03-26-2020 12:28 PM
03-26-2020 12:28 PM
As I travel the globe to share best practices around Windows 10 servicing with IT professionals, our partners, and internal technical teams, I acquire new insights that inform and fine-tune my next discussions with Microsoft customers large and small. Today, as I was working from home as a result of our company’s recommendations during the current public health situation, I started to reflect on a scenario that to date we haven’t published guidance around: operating system (OS) servicing and business continuity. And, while the current global challenges have prompted me to write on this topic, the things I’m going to talk about today are certainly applicable for any situation in which a company may need to embrace extended remote work scenarios.
So first, what do I mean by combining an OS servicing discussion with the concept of business continuity? Simply put, business continuity ensures that, for any given business, despite some type of significant disruption, mission critical operations for the organization can continue functioning at a basic level. This interim approach to operations ensures a company will survive as a viable entity until the disruption is remediated.
As our Corporate Vice President Jared Spataro recently shared, Microsoft is embracing its social responsibility and desire to protect public health by enacting a level of business continuity for our company’s employees to work from home. This also means that my ability and effectiveness to work from home equates to a healthy, secure, and patched Windows 10 device.
Certainly, my personal home device meets that criteria because I am a Microsoft customer and receive my security patches via Windows Update from the Windows Servicing and Delivery team on a regular basis. But does that device have everything on it that allows me to connect in a secure manner and remain seamlessly productive across corporate resources? The answer for me would be “probably,” but that might not be the case for our developers and other mission critical personnel that require a heightened level of security and access.
So what about my Microsoft owned and managed device that’s capable of getting me to 100% of what I need on the corporate network? Is our IT team responsible for my device, able to see it and keep it compliant, especially with the latest security updates? Talking generally about security compliance in the context of business continuity, an unpatched machine on the Internet can be exposed to some malicious vulnerability, which could impact a user’s ability to connect to the corporate network and do their job from home. Multiply that threat across tens of thousands of employees also working from home and you have a scenario that could impact any well-developed business continuity plan by eliminating the ability for employees to safely and productively connect remotely on any given day.
Fortunately, for Microsoft and our employees, our IT team has embraced the cloud and modern management such that they see my device on the open Internet and effectively service and patch my Windows 10 work machine. Leveraging modern management, they ensure that I will remain secure, productive and most importantly, compliant with our security policies. By leveraging Azure Active Directory (Azure AD), Microsoft Endpoint Manager (formerly Intune), and the policies in Windows Update for Business, the team can manage my machine business as usual, even in a zero-day scenario when a patch needs to be expediated. Our IT team, Core Services Engineering & Operations (CSEO), recently published a detailed guide on how they have embraced modern management and the move to the cloud.
The key benefit of cloud management for any IT administrator is that the user does not have to be connected to the corporate network. If the user and device are connected to the Internet, the solution remains seamless. This capability all but eliminates a scenario of an exploit impacting large numbers of employees in a work-from-home scenario in order to support our current business continuity strategy.
Is your organization in the position to support Windows 10 servicing and patching remotely in order to support a business continuity approach from home while keeping devices safe, compliant, and productive? While many organizations do have this type of capability, there’s a possibility of device health issues that might adversely impact patch compliance effectiveness, or might challenge on-premises deployment management solutions remotely as an administrator.
With safe and secure aspects of business continuity addressed, how do we then address productivity? Simply put, in a very similar, cloud-based approach. For me, it’s just as important to keep my Office ecosystem up to date based on the corporate standard update cadence via the cloud update service. This keeps your users satisfied, up-to-date, and using the latest features and capabilities. Overnight, my world as well as that of my global peers switched from mostly in-person meetings to a new world where collaboration via the Office tools is the new norm. All of a sudden, Microsoft Teams became the center of my work universe so its ability to be reliable and scalable is critical to my success of staying connected, informed and collaborative with my remote peers. The ability to convert all those meetings from in-person to remote, and do so with confidence, ensured that critical work can still get done in this new remote norm. Further, scaling from an average of over one million Teams meetings and calls a month based on current usage, to a significant exponential bump, is also critical.
In keeping users productive with corporate managed devices, how does the modern managed approach support remote workers in the event of a hardware failure? Fortunately for us, CSEO has not only embraced modern management, but also Windows Autopilot for the deployment of new hardware beginning back in January. In a business continuity scenario where a remote worker may experience a device failure, the user can now order a new device and have that device shipped directly from the OEM by following a few simple steps, and once received, they can be back up and productive in 5 to 10 minutes. Again, this detail is spelled out in the CSEO guide I referenced above.
At the end of the day, if your IT team can move to embrace cloud-based and modern management practices, you can rapidly support an efficient business continuity approach that solves many of the traditional challenges IT has traditionally faced during times where large populations of users are required to work remotely. The capabilities offered today can help you more easily manage support solutions and capabilities that are designed to scale and provide continuity over both near and long-term requirements.
For more information, check out some of these great pages dedicated to Windows 10 servicing: