Impact Assessment: Windows 10 and Office 365 for the Enterprise Desktop

Introduction

With Windows 10, Microsoft introduced the future of Windows as a service. Unlike traditional operating systems with a shelf-life of three to four years, the "service" model provides more frequent updates that slowly evolve the OS, therefore allowing Microsoft to respond faster to market demands. Their latest Office suite, Office 365, also performs "as a service," with rolling updates and a variety of subscription offerings. These shifts in delivery of essential Microsoft products mark a logical conclusion in the evolution of IT towards enabling end-users to seamlessly navigate available technologies.

To fully understand the implications of Microsoft's new delivery and update structure, it is helpful to first examine the changes that have taken place in enterprise end-user computing and the corresponding IT adaptations. Along the way, we will use Lakeside SysTrack tools to demonstrate the various metrics and system views available to IT through utilization of the software.

The Four Modes of End-User Computing

Legacy End-User Computing

While some organizations are still operationally structured around the "original" IT model

(where IT delivers all software and hardware to end-users exclusively over IT infrastructure and devices), the model only remains efficient as long IT services are synchronized with end-user needs.

Figure 1. A top-down approach to IT

This model puts a significant onus on IT to keep up with a competitive, constantly evolving consumer market while scaling, maintaining, and supporting all possible permutations of user needs.

Figure 2. SysTrack Resolve's Comparative Analytics page allows IT to easily compare a system's performance metrics to average systems in different groups

Even in the traditional IT model wherein infrastructure, network, and endpoint are provisioned and managed by IT, the endpoint is the most privileged vantage point for understanding user experience. SysTrack comparative analytics enable IT to understand the deltas between an underperforming system and a "standard" system based on user role, geography, and, with SysTrack Community, even like-users in other companies. SysTrack Resolve is also useful for tracking down ephemeral issues by enabling understanding of the difference between system performances when a user opens a helpdesk ticket versus when the helpdesk begins to research the problem.

BYOD and COPE

"Bring Your Own Device" (BYOD) and "Company Owned Personally Enabled" (COPE) models emerged as IT procurement and provisioning fell out of sync with end-user needs.

Some users began to use their own pre-populated devices to interact with corporate data (BYOD), other users began installing their own applications (aka "Shadow IT") on corporate-provisioned devices (COPE).

Figure 3. As users gained more autonomy, IT had to adapt their methods of support

IT found themselves in a position of having to support the productivity of business users even though they did not have complete visibility into or control over their endpoints. This led to the adoption of solutions such as application virtualization, virtual desktop infrastructure, mobile device management, and enterprise mobility management where IT either managed one or several isolated environments on an employee owned device, or created a "sandbox" on corporate owned devices in which employees could use Shadow IT applications while isolating those applications from corporate data.

Figure 4. The Black Box tool in SysTrack Resolve allows IT to manage unsanctioned services

To support users who are running "Shadow IT" applications on their devices, IT must stop relying on policy as a productivity assurance mechanism, and assume that support and risk management are two sides of the same coin: User productivity is business productivity, and being able to manage risk requires having visibility. SysTrack enables IT to support users even as they interact with unsanctioned services, especially in the event such unsanctioned services impact end-user productivity or system performance. In the event that such services pose risk to the organization, the same SysTrack capabilities which give IT the power to perform expedited root cause analysis for problem resolution enable security operations teams to gain granular end-point analytics and user activity forensics.

Sanctioned SaaS

The enterprise migration to cloud-based SaaS platforms (such as Salesforce, ServiceNow, Office 365, and Google Apps for Work) has been a significant change for IT organizations that have internally hosted, managed, and supported these products. While these cloud vendors assume much of the responsibility of managing the applications and their underlying infrastructure, infrastructure and operations (I&O) organizations must ensure that their IT operations processes can support a cloud office platform.

Organizations that have sanctioned these applications are adapting to the fact that most support and security-relevant tasks are not under the purview of the provider. The SaaS provider maintains the operating environment and application, but supporting and managing the risk of user interactions within that environment is under the control of the customer.

