By now, I am sure you are aware that Windows 7 has gone end-of-life, with the decade-old OS having received two “final” updates.
If you are still running Windows 7 and want to have security and critical updates that Microsoft deems necessary, you need to be signed up for paid extended support called Extended Security Updates (ESU). While ESU can give you another three years of support at price levels that are easy to budget for, there are other associated risks with staying on Windows 7.
Adding to the pressure of migrating to Windows 10 is the fact that Office 2010 is also going end-of-life in October of this year. But unlike Windows 7, there will be no extended support, paid or otherwise. This means organizations have to upgrade to Windows 10 and Office 365 as soon as possible.
With two major migrations to accomplish, most organizations are scratching their heads, wondering how to proceed? Which version of Office should they upgrade to — Office 365 or an on-premise version? Should Windows 7 be upgraded first or Office 2010? Should they be done in parallel?
Today, I want to walk you through four different options you have and offer two solutions on how to manage it. But before we do, let me first provide some background on why this is an issue.
No matter which of the paths outlined below you choose, the biggest bottleneck will be the transition away from Office 2010. As we discussed in an earlier post, migrating to either Office 365, Office 2016, or Office 2019 can cause your macros, add-ins, apps, or anything written with VBA to break.
Even with application management software in place, these Office add-ons can’t be checked against a list, like common business apps such as Adobe. Instead, they need to be tested and, in many cases, remediated as they are hard-coded, and then tested again.
As many of these third-party add-ons are LOB critical — it requires the rewriting of the source code, finding the original developer and having them rewrite it, or starting over from scratch. Needless to say, this will be a time- and resource-intensive process. Having proper tooling in place to discover, tag and catalog, test, package, and test again will get you through these tasks faster and more efficiently. However, if you haven’t started migrating yet, this process will not be finished until after the October 2020 deadline for Office 2010.
Having said this, let’s have a look at the options to solve this problem:
Microsoft has kept the cost of ESU low for the first year — ranging from free to $50/device and increasing to $100-$200/device in the third and final year. The reasoning behind this increase is to push organizations to Windows 10 as soon as possible.
Based on Microsoft’s current support model, an organization who migrates now to Windows 10 version 1909 will receive support until May 2022. After a successful company-wide migration to Windows 10, the Office 365 migration will start.
There are several pros to this method. You will:
This option takes the route of security first, focusing on updating Office 2010 before it becomes unsupported. After a successful Office 365 migration, Windows 7 is then upgraded, with Windows 7 having paid security updates through 2022.
This option will require the most effort and, without the right tooling in place, will most likely result in running Office 2010 past the October 2020 deadline. However, doing both of these at the same time — with the right tooling — will have you set up for maintaining a successful as-a-service IT environment.
This option, on paper, seems reasonable. You update to the as-a-service version of Windows, but stay on-premise for Office, giving you time to adapt to the Evergreen IT pace. However, with this option:
We do not recommend this option as it results in double work by pushing Office 365 down the line, and it keeps a major part of your IT environment out of the as-a-service lifecycle, which is widely adopted now.
Now that we have looked at the options, let’s turn our attention to how to achieve them. Essentially, there are two ways:
If you ask Microsoft, the best way to do any of this is to fully get on board with their Modern IT Vision: a carefully orchestrated IT environment run on Windows 10 and Office 365, Microsoft Teams, and other apps but relies heavily/entirely on Microsoft Endpoint Manager including Microsoft Intune, Microsoft Systems Configuration Manager (SCCM), Microsoft Autopilot, Desktop Analytics, Azure Active Directory, and much more.
However, most enterprises aren’t ready, or willing, to fully embrace every Microsoft product and be solely reliant on them for all of their IT needs. For example, an enterprise might have proprietary software, or have spent countless hours (and money) on training employees on current non-Microsoft software.
The other option is to adopt an Evergreen IT management approach, including some careful application lifecycle management choices. While this can include any or all of the tools above, it also uses third-party tooling such as Juriba Dashworks and IT automation solutions like Access Capture for application packaging and testing as well as Access Agent, our endpoint management automation framework.
To get your application estate ready for Evergreen IT (which solves your Windows 10 or Office 365 chicken or egg dilemma), it is very useful to run through the following steps:
I hope this blog post gives you some insights into the pros and cons of each of the options. Whatever you decide, it is important to go about this in a strategic way with the right tooling and automation.
Also, after gathering all of this data on your IT environment, store and maintain it in a centrally managed change management database (CMDB). Using this database, when updates to apps and OSs come in the future, updating, or even migrating to a new format, will become more efficient as it becomes part of a normal maintenance routine.