A mixed estate is a rich source of grief for most IT departments. Having to manage security and updates across just one operating system and a few core applications can be hard enough, but when you're handling multiple operating systems and a range of applications, the hassle seems to multiply with each and every one. Even managing several versions of Windows can be a trial, as you try to schedule patches and updates, troubleshoot issues and make sure all those systems are secure. A mixed estate doesn't just mean more work, it also means more opportunity for something to be missed or new problems to emerge.
This is why the prospect of a unified estate is so desirable for many IT leaders, and why Microsoft's strategy with Windows 10 does so much to pave the way for exactly that.
One OS to patch and update
If you wish, you can have every PC on the premises running the same OS with the same patches, with the same updates rolling out at the same time. But if that doesn't suit or you want more control of the update process, there are mechanisms to define when updates roll out or even which types of update will be installed in what time period.
With no new Windows versions as such to worry about, Windows 10 updates have settled into a predictable cadence, with a full feature upgrade rolling out every spring and more functional, service and security updates in the autumn. Fixes and security updates continue to roll out monthly or as and when required. For obvious reasons, it's wise to have security and reliability updates installed as soon as possible (though even these can be deferred by up to 30 days). On top of this, business users employing Windows Update for Business (with Windows 10 Pro or Windows 10 Enterprise) can defer the less critical, annual feature updates by up to 365 days. This extends up to 30 months for firms running the Enterprise edition, enabling firms to decide whether they want the latest features or a codebase that's had more time in the field.
Should you want more granular control, you can set which PCs get which updates using Group Policy with Active Directory, pushing different upgrade policies to different groups of users. And with Windows 10 there's no manual updating and no way that end-users can avoid upgrades because they'll get in the way of work'. Upgrades can be set to install out of active hours or you can set a deadline for an auto-restart. With Windows 10 rolled out across the whole estate, the usual headaches of keeping all your systems up to date all but go away.
One OS for productivity and security
Of course, updates are important, but they're not the only reason to get the whole estate up and running on just the one OS. For a start, Windows 10 delivers the perfect balance between Windows 7's familiarity and new features that can transform productivity. The desktop, the Start button and file management work much like they do in Windows 7, but with the addition of smarter, more effective virtual desktops, intelligent search and digital assistance from Cortana and the new Timeline. This last feature makes it easier to find what you were working on yesterday, last week or even last month by enabling you to scroll backwards through time and see which documents you were working on during that time. These aren't the kind of features end-users ignore, but the kind they'll wonder how they ever lived without.
Windows 10 is also purpose-built for a modern approach to IT, where multiple devices might be working with the same information through a mix of applications, and where cloud now an integral part of Windows enables a seamless, automated, pro-active way of working. This becomes particularly important when you're running desktops, laptops and convertibles across the whole estate. Devices in the HP EliteBook range, for instance, come armed with cutting edge Windows 10 features, meaning you don't compromise one experience to find a better fit for others; the OS adapts to meet the needs of each device.
Security is another win. Windows Hello makes identity the key to authentication, using biometrics and physical tokens to replace hard to manage, insecure passwords. End users get a quicker, smoother sign-in. IT departments don't get the hassle of managing and resetting passwords.
If you're running the OS on devices such as the HP Elite range and do want to use passwords, you have the option of HP SpareKey, which uses predetermined security questions to help users reset passwords and restore access to locked PCs without intervention from IT personnel. HP devices also offer the multi-factor secure login, HP Multi-Factor Authenticate, which helps keep your network and VPN safe by requiring up to three factors of authentication, including fingerprint and facial recognition.
Meanwhile, the advanced security features of Windows Defender Security Centre, BitLocker and with Windows 10 Enterprise Windows Advanced Threat Detection give you a strong, easily-configured base layer of security on which you can add further layers if needed. With just the one OS it's so much more straightforward to develop a coherent security provision.
One OS to manage
Crucially, unifying the estate around Windows 10 gives you one, modern platform to manage plus the tools to make that management much less onerous. New cloud-based tools like Microsoft Intune and Windows Autopilot make it easier to first deploy and then manage the estate's PCs, delivering real control over company data and proper management over the OS and installed apps.
You can not only define security policies but ensure that all the systems on the estate comply, even as they're rolling out. These tools integrate with Microsoft Azure Active Directory for identity and access control, and with the productivity and communications applications rolled out through Office 365. Meanwhile, the Microsoft Deployment Toolkit simplifies provisioning, manages security and gives you real-time diagnostic insights into all the Windows 10 PCs on your estate.
These benefits add up, reducing the time and effort IT teams spend on managing the estate's computers, while delivering a modern, productive experience to end-users, with a common look and feel that's still easy to customise for personal preference. In an era where IT is a powerful disruptive force, IT teams have enough to do without managing multiple operating systems. Unifying behind Windows 10 just makes sense.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.