Effective control over the use of cloud computing in this context operationally means saying "no" is not an option; it's about having the ability to know what is being done within the public cloud, and being able to give proactive and reactive support to users. Additionally, IT must provide affirmative answers to questions from managers, board members, auditors, regulators, and partner organizations that cloud computing is being used effectively and appropriately. By utilizing the innate advantages of the product model, IT can reduce the potential for security incidents and increase business productivity while enjoying the cost benefits of reduced back-end application, datacenter, and network administration overhead. [1]

Figure 5. The adoption of SaaS creates a shared infrastructure between IT and service providers

The IT service desk must also adapt to the cloud application delivery model. Users do not bypass IT when they need help with digital technology support, mobile, and cloud-based technologies. The simple fact is that the end-user will always expect IT to support them regardless of whether IT has provisioned their devices or applications. This puts added strain on support teams to more frequently train the IT service desk on relevant end-user support issues. Additionally, unlike on-premises applications, where the IT organization controls which functionality to release to the enterprise, cloud services often display messages and other communications directly to the end-user. This means users may have learned something from the application, and, in turn, ask questions for which the help desk is unprepared. [2]

Figure 6. SysTrack Resolve's Dependencies tool provides visual insight into the root cause of performance issues

SysTrack enables IT to meaningfully interact with both users and service providers by identifying the root cause of performance deterioration. Being able to understand, in detail, whether a problem is due to user error, endpoint hardware failure, local network latency, or service provider availability enables IT to better support users as well as have supportive evidence in the event the problem is on the service provider side.

Ultimately, the IT organization is fully responsible for the availability and performance of both on-premises and SaaS applications. However, if the application is on-premises, administrators can troubleshoot and restore services autonomously. Cloud applications, on the other hand, put much of this responsibility in the hands of the cloud vendor. Indeed, this is part of the value of a cloud application. However, the IT organization no longer has complete visibility behind service outages, and must more frequently communicate and manage expectations with users. [3]

Windows 10, Office 365, and the Future of Windows/Office-as-a-Service

SysTrack Community data indicates that Windows 10 is being adopted in the enterprise at a much faster pace than Windows 7 was. However, many IT Directors are still debating the right speed to approach the migration and when to get started. Windows 10 differs from all previous Windows versions in some important ways, and marks a significant break from the past. These differences extend even to the processes Microsoft is using to develop and deliver the OS into the market. One of the most significant changes to come with Windows 10 is in how it is updated. Rather than continuing to release new major version upgrades, Microsoft is moving to a more frequent model, which will evolve the OS over time through relatively smaller updates a few times a year. This process change means that Microsoft does not need to deliver all the functionality it has planned at once. It can also more quickly adapt to market demands. As such, the OS is continually maturing and evolving to support enterprise needs. [4]

The impact of this is most pronounced in "Accelerated Updates." The following are different service branch categories that Microsoft created to enable customers to choose how their quickly their devices get updated: Current Branch (CB), Current Branch for Business (CBB), and Long-Term Servicing Branch (LTSB). By putting devices on CBB, enterprises will be able to receive feature updates after their quality and application compatibility has been assessed in the consumer market, while continuing to receive security updates on a regular basis. This gives IT departments time to start validating updates in their environments the day changes are shipped broadly to consumers. By the time CBB machines are updated, the changes will have been validated by millions of consumers and customers' internal test processes for several months, allowing updates to be deployed with this increased assurance of validation. Enterprises will be able to decide if they want to receive updates automatically via Windows Update, or via Windows Server Updated Services to have control through management tools over how the updates are distributed in their environments – however, security updates will be automatic.

In turn, these changes impact how enterprises need to plan their deployments and, in particular, make decisions around the timing for deployment. Critical to making the process work is a process for early detection of a problem after a deployment, and an ability to respond rapidly.

Figure 7. SysTrack can facilitate the monitoring of an increasing complex IT and end-user computing environment

Microsoft recommends Lakeside Software's SysTrack as a facility for identifying and resolving problems associated with accelerated updates. [5] SysTrack can quickly analyze the extent and seriousness of the problem, and aid IT in determining if a fix can be made, or if it is necessary to pause further deployments and (in the worst case) roll back the current upgrade. [6]

Figure 8. With SysTrack Resolve, IT administrators can pinpoint when an update occurred. This function is useful when determining whether an update could be the cause of an endpoint performance issue.

