Standardisation is the key

 11 June  |  7 minutes
Standardisation is the key

How to achieve standardisation of a Windows enterprise estate

Standardisation of a Windows enterprise estate is the process of aligning the IT infrastructure, applications, and services with the business needs and goals of an organization. It will improve the efficiency, security, reliability, and agility of the IT environment, as well as reduce costs and complexity. In this blog post, I will explain why standardisation is important, what are the benefits and challenges of standardisation, and how you can use Microsoft tools and solutions to achieve standardisation of an enterprise estate. Throughout the post i’ll generally refer to Windows devices but the principle applies to IOS, MacOS and Android devices as well.

 

Why is standardisation important?

Standardisation is important for several reasons:

  • It can help you optimize your IT resources and investments by eliminating redundant or obsolete systems, software licenses, and skill sets.
  • It can help you simplify your IT management and governance by establishing clear policies, processes, and procedures for deploying, updating, and maintaining your IT assets.
  • It can help you enhance your IT security and compliance by applying consistent settings, configurations, and controls across your IT landscape.
  • It can help you improve your IT performance and availability by reducing downtime, errors, and incidents caused by incompatible or outdated systems.
  • It can help you increase your IT innovation and transformation by enabling faster adoption of new technologies and capabilities that support your business objectives.

 

What are the benefits and challenges of standardisation?

There are many, here’s just a few:

  • Cost savings: You can reduce your total cost of ownership (TCO) by consolidating your hardware and software platforms, rationalising your applications and services, and optimizing your licensing and support contracts.
  • Operational efficiency: You can increase your operational efficiency by automating your IT tasks, streamlining your workflows, and enhancing your collaboration and communication across teams and departments.
  • Business alignment: You can align your IT strategy with your business strategy by ensuring that your IT solutions support your business requirements, priorities, and outcomes.
  • Customer satisfaction: You can improve your customer satisfaction by delivering faster, better, and more reliable products and services that meet or exceed their expectations.

However, it also comes with some challenges:

  • Resistance to change: You may encounter resistance to change from some stakeholders who are used to their existing systems or processes or who perceive standardisation as a threat to their autonomy or influence.
  • Migration complexity: You may face migration complexity when moving from legacy or heterogeneous systems to standardised or homogeneous systems, especially if you have a large or distributed IT estate with many dependencies or customizations.
  • Skill gap: You may need to bridge the skill gap between your current and desired IT capabilities by training or hiring new staff or outsourcing some functions or activities. This is often one of the biggest blockers to change.

 

How to achieve standardisation of a Windows enterprise estate?

Achieving standardisation of a Windows enterprise estate requires a comprehensive approach that covers the following aspects:

  • Hardware: You need to ensure that your devices meet the minimum hardware requirements for running Windows 11, which offers enhanced security, productivity, and user experience features. You can use Microsoft tools such as Endpoint analytics, Update Compliance, or PC Health Check app to assess the compatibility of your devices with Windows 11.
  • Software: You need to ensure that your applications are compatible with Windows 11, which supports most of the applications that run on Windows 10 . You can use Microsoft tools such as Desktop App Assure, Application Compatibility Toolkit, or Compatibility Administrator to test and fix any potential issues with your applications. Note that one of the most important steps when it comes to applications is re-packaging in MSIX format - yes, you need to do this as it’s one of the most effective ways of introducing security (more on this in another post).
  • Services: You need to ensure that your services are compatible with Windows 11, which supports most of the services that run on Windows 10. You can use Microsoft tools such as Azure Migrate , Azure Site Recovery , or Azure Backup to migrate or protect your services on Windows 11.
  • Deployment: You need to deploy Windows 11 to your devices using tooling that allows you to achieve in-place rebuilds.For this I only recommend Intune and Windows Autopilot. Other tools are available but if you’re using E3 or above, it’s an obvious choice.
  • Management: You need to manage Windows 11 devices with Intune. Given the previous point, again the obvious choice.

 

Windows as a Service

Windows as a service is a way of delivering and updating Windows 10 and Windows 11 that simplifies the deployment and servicing of Windows devices. It also provides new features and enhancements more frequently than the traditional Windows release cycle.

Here are some key points:

  • Windows as a service consists of two types of updates: feature updates and quality updates. Feature updates add new functionality and improvements to Windows, while quality updates provide security and reliability fixes.
  • Windows as a service uses different servicing channels to allow organisations to choose when to deploy feature updates. The General Availability Channel receives feature updates annually, while the Long-Term Servicing Channel receives feature updates every two to three years. The Long-Term Servicing Channel is intended for specialized devices that require a stable and secure platform, such as medical equipment or ATMs. Always go for General Availability for normal user devices.
  • Windows as a service also uses deployment rings to enable organisations to test and validate feature updates before rolling them out to the entire organization. Deployment rings are groups of devices that receive feature updates at different stages, starting from the earliest adopters (targeted validation) to the broadest deployment (general availability). Think of these as ever increasing sizes of groups and keep it to a max of five if you can. I usually go with Horizon (support engineers, but not all of them and IT pros), Pilot1 (the rest of the support engineers, more IT pros and key interested parties), Pilot2 (representation of all roles across the business), Broad (everyone else), Critical (automation or key business service devices). Note that C and D level people go in Broad, never anywhere lower despite their protestations!
  • Windows as a service relies on various tools and technologies to manage and service Windows devices. Some of these tools are Windows Update, Windows Update for Business and Intune. These tools can help organisations control the delivery, installation, and configuration of feature and quality updates.
  • Windows as a service benefits both users and IT professionals by providing a consistent and up-to-date Windows experience. Users can enjoy new features and enhancements that enhance their productivity, security, and user experience. IT professionals can reduce the complexity and cost of managing and maintaining Windows devices by using the same tools and processes for all types of updates.

If you want to learn more about Windows as a service, you can check out these resources:

 

Conclusion

Standardisation of a Windows enterprise estate is a worthwhile endeavour that can help you optimise your IT environment and align it with your business needs. By using Microsoft tools and solutions, you can achieve standardisation of a Windows enterprise estate in a smooth and efficient manner.

If you have any questions or feedback, please let me know. 😊

Windows Standardisation

Written By

Paul Bentley

Read more