Colin Sainsbury – InFocus Blog | Dell EMC Services https://infocus.dellemc.com DELL EMC Global Services Blog Thu, 12 Jul 2018 14:09:11 +0000 en-US hourly 1 https://wordpress.org/?v=4.9.7 Windows 10 Migration: Should You Shift Left, or Right? https://infocus.dellemc.com/colin_sainsbury/windows-10-migration-should-you-shift-left-or-right/ https://infocus.dellemc.com/colin_sainsbury/windows-10-migration-should-you-shift-left-or-right/#respond Mon, 18 Jun 2018 09:00:03 +0000 https://infocus.dellemc.com/?p=35559 The time has finally come when many organisations are taking on Windows 10 migration. The software was first released in July 2015 and has matured through six releases, bringing the stability that enterprises are looking for. Software vendors have had time to ensure that their applications are available in Windows 10 compatible versions. There is […]

The post Windows 10 Migration: Should You Shift Left, or Right? appeared first on InFocus Blog | Dell EMC Services.

]]>
The time has finally come when many organisations are taking on Windows 10 migration. The software was first released in July 2015 and has matured through six releases, bringing the stability that enterprises are looking for. Software vendors have had time to ensure that their applications are available in Windows 10 compatible versions. There is also the looming demise of support for Windows 7 due to the removal of hardware support or the need to migrate from it before the software support window closes.

Equally, user experience is now becoming a significant part of the conversation with any IT department. As developed economies achieve high levels of employment, there is more competition to attract the brightest and best talent. It is no longer just about the pay and benefits package, but now includes softer items like the type and mobility of devices and the inclusion of current applications.

Many organisations have built up significant technical debt within their organisations and their devices are now over four years old. They are therefore looking at large scale programmes to replace their end user compute estates and simultaneously migrate to Windows 10 on the new equipment.

The question becomes – how do they do this in the most appropriate way?

Shift Left

Traditional device replacement programmes have relied on a wave of upgrade activity propagating through the organisation. This usually took the form of buying new devices, shipping them to a staging location, perhaps provided by a third party, imaging them and delivering them to the end user. This is shown in the diagram below:

Figure 1: Typical cost breakdown of deploying a new device.

Many of the activities shown above can be more efficiently performed in the factory location using Dell’s Configuration Services capabilities. This approach removes the need for the staging location and a shipping leg, thereby reducing the carbon footprint of the organisation and contributing to their social responsibility goals.

Where staging centres have been used in the past, these have been connected to the enterprise network and the systems built there, rather than at the deskside. This usually involves extending automated OS deployment tooling into that location. Dell’s Connected Configuration solution, part of its ProDeploy Plus offer, allows enterprises to use our regional distribution hubs as their staging centres. The result is shown in the diagram below:

Figure 2: Dell’s Shift Left Optimisation

This approach saves time and money as the devices are imaged before they start their final delivery leg, arriving at the desk imaged and ready for the user to start work. Users only need to install their elective applications, those they use over and above the standard for their department. Providing that they have access to a self-service application store such as the Software Center included within SCCM, they can do this easily in a similar way to using their smartphone app store.

As this efficiency gain is driven from using the Dell factory and shifting activity left on the diagram, Dell refers to this as a Shift Left optimisation. We have the facilities to scale beyond those of most organisations in terms of throughput per day etc. Furthermore, our regional distribution hubs are situated such that all devices for a given territory will transit from that location anyway so it is much more efficient to use these locations than a third-party staging facility.

Data and settings migration may still require technical assistance, but these days more and more organisations are moving to Enterprise Files Sync and Share (EFSS) solutions such as OneDrive for Business, meaning that disciplined users only need to sign in to their tool and their data will start to be replicated to the new device.

Dell’s Managed Deployment teams can provide support for these deskside activities, should it be required, as well as providing resources to hand out the new devices and collect the legacy ones, dealing with packaging removal as part of the task.

Shift Right

Microsoft has been promoting the idea that Windows 10 can be provisioned (note: not imaged), using the AutoPilot process much more easily and at less cost than the traditional imaging methods. The idea here is that the device is shipped with a standardised OEM operating system image on it and a hardware device ID is registered with Microsoft to enable the AutoPilot process.

In practice, this transfers much of the work shown in figure 1 to the end user and is shown below.

Figure 3: The workload balance for Shift Right.

This is often marketed as user enablement or empowerment, but what does that mean in practice?