As Windows adopts a SaaS model and Microsoft continues further along the Windows-as-a-Service path, software updates and patches will be rolled out to users directly from Microsoft and their content will be obfuscated in other to prevent threat actors from opportunistic attacks on unpatched systems. Microsoft enables organizations to roll back updates if they can prove the updates have impacted endpoint performance or end-user productivity, therefore understanding the payload content and performance impact of these updates will be increasingly critical to IT in order to identify whether software conflicts or performance deterioration can be attributed to these updates. SysTrack enables IT to gain granular visibility into changes on the endpoint and their respective impact.

Windows 10 and Office 365 adoption is an opportunity for IT to build telemetry into their end-user computing environment from the ground up so that they can best support their end-users as well as efficiently interact with Microsoft and other Software-as-a-Service providers. While there are many tools designed to give IT operational visibility over enterprise infrastructure, when it comes to something ostensibly simple, like users complaining Outlook is "slow" – what tools does IT have at its disposal to validate and measure the business impact of such a problem? Is it user error? Hardware failure? Network latency? Or a service provider issue? This is where SysTrack desktop telemetry becomes a critical component of the end-user computing operational lifecycle.

SysTrack and the Necessity for "Inside-Out" Visibility

IT is tasked with responding to the workforce by addressing their critical business requirements. IT is challenged to efficiently provide users with consistent, robust experiences across devices and locations, minimizing user downtime while securing confidential corporate data, and streamlining provisioning of corporate resources and migration to Windows 10. Increasingly, as Windows and critical business applications like Office are delivered as-a-Service from cloud providers, datacenter and network monitoring and management tools increasingly provide IT with less of the visibility they require to effectively support end-users.

Since the inception of enterprise mobility and consumerization, CIOs have predicted that the role of end-user computing will shift from "management" to "enablement." Enabling people to quickly and easily move from one platform to another while allowing for the rapid adoption of new applications and digital services ensures that end-users, wherever they're working, are able to access the data they need, from an increasingly widening array of devices – thus keeping the business productive. [7]

IT directors leading this transformation are investing in new technologies and integrating them with existing systems of varying degrees of maturity and interdependencies. Some of these investments look to replace traditional end-user services, while others are pulling the organization away from certain legacy systems, many of which are more of a hindrance than a help to new ways of working. The one commonality is that these services are all being aggregated at the endpoint – making the endpoint the most privileged vantage point for support and risk management.

Looking ahead, there are some pragmatic assumptions that can be made. First, computers running Windows will continue to be an important platform across most industries and businesses. Second, with the continued proliferation of SaaS, IT will find it more and more difficult to support something it has increasingly less control over.

SysTrack is a platform architected to quantify endpoint performance and optimize enduser experience by providing actionable telemetry and insights, thus enabling IT to continue supporting end-users as the business migrates to cloud services and SaaS.

SysTrack addresses today's end-user computing challenges, empowering IT to enable employees while simplifying support and risk management through a centralized and unified console. SysTrack enables IT to gain "inside-out" visibility from the endpoint. Whether users are inside or outside the corporate network accessing local, virtualized, or cloud applications, SysTrack assists IT in improving user experience and compliance.

References

  1. D. K. Johnson, J. McKee, C. Voce and M. Mai, "Assess Your Workforce Enablement Maturity," Forrester, 2015.
  2. N. Hill and F. Troni, "Making the Right Choices for End-User Computing Investments Over the Next Five Years," Gartner, 2015.
  3. T. Cosgrove, "Cloud Office Applications Require Bimodal IT Operations," Gartner, 2015.
  4. S. Kleynhans, "Deciding When to Migrate to Windows 10," Gartner, 2015.
  5. K. McLaughlin, "Microsoft Teams With Partner Lakeside Software To Tackle Windows 10 Support Challenges," CRN, 9 October 2015.
  6. S. Kleynhans, "How to Deal With Windows 10 Accelerated Updates on PCs," Gartner, 2015.
  7. Fujitsu Managed Desktop Services, "End-User Analytics," Fujitsu, 2015.

For More Information

SysTrack is available through a network of resellers. Please visit www.lakesidesoftware.com to learn more.