed. Microsoft wants you to stay updated by adopting a service management model, Gartner calls it continuous endpoint engineering. Whatever you name it, the concept is simple: You can no longer treat upgrading the Windows OS as a project - it has to become a process your organization can execute at least once per year without blowing up your users or overwhelming your staff.

Microsoft’s answer, at least for those not yet 100% on Intune, is to use Desktop Analytics. As the name suggests, Desktop Analytics analyzes your endpoint environment to figure out what hardware & applications you’re using and then helps sort out what needs to be tested and what can just be upgraded with minimal chance of issues. It then auto-populates deployment rings in SCCM to help you test, pilot, and distribute the update with minimal administrative overhead.

Sounds simple, right?

Well, for anyone that has managed a Windows 10 upgrade in the past you know it most certainly is not that simple. While Desktop Analytics & SCCM are a great start, these tools only get you a part of the way there. There are still quite a few logistics involved in upgrading the OS on laptops, desktops, and home computers for thousands of end users – especially if you hope to not completely overrun your helpdesk.

A few things to consider when updating your company's Windows endpoints:

  • Machines will be out of commission for 20 – 45 minutes while they reboot and upgrade. Users need to know this way in advance and plan accordingly. Your upgrade process has to consider communications and user scheduling – neither of which are addressed by Desktop Analytics.

  • Desktop Analytics only populates deployment rings in SCCM. If you are using BigFix, Ivanti, Altiris, or any other systems management platform you’re going to need to devise an alternate solution.

  • Desktop analytics is great if all the information you need to plan an upgrade is in SCCM or AD. Those platforms, however, typically lack many of the data points you need to safely plan an OS upgrade. For instance:
    • Where are users physically located?
    • Will they need a support visit?
    • Do they still work here or has their account just not been deleted from AD?
    • Whom do they report to?
    • What SaaS applications do they use which won’t be inventoried by SCCM?
    • Are they VIPs?
    • Which business are they in?
    • Will the machine be upgraded at home or in the office?
    • How many machines do they have – which is their primary?
    • Will admins be migrated before their managers? How do we coordinate that?
    • Have their applications been tested and certified?
    • Is anything being upgraded that the user needs to be told about?
    • Are they attending training?
    • Are they getting a new system this year so no need to upgrade?

The answers to these questions are found by analyzing different systems of record within an organization – ITSM platforms, CMDBs, and HR software among them – and then using that information to orchestrate a deployment that minimizes end user impact as well as IT involvement.

How we do it at ReadyWorks

At ReadyWorks we believe the best course of action is to take a measured approach to Windows Servicing based on several key tenants:

  • Windows servicing is a process, not a project
  • The focus of your servicing program should be a positive end user experience
  • You can’t test everything, but you do have to test some things
  • If it can be automated, it should be automated

Windows servicing is a process, not a project

Since Windows Servicing is an ongoing event, you can’t dedicate a large portion of your staff to the process or bring in outside assistance each year. You must build an automated process that considers every facet of the migration including data gathering, planning, deployment, and reporting.

The focus of your program should be a positive end user experience

Users are not going to like their systems rebooting at inconvenient times, applications breaking because they weren’t tested, or overbearing communications and warnings. Your program must be efficient but also risk averse. 

You can’t test everything, but you do have to test some things

When it comes to testing it's all about the applications. Our experience, which is echoed by Microsoft literature, is that somewhere between 5% - 10% of applications are going to have issues in a given update. The key to automating a windows servicing process is to use upfront testing to make sure none of your critical applications fall into this category, and then use careful pilot planning to capture the other issues and minimize their organizational impact.

If it can be automated, it should be automated

This is where ReadyWorks can help streamline your program in terms of time, cost, and risk. Our platform automates every aspect of a Windows Servicing program regardless of which management platforms you are utilizing. ReadyWorks uses connectors to pull the information it needs from different systems and then automates deployments based upon rich sets of criteria:

  • Upgrade users based upon their department or business unit.
  • Utilize a different process for home-based employees, in-office employees, and VIPs.
  • Coordinate hardware refresh alongside OS upgrade.
  • Allow users to self-schedule themselves based upon your capacity.
  • Automate communications to users, managers, and support teams.
  • Automate application testing and certification.
  • Automate reporting and escalations.

Our customers have used automation to reduce the cost of their Windows Servicing programs by 50% or greater while delivering a more successful program and a superior end user experience. We encourage you to schedule a demo with us to learn a little more about how ReadyWorks can help.