The end user is now responsible for:

  1. Collecting their new device from a tech bar or similar distribution location.
  2. Perhaps unboxing the device and installing it to their desk.
  3. Going through a tailored Windows 10 out of box experience (OOBE).
  4. Logging into the device with their Azure Active Directory credentials thereby “joining the device to the domain” and drawing down policy settings and triggering mandatory software installs (as defined by their organisation) such as Office 365 Pro Plus.
  5. Installing additional applications from the Mobile Device Management Application Store or the Windows Store for Business (WSfB).
  6. Signing in to their EFSS solution (OneDrive for Business etc.).
  7. Waiting whilst their applications are downloaded and installed from the application store or WSfB. (This could take a while dependent on bandwidth and size of applications.)
  8. Waiting whilst their data synchronises, again bandwidth and volume dependent.
  9. Starting work with those applications and that data that is available to them whilst the remainder is delivered in the background.

Should We Shift Left, or Right?

In a previous blog post, Managing PCs the Modern Way, I considered the prime candidates for each of these deployment methodologies. To briefly reprise that post, Dell describes five key personas:

  1. Desk Centric – greater than 50% of time spent at a fixed desk location.
  2. Corridor Warrior – collaborative worker that divides their time between desk and meeting room locations but in one office or campus.
  3. On-the-Go Pro – highly mobile individual travelling between locations, cities and often countries. Often works on public WIFI or mobile communications.
  4. Remote Worker – greater than 50% of time spent at home.
  5. Specialist Worker – in many cases this category is driven by the hardware they use and Dell has defined three subcategories of this persona. It could be a Field Worker who needs ruggedized equipment, an Engineer who needs hardware that enables them to be creative perhaps using CAD/CAM software or a Creative user with peripherals such as the Dell Canvas.

It is my belief that from a management perspective and therefore a deployment methodology, Shift Right, enabled by modern management, best suits the On-the-Go Pro population and Specialist users with a similar level of mobility requirement. Where Remote Workers who primarily use Software as a Service (SaaS) apps, they may also be candidates.

Those users who are classified as Desk Centric, Corridor Warrior and the proportion of Remote Workers who use customer datacentre-hosted applications are probably best handled using the Shift Left methodology. This view is based on the fit of the post-deployment management technologies to the ways these users work.

Having said that, is it as simple as that? When Shift Left includes an engineer to address deskside deployment, it is like a waiter bringing your food to the table and serving it to you. Using that analogy, Shift Right could be described as a self-service buffet.

Dependent on the type of individual that fits in to your On-the-Go Pro category, asking them to do self-service may or may not be appropriate. Some will see it as end user empowerment whilst others will see it as the IT department cutting costs and offloading the work on to the users. Do you need to provide a “Tech Bar”-style walk-up help facility to address issues rather than overloading your Help Desk? How does this impact any outsource contract you might have? How do you quantify the loss of productivity for what could be some well-paid individuals whilst they wait for their applications to download?

These issues are soft or non-technical, but need to be addressed before simply opting for what appears on the face of it to be the “cheaper” option.

Summary

Dell EMC’s Support and Deployment Services can help you identify the persona groups within your organisation using a mix of tooling and business analysis. Once we understand that mix and your readiness to adopt the modern management approach, we can help you define the roadmap to enable you to transform to your desired future state. In this way, we can help you find the right balance between Shift Left and Shift Right within your organisation. We will then stand with you through your deployment, bringing the relevant services to bear as you need them. The diagram below shows how we see these mapping against the personas, with those suiting Shift Left on the left and those suiting Shift Right on the right.

Figure 4: How Dell can assist with both Shift Left and Shift Right.

If you have any questions pertaining to Windows 10 migration or the Shift Left or Right methodologies, please feel free to contact me via the comments below.

The post Windows 10 Migration: Should You Shift Left, or Right? appeared first on InFocus Blog | Dell EMC Services.

]]>
https://infocus.dellemc.com/colin_sainsbury/windows-10-migration-should-you-shift-left-or-right/feed/ 0
How to Modernize Your PC Management Approach https://infocus.dellemc.com/colin_sainsbury/managing-pcs-modern-way/ https://infocus.dellemc.com/colin_sainsbury/managing-pcs-modern-way/#comments Tue, 12 Dec 2017 10:00:58 +0000 https://infocus.dellemc.com/?p=33354 I meet a lot of customers and love to hear their thoughts on the future of the end user computing world as much as they love to hear my digest of what’s going on in the marketplace. Discussion as of late has revolved around an emerging trend –modernizing one’s approach to PC Management – a […]

The post How to Modernize Your PC Management Approach appeared first on InFocus Blog | Dell EMC Services.

]]>
I meet a lot of customers and love to hear their thoughts on the future of the end user computing world as much as they love to hear my digest of what’s going on in the marketplace. Discussion as of late has revolved around an emerging trend –modernizing one’s approach to PC Management – a subject I believe is partly driven by Windows 10 and the smartphone revolution.

