How different is your migration to Windows 10? David Biot Xylos
It’s really happening From DIGITAL at the SIDELINE To DIGITAL in the CORE
The Recipe The Solutions CHANGE SOCIAL Digital coaching Collaboration ICT Training Information Management / Business intelligence E-Learning Unified Communications Apps DIGITAL WORKPLACE INTELLIGENT CLOUD Identity Composable infrastructure Application delivery Hybrid Cloud Mobile Networking/Security Management Automation Internet of things Analytics Mixed reality
Who am I? David Biot Competence Center Lead IT Lifecycle Management >8 years of experience with Client and Datacenter Management Tools David.Biot@xylos.com @davidbiot www.linkedin.com/in/davidbiot
9 th of March 2017 • Why is a migration to Windows 10 different than previous Windows migrations 16 th of March 2017 • Windows 10 and security: a scenario-based approach 23 rd of March 2017 • Managing Windows 10 from the cloud 30 th of March 2017 • Onboarding your Windows 10 users with Oase
Windows 10: What it’s all about
One Converged Windows Platform
200+ Days $146-$188 per device Decade-old PC tech, I’m worried about security Median # of days attackers are Cost of keeping user devices up to infrastructure, and threats and managing the present before detection date and secure processes drive up IT risk to my business. costs and slow business $3.5M $1,930 per PC agility. Average cost of data breach (15% Cost of upgrading Windows XP to YoY increase) Windows 7 80% of workers 41% of CEOs spend a portion of their time expect digital revenue to double We need to capitalize on My employees need to be working outside the office over the next 5 years new business opportunities productive on every quickly. device they use. 38% of Millennials 47% of existing revenue feel outdated collaboration tools considered to be under threat in the hinder innovation next 5 years Sources: Gartner, Ponemon Institute, IdeaPaint, MIT Center for IS Research
Windows 10 Enterprise Safer and more secure More productive More personal Powerful, modern devices Windows Information Protection Azure Active Directory Join Windows Store for Business Windows 10 for Industry Devices Windows Hello Mobile Device Management Cortana Management Innovative designs Credential Guard Application Virtualization Managed User Experience New experiences Device Guard (App-V) User Experience Virtualization Best in class performance (UX-V) AppLocker Windows Ink Windows Defender Advanced Threat Protection The most trusted platform Always up to date The most versatile devices
Home Pro Enterprise Productivity & user experience | Familiar and productive user experience Windows 10 edition comparison Windows Ink 1 Start Menu and Live Tiles Tablet mode Continuum for phones 2 Voice, pen, touch, and gesture 3 Cortana 4 Microsoft Edge Management and deployment | Enhanced management features to empower device and app management and deployment Group Policy Mobile Device Management 5 DirectAccess AppLocker Enterprise State Roaming with Azure Active Directory 6 Windows Store for Business 7 Assigned Access Managed User Experience Dynamic Provisioning Microsoft Application Virtualization (App-V) 8 Microsoft User Environment Virtualization (UE-V) Windows Update Windows Update for Business Shared PC configuration Security | Delivers critical security capabilities, system and app updates, and the compatibility you need to help secure your devices and infrastructure from modern threats Windows Hello 9 Windows Hello Companion Devices 10 Windows Information Protection 11 Device encryption 12 BitLocker 13 and BitLocker to Go Credential Guard 14 Device Guard Trusted Boot Windows Device Health Attestation service 15 Windows fundamentals | Core features included in Windows Domain Join Azure Active Directory Domain Join, with single sign-on to cloud-hosted apps 16 Enterprise Mode Internet Explorer (EMIE) Remote Desktop Client Hyper-V Reflects Anniversary Windows to Go Update features BranchCache
What’s next? Windows Creators Update https://www.microsoft.com/en-us/windows/upcoming-features https://www.howtogeek.com/278132/whats-new-in-windows-10s-creators-update/ Windows Business Roadmap https://www.microsoft.com/en-us/WindowsForBusiness/windows-roadmap
Windows 10 is on a roll! Microsoft by the numbers
Windows 10 Security
MODERN SECURITY THREATS “THERE ARE TWO KINDS OF BIG COMPANIES, THOSE WHO’VE BEEN HACKED, AND THOSE WHO DON’T KNOW THEY’VE BEEN HACKED.” JAMES COMEY, FBI DIR EC TO R
