Moving to a modern desktop with Microsoft 365 – across Windows, Office 365 ProPlus and Enterprise Management + Security – gives you an empowering and secure workspace that is powered by the latest productivity, teamwork, and collaboration experiences from the Cloud.
The modern desktop allows you to connect anything and everything – and I mean everything – to the Cloud. Windows, Office, management, security – you name it. As I discussed a few months ago, a modern desktop reduces complexity and makes you more agile thanks to things like:
While these benefits are significant, we also know that making the shift to a modern desktop environment is one of the most significant responsibilities facing IT today. The good news, if you haven’t deployed a new desktop in a while, is that a lot of things have improved since you last had to do it. Many factors which made problems like application compatibility so problematic in the past have been solved with the Cloud. Now, you really can move forward with confidence faster than ever before – and your organization will see the benefits immediately.
To help make all of this great new info consumable, today is the start of a 10-part desktop deployment essentials series on Microsoft Mechanics. This series will have detailed, step-by-step guidance that is organized around our new modern desktop deployment wheel (see below), and this info will really effectively encapsulate our years of experience working on desktop deployments with customers across the globe.
In episode 1, I’ll walk you through what’s new and different. Then I’ll explain how you can continue to use your existing tools and processes and take advantage of new tools and resources for modern provisioning and modern management across the PC lifecycle.
Later in the series, our resident desktop deployment expert, Jeremy Chapman, will share a step-by-step tour of how to shift. Each episode will feature a different part of the wheel – and each episode will get progressively more technical so that, by the end, you are a genuine expert.
The Modern Desktop Deployment Wheel
If you have deployed desktops before, many of the steps on our wheel will be familiar and you’ll see that we’ve invested a lot to expand the options available to you for desktop provisioning and management. If this is your first desktop deployment, this ought to give you a logical path for planning your deployments.
Once you’ve created your high-level plan and have your core sponsors on board (the center of our wheel), there are few core steps that you’ll want to work through.
Here’s a quick look at each of those steps:
Device and App Readiness
Step 1 relates to taking inventory of your devices and apps and verifying compatibility. For that, we’ve built new tools with Windows Analytics available now and are working on a broader set of tools with Desktop Analytics to inventory and analyze your apps, devices, Office add-ins and beyond. These work by tapping into compatibility intelligence and telemetry from 100s of millions of PCs to understand both apps and drivers available from Microsoft to assess the readiness of your desktop estate – and soon we’ll even help assess the compatibility of your custom LOB apps. This works hand in hand with System Center Configuration Manager – so that you can build data-driven collections of targeted PCs as they become ready.
We’ve also just announced Desktop App Assure, a new service from Microsoft FastTrack designed to address issues with Windows 10 and Office 365 ProPlus app compatibility. While we’ve seen 99% application compatibility with new Windows updates, if you find any app compatibility issues after a Windows 10 or Office 365 ProPlus update, Desktop App Assure is designed to help you get a fix.
Directory and Network Readiness
If you haven’t already you’ll want to implement Azure Active Directory for Identity and access management. You’ll also want to get your network ready for moving system images, application packages and user files across your network to support later deployment and migration activities. We’ve done a lot of work building networking optimizations spanning peer to peer, throttling and differential updating and you can lean more on episode two of our series of, desktop deployment essentials.
Office and Line of Business App Delivery
This ensures that your apps are ready for automated deployment and you’ll need to be familiar with Click-to-Run Office deployment and your configuration options.
User Files and Settings Migration
This is necessary in PC replacement scenarios and you can use the User State Migration Tool as part of the (SCCM) or Microsoft Deployment Tool installation sequence at deploy time. This step is often a timing bottleneck for PC replacement, due to the physics involved in transferring sometimes hundreds of gigabytes per PC each direction. OneDrive Known Folder Move is a new option to sync user documents, pictures and desktop files at scale in the Cloud ahead of your deployment.
Security and Compliance
This is an area with a lot upside when moving to Windows 10 and Office 365 ProPlus. First, you’ll want to familiarize yourself with the new built-in capabilities and compare that with what you already have. New capabilities in Windows 10 using virtualization-based security can prevent credential theft, protect against browser-based exploits and malicious code execution by isolating core processes and secrets from the operating system. And Cloud services like Advanced Threat Protection give you a unified platform for security hardening, post-breach detection, investigation, and response. ATP can also safeguard you against malicious email attachments, unsafe hyperlinks and more.
OS Deployment and Feature Updates
Step 6 is really about getting OS images deployed. A lot of the heavy lifting will be done using ConfigMgr task sequences and infrastructure. The recommended approach is to deploy in phases, where a representative set of hardware and apps are targeted to early adopters in your organization. You’ll then use the data from those devices and users to gradually target more and more PCs. New options in this space also include Windows Autopilot and we’re doing more to connect the Autopilot experience to ConfigMgr managed deployments.
Windows and Office as a Service
This is a new part of modern desktop management –and it is very important to understand deeply how it operates. One of the core advantages of the modern desktop is that we make it easier for you to stay current and bring new capabilities, experiences and protections to your users. We’re introducing ripples of change incrementally instead of massive waves every three years. Feature updates are delivered semi-annually, and we just announced that we’re making easier to stay up to date giving you time to adapt. We strongly recommend that organizations target the September release and now if you need to, you can roll-out updates once per year or even every second year. Security, reliability and bug fixes are delivered by our monthly cumulative Quality Updates. Lastly, our strong recommendation is to move to Office Pro Plus so your users get updates to the Office apps on a regular basis.
Finally, User Communications and Training
Doing this is critical to driving usage of new capabilities for enhancing teamwork, communications, security and more. Before broad deployment is targeted to users outside early adopter rings, User Communication and Training should be planned to drive desired changes in how people use new capabilities in Office, Windows or other line of business apps and services. Here we also have free online training via Microsoft FastTrack and direct support that you may be eligible for as a Microsoft 365 or Office 365 organization. Plus, we’ve published free sample communication plans and timelines together with email, social and intranet templates to help with your rollout of Windows 10.
As you plan and stage your roll out, I’m sure you’ll find yourself revisiting various parts of this wheel (particularly Device and App Readiness) as you incrementally shift your desktop estate. Definitely take your time and get familiar with the material.
If you are still concerned about having to leverage some of these new tools, you can certainly continue to use your existing tools and processes. In fact, just to prove to you our commitment, consider this: Today we manage around 150M PCs and devices through ConfigMgr and Microsoft Intune. We know that ConfigMgr is the tool that nearly all of you will use to shift to a Cloud-attached, Cloud-secured world – and you can continue to use that without any problems. But don’t let this stop you from taking advantage of new tools and processes. Instead, use ConfigMgr as a bridge to modern management and provisioning. As you Cloud-attach your ConfigMgr-managed Windows 10 PCs to Microsoft Intune and Azure AD, you can immediately start using the new and incremental Cloud-powered capabilities which we will continue to regularly enhance.
As you familiarize yourself with the essentials you can go even deeper with the technical documentation on our new Modern Desktop Deployment Center. Don’t hesitate to send your feedback and questions. My team and I are with you along the way.
CVP – Microsoft 365
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.