Your goal is to ensure security and application updates are deployed to every end user efficiently, intelligently, and without business disruption. Microsoft wants Windows 10 deployments to be seamless and advises you wait a couple of months for a release to be stabilized before you deploy it. Even then, there is no guarantee all your company’s applications will work with the new OS once you’ve rolled it out.
Traditionally teams would formally lab test and validate every application ahead of deployment, taking up 6-9 months of an 18-month project. Given the increased frequency of Windows 10 updates that is no longer viable. Microsoft suggests you get around this by scheduling updates in ‘deployment rings’ or waves, pushing them to less critical users in the earlier waves so you can correct issues before you deploy to VIPs and other prominent personnel.
For industries with a high number of business-critical users, including financial, pharmaceutical, manufacturing, and healthcare, it’s clear that isn’t going to work. To meet the demands of the new schedule you need to develop an ongoing process for Windows application testing and assign a risk level to each application which defines if and how they will be validated:
- Critical applications - if these fail during rollout, business stops. These still need to be formally tested and validated with the new OS before they are rolled out to everyone.
- Important applications – it would be an inconvenience if these failed, but it wouldn’t disrupt operations. Here is where you can use software pilots – meaning you push updates to 1-2 typical users in the early stages of your rollout, asking those users to validate that the applications work with the new OS, before updating everyone.
- Low-risk applications - as the name suggests, are less of an issue if they fail during an update. For these you may want to define user groups and waves to split them up and further minimize risks, but they can be rolled out without waiting for user feedback.
By adopting this process for Windows application testing, companies today formally test and certify approximately only 15% of their applications, bringing validation time down to 1-3 months, making an annual Windows 10 rollout more achievable.
How to risk-assess your company’s applications
You can use your systems management platform to scan end users’ equipment and create a report that shows which applications they run, but this can create a lot of ‘noise’. You will receive more information than you need and it takes manual effort and time to shape that data into a useful list.
Microsoft suggests using Desktop Analytics, as it assesses technical risks by accessing end user equipment and working out which applications are used and how many employees use them. But on its own, Desktop Analytics is not enough. You don’t see the additional business logic about the users – for example, if they are a VIP or other critical user. It wouldn’t be ideal if operations were halted because an application failed that was only used by a small but critical group. Another limitation is that Desktop Analytics will only allow you to populate deployment waves in SCCM. If you use other systems management platforms, you are going to have to think again.
How to further streamline the Windows application testing process
It’s clear that by managing Windows application testing as an ongoing process, and leveraging software pilots, you can reduce the time of Windows 10 deployments. But whatever method you use to risk-assess your company’s applications, your teams still have a lot of manual work to do to rationalize the list for your business needs.
Managing the software pilot workflow requires even more manual effort and time. First you need to communicate with the users you have identified to ensure they agree to be part of the pilot rollout. Once you have their agreement you must schedule the update and monitor the rollout, working with the users to confirm the applications worked correctly or to rollback and reschedule if things didn’t work out. So how can you streamline the process further?
The answer is to leverage the capabilities of all your tools and systems and automate what you can. By making your systems do the work for you, you can reduce the manual effort, time and costs required for every step of Windows application testing and the entire Windows 10 update - from creating application inventories and applying business logic for risk-assessment, through software pilot testing, certification, mass scheduling, deployment and reporting.