“CYBER SECURITY IS A CEO ISSUE .” 200+ DAYS $ 3 TRILLION $ 3.5 MILLION Cyber threats are a material risk to your Median number of days Impact of lost Average cost of a attackers are present on a productivity and growth data breach business victims network before (15% YoY increase) detection 46 % 23 % 50 % Attacks are fast, efficient, and easier of compromised systems had of recipients opened of those who open, no malware on them phishing messages click attachments within than you think the first hour
SAFER AND MORE SECURE Detect compromised Replace passwords, Only run software Protect sensitive devices quickly protect identities you trust corporate data Strengthen auth. with Eliminate Malware on corporate Automatic encryption with Use behavioral detection, cloud, biometrics and hardware-based devices persistent protection and human threat intelligence to multi-factor quickly identify compromised devices Windows Hello Secure Boot Windows Information Windows Defender Protection Advanced Threat Protection Device Guard Windows Hello for Business Windows Defender Companion Device Framework Credential Guard
WINDOWS 7 WINDOWS 10 Windows Trusted Boot Windows Hello Credential Guard Device Guard Enterprise Data Protection Windows Defender ATP
US DEPARTMENT OF DEFENSE Pentagon to move fast in shift System Update: Pentagon Microsoft landed a huge deal to to Windows 10 Upgrading 4 Million Devices to bring Windows 10 to 4 million Windows 10 Defense Department employees Pentagon orders Windows 10 to be Microsoft Receives The Microsoft Sells U.S. Defense installed on all 4 million of its PCs Ultimate Windows 10 Security Department on Windows 10 Proof Point…
Windows As A Service
Introducing Windows as a Service
Deploying Windows 10
Deployment Strategies Wipe & Load In-Place Upgrade Provisioning Let Windows do the work Familiar enterprise process for all New capability for new devices scenarios 1. Preserve data, settings, apps, Transform into an enterprise device drivers 1. Capture Data / Settings 2. Deploy (custom) OS image 2. Install (standard) OS image Remove existing items 3. Inject Drivers 3. Restore everything Add organizational apps Add organizational configuration 4. Install Apps 5. Restore Data / Settings
Deployment Strategies – In Place or Wipe & Reload? New Device Existing Device Architecture (x86 x64) BIOS UEFI Bulk app change Base OS language Disk partitioning Domain WinPE Offline Operation Local Administrators 3rd party anti-virus Configuration drift 3rd party disk encryption* Moving from XP or Vista Custom base image
Deployment Strategies – In Place or Wipe & Reload? New Device Existing Device Might change with Creators Update: Architecture (x86 x64) BIOS UEFI Bulk app change Base OS language Disk partitioning MBR2GPT Domain WinPE Offline Operation Local Administrators 3rd party anti-Virus /ReflectDrivers Configuration drift 3rd party disk encryption* Moving from XP or Vista Custom base image
Management Choices Basic Lightweight Full Control Traditional Mobile Device Management Update Approach
Windows 10 Servicing
Windows as a service: Servicing Windows With Windows 10 servicing, consistency and simplicity are paramount
Threat protection over Game change with C A P A B I L I T Y time Windows as a Service Attackers take advantage of Disrupt and out innovate our periods between releases adversaries by design T I M E T H R E A T W I N D O W S R E L E A S E S O P H I S T I C A T I O N
What needs to change Traditional deployment (every 3 - 5 years) 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 Apps Infra Imaging Deploy Windows as a service (twice per year) 2009 2015 2016 2017 2018 2019 2020 2021 2022 2023 2024 2025 2026 2027 2028 Apps Infra Imaging Deploy
Windows as a service: Building Windows Millions 10’s of thousands Users Broad Microsoft Engineering Microsoft Insider Preview builds internal Branch validation Time ~6 months
Windows as a service: Deploying Windows Hundreds of millions Several Million 10’s of thousands Users CBB (Business Ready) Microsoft Insider Broad Microsoft CB (Release Ready) Engineering Broad Deployment Preview Branch builds internal validation Pilot Pilot Ring Time Pilot Ring IT Pilot Ring QA Broad Early Adopters Broad Deployment Broad Deployment Ring I Deployment Broad ~6 months Ring II Deployment Ring III Ring IV 16 + months *Conceptual illustration only
Recommend
More recommend