A recent survey-report commissioned by 1E, Getting Your House in Order, was completed by 600 senior IT decision makers in the US and UK, split evenly between IT Operations and IT Security specialists. The intent was to see if, in the wake of so many devastating cyber-attacks in the last few years, lessons had been learned regarding security basics.
One interesting testing ground was the Windows 10 data. Once upon a time, this wouldn’t be an obvious theme for a “security” survey, but times have changed (as WannaCry impact brutally illustrated). Indeed, 83% of respondents said security was a motivating factor for migrating to Windows 10. That is one reason it’s concerning that, on average, only 68% of machines had already been transitioned. Given that Windows 10 was released in 2015, this is a shockingly low, unsettling statistic.
What was interesting is how much of the study correlated with our findings from talking to customers about their Windows migration difficulties, and what we had come to think of as the “hidden costs” around Windows management today.
1. Remote users. How many remote users do organizations have? For most large organizations, this number increased massively in recent years, yet virtually no organizations today budget for them. Of course, Microsoft’s legacy systems management tooling was developed for the office-based, LAN-style workplace of the 1990s. Right now, however, it’s apparent that Modern Management tools are not yet sufficiently developed to cover the gap.
According to our survey data, until organizations can find a way to effectively reach, patch and secure workers outside the office, remote working will remain a security concern for over three quarters (77%) of respondents. Furthermore, 6 in 10 (62%) identify the migration of remote workers to the latest version of Windows as a challenge.
Think about how this plays out during a Windows upgrade or migration. The last thing a remote worker wants to do is come into the office (wherever that office is) for an IT update. Nor do they want to have to ship the machine in. What they increasingly expect (and unanimously prefer) is the same self-serve functionality they have with their mobile devices: To be able to upgrade the machine, to rebuild it if it’s not functioning properly and to transfer to a new one (when necessary), with all their personalized content and applications intact. Of course, if they do have to come into the office, or have things shipped from the vendor to the office to the user, that increases both costs for the business and IT resource demands.
2. Small offices. Another related cost comes from the number of small offices an organization maintains.
Any organization that is providing a service nationwide, and certainly worldwide, is likely to have a large number of small offices. These have one, standout challenge: If the office is small enough (i.e. ten or twenty users), then it becomes prohibitively expensive to run a server there, or to have local IT support. Multiply these costs by the number of small offices, and you’re looking at significant overhead with minimal returns.
While organizations really don’t want to put servers out at every location, they face all kinds of challenges in terms of managing machines in remote locations if they don’t.
For instance, during a Windows 10 migration, the question of whether or not you have a server in a small office becomes an issue when you go to boot every workstation from a remote machine. If you’re looking to store user data, settings, etc. while a machine is rebuilt and before reinstalling them, having servers simplifies this process. If you don’t have servers, you have to send an engineer to that work location. This drives costs up more because the company is not only paying for the engineer’s time, but also for workers who are unproductive while waiting to have their laptops rebuilt. That’s why the priority should be putting users in charge of their migration themselves, wherever they are, so organizations can improve end-user experience without hurting the bottom line.
3. Applications. Applications pose another Windows migration challenge resulting in additional “hidden costs.” Apps are a huge part of why we use Windows in the first place. While most conversations typically revolve around the OS upgrade process itself, we neglect to draw attention to the fact that users access those applications through the OS, allowing almost all professionals to do their job.
But if you look at standard systems management tools, they usually involve very little application management automation, which could ensure, for example, that when a machine is upgraded, replaced or rebuilt, all the applications used on an old machine are put on the new machine, upgraded where they need to be, and potentially removed or replaced with alternatives when they are not used. This reduces cost, rather than increasing it.
The lack of native automation capability around these systems management tools means delays and – frequently – (you guessed it!) hidden costs.
None of these factors are a business’s ‘fault’. How can you blame the organization for being successful and having lots of offices? How can you blame a company for having a modern work environment with lots of people that can work while traveling or from home? Or for embracing digital transformation? These are key conditions for almost any successful organization, and yet, as things currently stand, companies are automatically penalised for them.
All of these examples introduce costs that impede upon a completed Windows 10 migration. This not only prolongs and exacerbates vulnerabilities, but it results in more costs due to the “tax” that will impact all organizations not fully migrated when Windows 7 support is cut off January 2020.
Returning to our survey data, however, it isn’t all doom and gloom. Yes, there’s widespread concern that migrations aren’t happening quickly enough (56% of respondents). But there’s also a clear appeal for additional automation capabilities that could enhance traditional and new Microsoft capabilities during this transitional period between legacy infrastructure and future ones. An overwhelming 80% of respondents called for an increase of investment specifically around the automation of the migration process.
Of course, Windows 10 isn’t just a migration challenge – with patches and new releases, “Windows Servicing” is a continual task. The business needs to invest in automation tooling in order to future-proof their operations, increase security and reduce on-going costs.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.