We have all become accustomed to carrying miniature computers in our pockets that just happen to be able to make phone calls. We merrily add applications and upgrade its operating systems. Yet navigating the PC on our desk remains a logistics nightmare.

Why can’t our new computer be as logistically simple as getting a new phone?

Because consumerisation of IT and the expectations of a more tech-savvy workforce is at play.

My colleagues ask me to help them understand this trend and how it’s changing the way we assist our customers. If a user can acquire a new smartphone, sign into a cloud authentication service and download applications, why is it so difficult to deploy PCs?

To understand this, we must first address the history and market forces in the PC industry.

Let’s first establish shorthand terms:

PC means any device running the desktop version of Windows 10 irrespective of form factor (laptop, all-in-one, desktop or tablet). Devices running Windows Phone, Android or iOS will be referred to as smartphones.

History

It’s long been the practice of original equipment manufacturer (OEM) vendors to bundle Windows with every PC sold. This is a practice Microsoft has encouraged, ostensibly to save the purchaser from installing the operating system (OS), which has proven very helpful in establishing Microsoft as the dominant OS provider. Over time the practice of pre-installing software has been extended to include vendor tools and trial versions of software from third parties.

Whilst this is tolerable for the consumer market, the variability of the third-party software installed is intolerable to the enterprise market. To counter and reduce the total cost of ownership (TCO) of supporting their devices, IT departments have typically wiped devices clean and built them up from the bare metal in a process referred to as imaging. This process often takes 4-5 hours per device, adding cost and delaying the point at which the user takes control of the device.

Vendors, resellers and distributors, Dell among them, endeavored to make the PC provisioning and deployment process more efficient with centralised systems and developed a variety of capabilities, spawning a whole new market segment.

Traditional Imaging Options

Dell leads the market in providing imaging and configuration services for our customers who hold Microsoft Volume Licenses. These services are:

  1. Static – simple imaging using technologies such as Ghost, usually for a single device type based on the driver library included within the image.
  2. Dynamic – a development on the static imaging which enables device flexibility by dynamically including the driver library for different Dell hardware families.
  3. Connected Configuration – the modern imaging solution which works by extending the customer’s System Center Configuration Manager (SCCM) environment into a Dell build facility so devices are imaged in the same way as they would be at a customer site. This method provides significant customer benefit.

Once imaged, the users are typically managed via Active Directory authentication and the devices by SCCM or similar tooling.

Modern Provisioning

With Windows 10, Microsoft has enabled an entirely different approach to the problem. In building Windows 10 with a common code set shared across the PC and smartphone versions, the OMA-DM (Open Mobile Alliance-Device Management) specification is built into the base OS. For the first time, a Windows PC can be managed using tooling that was originally designed for smartphone management. This integration of mobile and Windows 10 PC management is referred to as unified endpoint management (UEM).

It should be noted that the OMA-DM specification is for the management and configuration or provisioning of the device, not imaging, and there are key differences between the approaches. Imaging allows deployment of the base OS, whereas provisioning assumes the base OS is already on the device and seeks to control it.

To encourage customers to take up Windows 10 more quickly, Microsoft strongly advocates the use of provisioning, as it is a lighter touch and provides a lower barrier to entry for the organisation. Equally, mobile device management (MDM) toolset vendors have aligned themselves with this narrative as it increases their addressable market. The key thrust of the approach is any Windows 10 device can be provisioned and managed, irrespective of vendor or acquisition route, including bring your own device (BYOD).

At the beginning of July, Microsoft launched Windows Autopilot which enables an end user to follow a simplified process to join a Windows 10 (1703) PC to Azure AD (Premium) and enroll it with the organisation’s chosen MDM tool. The Fall Creators Update for Windows 10 is expected to enable the same tool to allow end user to join their Windows 10 PC to an on-premises AD. In both cases, OEM pre-registration of the devices with Microsoft and Azure AD Premium licensing is required.

Enterprises are keen to consider options that reduce their TCO and makes it easier to roll out the new OS. As a result, they are looking to leverage the MDM tooling acquired to manage their smartphones to manage these devices.

However, there are key differences between managing devices via the traditional route and those provisioned in this way.

Scenario 1:

  • Workforce is largely office or with a fixed base of operations using a mix of PC form factors, typically connecting directly to a corporate network or via a VPN solution.
  • Applications tend to be more complex, drawing on local system resources or client-server with limited usage of external web or Software as a Service applications.
  • Organisational information assurance policies require systems are tightly managed to ensure compliance with patching and update policies.
  • Web access is channeled via IT provided proxy solutions to manage bandwidth and police content.
  • Data is stored on network files servers and email hosted internally.

