Back in November of 2015, Terry Halverson, CIO at the Department of Defense, published a memorandum mandating the rollout of Windows 10. The purpose of his memo was to prepare combatant commands, services, and agencies to standardize on a Windows 10 baseline.
The primary reason for the rapid migration is security – Windows 10 offers numerous security benefits, such as Credential Guard, Trusted Boot and built-in AV/malware protection, that can help in tackling today’s cyber challenges. As outlined in the memo, the production adoption should start in January 2016 with all existing legacy Windows operating systems being phased out by January 2017. This is a monumental task considering the Department of Defense is estimated to have 4 million endpoints running Windows today.
On meeting with several DoD agencies over the last few months, a common theme is omnipresent and palpable: ALARM. Everyone is scrambling to plan, prepare and complete this migration. If the past is any indication, a Windows desktop migration could take months or years of time, effort and cost. Endpoints, application compatibility, hardware drivers, and the sheer magnitude of Windows endpoints in existence can make this an insurmountable undertaking.
Keep the following common challenges in mind as your agency plans a Windows 10 migration:
- Application Compatibility. There is a wealth of applications within the standard desktop images used across the DoD. These COTS and custom apps were built and tested for current and past versions of Windows ( XP, Vista, Win7) – and are not guaranteed to run on Windows 10 natively. The slew of testing, upgrades and modifications to ensure compatibility will take a considerable amount of time and expense. Often times internal and Integrator application development is slow to update during OS migrations, further complicating the matter. Windows 10 also replaces the well-known ‘Internet Explorer’ browser with the new ‘Edge’ Browser – presenting a unique compatibility challenge for web-based apps that were built and tested only for Internet Explorer. Many of these mission critical applications will require heavy lifting to migrate to Windows 10 by the deadline.
- Hardware Compatibility and Procurement Cost. Another hurdle that agencies are running into is existing hardware that simply does not support Windows 10. Older PCs may have BIOS, video cards, network cards and all sorts of peripherals for which there are no Windows 10 ready drivers. In lieu of supporting existing hardware, computer hardware manufacturers are encouraging customers to refresh their hardware as part of the migration. DISA Security Technical Implementation Guides (STIGs) have also been at the forefront of the Windows 10 curve, by requiring agencies to use PCs embedded with Trusted Platform Module (TPM) hardware in order to join Military network domains further adding to the cost and complexity of Win 10 adoption.
- The Growing Mobility Challenge. Now that Mobility has become a reality with the rapid adoption of tablet, smartphones and tablet/PC hybrids within the Pentagon, data security challenges become even more acute. How will your agency handle these ultra- mobile devices in a Windows 10 world? Device Management offers some potential benefits depending on the Operating System, but data-at-rest challenges still exist. How can we ensure security of critical Govt data as these personal Mobile devices become part of the norm?
Agencies will have to wrestle with these three challenges in order to complete a successful migration that meets the January 2017 deadline.
Over the course of the last decade, agencies have proven that the best way to mitigate these challenges is with virtualization technologies that decouple the operating system and associated applications from the underlying physical hardware. This solution, better known as virtual desktops and applications, will allow agencies to continue leveraging existing hardware for a smooth transition to Windows 10 while increasing data security. In addition, specialized migration tools predict Windows 10 application compatibility by predetermining the possible and offering guidance on how to tailor software for future operability.
Offering virtualized desktops and applications as a service enhanced by integrated tools to determine the delivery type of applications guarantees an end-to-end holistic approach to operations before, during, and after Windows 10 migrations.