Managing Windows 10 updates has always been a challenge for any large enterprise, and it’s even more complicated now. The sheer number of endpoints, devices and environments has grown exponentially. And, let’s be honest, deploying a Windows update to thousands of employees across multiple office buildings was difficult enough, but now you may be deploying that update to thousands of employees in their homes – each with different equipment and bandwidth.
Most enterprises can’t take the risk of deploying a Windows update without extensive testing of critical applications, thoughtful planning of deployment waves, and precise levels of execution. To take this careful approach at scale for every annual update, you need to automate as much of the process as possible.
There are many tools on the market designed to facilitate updates, but which Windows 10 deployment tools do project managers most need to understand?
Available tools
You’ll find quite a few tools are involved in a Windows 10 deployment – many of them from Microsoft. The work these tools do falls into several broad categories, with many tools in more than one category:
- System Management Tools, which include configuration managers, endpoint managers and inventory platforms. These will scan your company’s devices, create an inventory of hardware and installed applications, and deploy updates or new software. You may also use these tools to request periodic deployment success/fail reports. System management tools include BigFix, Microsoft System Center Configuration Manager, Altiris, Ivanti, Kace, and Microsoft’s InTune.
- Access Management Platforms, which include identity management tools and cloud access security brokers. Used to manage and control user access to online systems, these can help you understand which online applications and resources users need. They include Okta, MCAS and Azure AD.
- Configuration Management Databases, which are the “systems of record” for inventory information. These include ServiceNow, Ivanti, BMC Helix, Cherwell and Flexera.
- IT Service Management Systems, which manage delivery of IT services (usually via tickets) and may also be used to create service tickets to schedule deployments. These include ServiceNow, Ivanti, BMC and Cherwell.
- Microsoft Desktop Analytics, which helps you plan testing and pilot deployments based on installed desktop applications and drivers. However, it requires Microsoft System Center Configuration Manager to function and will not interface with other system management tools.
- Spreadsheets, which you have probably needed to bring together data from all these other tools, as well as to track and schedule deployments.
What these tools don’t do
Successful execution of a Windows 10 deployment requires:
- Accurate, up-to-date data on users, hardware, and software.
- The ability to use that data to plan your deployment.
- Automated workflows and a reduction in administration tasks.
These Windows 10 deployment tools are designed more for engineers than for project managers. They automate portions of the technical aspects of Windows deployments, but leave project management to be done with spreadsheets and a lot of manual data entry, correlation, planning and reporting.
For instance, while system management tools scan your network and report back what is connected, they aren’t usually able to figure out where connected devices are geographically located, who uses them or which business unit they belong to. This information often has to be manually cross-referenced with data from a configuration management database – which may rely heavily on manual data entry. Then, the cross-referenced information is usually added to a spreadsheet.
Plus, network scans are only a snapshot in time. As employees join the company, leave, or move to different departments, you have to keep these spreadsheets updated. Add to this the need to track and coordinate hardware lifecycles and lease expirations – information kept in separate, disconnected systems – and you have a labor-intensive process.
These tools also don’t handle communication or really any interaction with users, which is a critical part of any project. Communicating with users, dealing with questions and support issues, and keeping managers updated on deployment progress can take a significant amount of your time. So can scheduling done manually through spreadsheets or IT service management system tickets. For example, in a 5,000-seat organization, just five Windows 10 deployment-related emails per user over the course of a year translates to 25,000 communications you need to write, plan, and send at appropriate times. Scheduling and rescheduling deployment for 5,000 users is a full-time job – and that’s before you factor in dealing with questions and support issues, plus reports to unit managers.