This scenario is common within many organisations today and will be recognizable to most. It is typically based on Active Directory authentication and SCCM management. The devices are typically imaged.

Scenario 2:

  • Highly mobile workforce, typically using newer form factors.
  • Applications are either locally installed or accessed via a web browser (SaaS).
  • Email and office automation software are delivered via Office 365, Google Apps or similar toolset.
  • Data is stored in OneDrive for Business or Google Drive enterprise file sync and share solutions.
  • Applications are acquired via Windows Store for Business or the Mobile Application Management (MAM) capability of the MDM tooling.
  • There’s limited reliance on corporately provided applications. Identity management can require the user to manage numerous credential sets or require corporate investment in single sign on solutions (SSO).

This use case is becoming more common in sales environments and lends itself to the provisioning approach. It particularly appeals to customers who could go to any computer retailer and acquire a device that can then be provisioned, should their current device fail.

Equally, customers are looking at BYOD solutions to manage contingent labour. Here the customer feels that the contract day rate should include the contractor providing their own equipment which the corporate IT staff manage via the MDM toolset.

In reality, customers within their organizations do not split cleanly into Scenario 1 or 2 but a blend of the two.

What Does the Future Hold?

Most customers fall into predominantly Scenario 1 for historical reasons. As sales forces become more mobile and their applications shift from in-house-hosted to software-as-a-service, they will lean towards Scenario 2.

Figure 1: The Journey to Modern IT

 

However, there will still be a proportion of the workforce that does not require or cannot work in this Mobile First, Cloud First way as they are tied to incompatible applications or the cost of transforming the applications is too high. However, over time the number of users in this group is expected to fall.

As organisations transform their business processes and IT support to a more mobile device friendly approach, the balance of power will shift from the traditionally imaged to the modern provisioned. The speed of this transition will be determined by the ability for organisations to invest in this transformation. This may be by shifting to SaaS versions of their current applications or adopting application publishing solutions to enable access to internal applications from devices that sit outside of the corporate firewall.

The balance is firmly weighted in favour of the traditional imaging approach, but based on the number of organisations actively investigating modern provisioning, this will not last for long.

How Dell Can Help Our Customers

Dell EMC is well placed to address both the current and future markets. We have a very strong presence in the device imaging (Scenario 1) business and are trusted by our customers to deliver this service through our ProDeploy for Client Suite. We are seeing strong interest in the ProDeploy Plus business as customers look to optimise the traditional element of their estate. There is a gradual shift of customers from static to dynamic to Connected Configuration.

To address Scenario 2, we can leverage our strong relationship with Microsoft and use our Services capability to deliver solutions based around both the SCCM and Enterprise Mobility + Security (EM+S) suite which addresses the modern provisioning approach. The integration between SCCM and Intune is improving with time but they are fundamentally different offers that work together.

As interest in the Windows AutoPilot tooling grows, we are seeing significant interest in our ability as an OEM to pre-register our devices with Microsoft to enable that approach for modern provisioning. With the release of Fall Creators Update there will be the opportunity to create a hybrid approach whereby the Windows 10 device is delivered to a user without being imaged and can be joined by the end user to the domain via AutoPilot.

When VMWare joined Dell Technologies, it brought the Workspace One Solution which includes tooling to address the modern provisioning (Scenario 2) approach. The AirWatch component is a strong brand in the MDM market and many customers investigating Microsoft’s EM+S evaluate both AirWatch and Intune. Equally, the application publishing capabilities, which rely on VMWare’s Horizon product, are an alternative to the Azure RemoteApp capability that Microsoft has already discontinued in favor of Citrix XenApp Essentials.

Microsoft’s Azure Active Directory Premium (AADP) builds upon the capabilities of the Azure AD license, which many customers will have as part of their Office 365 migration, enabling the AADP identity to be used to access many third-party SaaS apps without requiring the IT team to build and manage a web of bilateral authentication arrangements.

We can assist you to design, build and implement your Modern Management Capability to meet the evolving needs of your increasingly mobile user community. In doing so, we will address the security, functionality and affordability challenges specific to your business, enabling you to give users the flexibility they demand without relinquishing control of the environment.

Let me know in the comments below if you see this trend emerging in your industry and geography. I look forward to hearing you and the way your organisation is addressing the consumerisation of IT.

 

The post How to Modernize Your PC Management Approach appeared first on InFocus Blog | Dell EMC Services.

]]>
https://infocus.dellemc.com/colin_sainsbury/managing-pcs-modern-way/feed/ 5