The clock is ticking towards the end of support for Windows 7. There is just one more year left in the aging operating systems extended support lifecycle. A lot of enterprise customers have already begun their migrations to Windows 10 over the last couple of years and are likely in the final stages of those efforts -- but what about those who have not even started this process?
Let’s look at the options available for these different scenarios.
One caveat: Simply choosing to remain on Windows 7 without any security patches moving forward is a bad decision across the board and for many reasons. We do not recommend this as an option for anyone. However, our recommendations will address any straggler machines you expect to have remaining when the end of support for Windows 7 happens next January.
It is understood there will be some compatibility issues with line of business software and older hardware which are business-critical. In order to be fully supported on those Windows 7-based devices, IT pros have a few options.
Extended Security Updates (ESU) for Windows 7 end of support were announced by Microsoft back in September 2018. These continued patches are sold on a per-device basis and that pricing will go up each year until they end in January 2023. Access to purchasing an ESU contract is limited to customers who get Windows 7 Professional or Windows Enterprise through Volume Licensing. Those customers with Windows Software Assurance or who are already getting Windows 10 Enterprise and/or Education versions through a subscription can get a discount on their ESU contracts for their final Windows 7 machines.
When it is released later this year, Windows Virtual Desktop (WVD) on Azure could be a workable solution for some customers. Although it is primarily focused on providing a virtualized Windows and Office environment for a multi-user Windows 10 scenario, it also offers Windows 7 as a virtual desktop option. The Windows 7 Virtual Desktop on Azure includes at no extra cost a full three years of ESU. If you are already an Azure customer, that means your only cost to use this virtual Windows 7 environment is for storage and compute for the virtual machines.
If a primary concern is line-of-business app compatibility with Windows 10 as you migrate from Windows 7 then you should check out Microsoft’s Desktop App Assure service which was announced last year at Microsoft Ignite 2018. This Microsoft FastTrack program’s main goal is to help IT pros fix those compatibility issues, so software compatibility is not a hindrance to finalizing Windows 10 migration. This service is free of charge to Windows 10 Enterprise and Windows 10 Education customers. Microsoft announced on Monday that the Desktop App Assure service is now available globally.
When Windows 7 end of support arrives in January 2020, there are supported options to continue using that operating system beyond its end of lifecycle support date. All these options keep an enterprise's remaining Windows 7 devices on the latest security updates to protect critical customer and company data.
Next, let’s talk about the final stages of your Windows 7 to Windows 10 migration that is already in progress. ITPro Today spoke with Sumir Karayi, the Founder and CEO of 1E, a global provider of cybersecurity services. We discussed what challenges many companies were likely facing in the final stages of their migrations as they work towards the end of support for Windows 7 next year.
Karayi said that based on experience with various Windows migrations since 1997, he believes most medium-to-large size organizations currently in a Windows 7 to Windows 10 migration have likely completed about 70% of their upgrades at this point. Karayi said the remaining 30 percent will involve devices that are more challenging for two key reasons:
Company devices that are used in remote scenarios. This includes small offices in other locations that do not have their own co-located IT support, remote employees who telecommute, and machines that might be sitting around company spaces which no one knows about or no one has explicit ownership. This would also include disconnected hardware that should be migrated.
Line-of-Business software and apps. A company must fully understand what software and apps are used by its employees and why. Cataloging these is critical to ensure no productivity is lost once the migration is complete. Too many times software and apps that are used in a company can become an afterthought, so this is a critical aspect of any migration.
These two areas can become unmanageable as companies experience quick growth and are something that should be approached on a regular basis for good business sense and not just around migrations.
Karayi then suggested three things to help companies not only break through these final migration barriers but also to prepare themselves for the future.
Visibility of Apps – Regularly cataloging line of business software and apps helps to normalize them across the company. Then they can be accounted for and get proper support. Karayi said that depending on the company’s size, this list of apps and software could be anywhere between 2 – 3 thousand entries.
Automation of Migrations – End to end migrations will be most successful if they are automated. This allows IT pros to evaluate and consider bios upgrades from legacy BIOS systems to UEFI, operating system in place upgrades or wipe and clean installs, retaining company app and software where needed, user data, and system settings. The more automated this process is, the likelihood of success increases because this key information is known about your network and connected devices.
Modern Management – An investment in real-time capabilities to monitor and manage devices across an enterprise network is an important aspect moving forward. Even though there are options to stick with Windows 7 after the January 2020 end of support date arrives, ultimately enterprise desktops will be running Windows 10 and that operating system is built for modern management. Not just for updates under the Windows as a Service (WaaS) but also for investigating security issues such as breaches, malicious software infections, and protecting company data by ensuring it is not shared to unauthorized users through various data loss prevention features.