It’s been one year since the release of Windows 10 and many enterprises have yet to adopt or are still in the early phases of adoption. With the Windows 10 Anniversary Update due on August 2, Windows 10 deployments will be a top discussion item again. Any OS migration is a big exercise, and many of those organisations that have upgraded to Windows 10 are encountering challenges with the new update model. While Windows 10 has moved to a continual update model providing a constant stream of new features and fixes, many organisations face challenges in managing and keeping up with these updates. However, keeping software up to date is a foundational element of maintaining security.
Windows 10: Is it worth the update?
Is migrating to Windows 10 worth the time and effort? Definitely. Windows 10 is a big improvement over Windows 8/8.1, which was a radical departure from the intuitive user experience of the past and received a lot of negative feedback resulting in limited adoption by enterprises. Windows 10 blends the comfortable user experience of Windows 7 with some of the new application and user experience of Windows 8, and adds many new features like universal apps, Cortana (voice assistant) and one Windows across multiple devices. Windows 10 is a worthy enterprise replacement to Windows 7 which ends support in January 2020.
Windows 10 Anniversary Update
Windows 10 receives new features twice a year, unlike previous Windows versions which were released every two to three years. And the Windows 10 Anniversary Update introduces many new features that benefit users and enterprises.
Some of note include Windows Ink, which is a new way to intelligently take notes, markup documents or sketch by finger or pen; improved Cortana, which is widely considered the best digital assistant and will identify key information like appointments from email in many languages; and Windows Hello, which allows end users to login or make Windows Store purchases with face or fingerprint authentication.
Adoption challenges with Windows 10 updates
While there are many benefits from Windows 10 updates, there are inherent challenges and risks that should be considered. Some estimate that Windows 10 is on 350 million devices, with Microsoft originally aiming to be on 1 billion devices by the end of 2018. This goal may be hindered, however, by slower adoption rates from enterprises facing the challenges of adopting the changed update model.
Patching and application compatibility
The biggest challenge for Windows 10 updates is their cumulative nature. Unlike previous versions of Windows, all patches are included in an all-or-nothing, cumulative package. With this approach, there is less decision making for consumers and less flexibility for the enterprise. Patches breaking third party applications has been a challenge for many years and enterprises have often addressed this issue by simply not installing problem patches. The risk of a vulnerability was offset by maintaining application availability.
With Windows 10, patch exclusion is no longer an option without incurring significant risk. By avoiding a monthly update, the risk grows from one or a few vulnerabilities exposed by a single patch to multiple vulnerabilities not fixed by all of the other patches included in the update. This risk is further compounded in subsequent months as the problem patch continues to be included in all future updates. Enterprises will need to have a new approach to application incompatibility, which may include greater risk mitigations, virtualising problem applications, or pushing for responsive updates from third party application vendors.
Application compatibility issues with Windows 10 came to a head in January 2016 when the Windows 10 update broke Citrix XenDesktop. The January 2016 update fixed 14 vulnerabilities across Windows 10, Edge and Internet Explorer. Four of these were publicly disclosed, which puts them as significantly higher risk of exploit. Fortunately for those affected, Citrix provided a patch six days later, but smaller application vendors may not be as responsive. Issues like this forces enterprises to decide between application availability and risk exposure.
Another challenge with Windows 10 patches is the size of the updates. For example, the July 2016 Windows 10 x64 update for the 1507 (the GA update) was 915 MB. The total size of the Windows 8.1 x64 patches for July 2016 was 78.4 MB. Do the math and you’ll see the Windows 10 update is over 11 times larger than the Windows 8.1 patches!
A big reason for this size disparity is that Windows 10 updates are cumulative, but they also contain bug fixes. Nonetheless, the size of these updates create distribution challenges nonexistent in previous versions of Windows. If an organisation doesn't have the capabilities to push these updates in a fashion sensitive to their bandwidth, it can have a huge impact on the network not to mention the storage on the end devices.
Along with the changes in patching in Windows 10 comes the significant new model of branch upgrades. Branch upgrades are comparable to service packs, but are released more frequently with updates expected twice a year. The only branch upgrade to date was 1511 released in November of 2015. Unlike service packs of the previous versions of Windows 10, 1511 was much larger and much more disruptive.
The upgrade package for a x64 version of Windows 10 is a whopping 4.0 GB. The large size is only exacerbated by the time and disruption of an upgrade. Upgrades will put Windows 10 computers into an usable state for roughly 30 minutes. During this time, end users will be unable to do any work while they wait for the process to complete. Large-sized upgrades that require a lengthy process introduce added challenges for enterprises with distribution beyond what the monthly cumulative updates demand. Enterprises will need to plan for this biannual downtime and the potential for issues that come with these upgrades.
Enterprises won’t have the option to stay on Windows 10 branches indefinitely without exposing their systems to risk; branches will not receive security patches once the subsequent two branches have been released. This lifecycle can be as short as 14 to 18 months, depending on the type of branch used. Therefore, enterprises will need to develop a reliable upgrade process that can keep computers on a supported branch.
What the future holds
I predict that over the next year, there will be both hindrances and incentives to adopting Windows 10. Cumulative updates will continue to grow, making an impact on the network and client storage for enterprises. Branch upgrades will also strain storage, frustrate users with the lengthy upgrade time and push IT as they support this process. Third-party application compatibility challenges will continue to surface as enterprises expand their Windows 10 deployments. Microsoft and third party vendors will be under pressure to help, but ultimately the customer will bear the risk.
Though these are real issues, Windows 10 is such an improvement from its recent predecessors that it will be worth it. The update will be well-adopted by enterprises, but the pace of this adoption will depend on their ability to adapt to the new challenges. Enterprises contemplating updating to Windows 10 should create a roadmap for its adoption and maintenance to set themselves up for seamless integration and success.
Stephen Brown, Director of Product Management at LANDESK
Photo credit: Stanislaw Mikulski / Shutterstock