If most of your employees work from home, upgrading them to the latest Windows Feature Update will be challenging. The IT staff won’t be physically around those computers to fix the problems. In this unique situation, you need a strategy to help you deploy Windows Updates smoothly.
Microsoft has offered a strategy that companies can follow to roll out the Windows 10 v2004 May 2004 and later updates. In fact, it can be followed for any feature update if the time demands. Let’s take a look at Microsoft’s suggested Plan for Windows Feature Update Deployment Remotely.
Plan Windows Feature Update Deployment Remotely
Laid out in three phases—Plan, Prepare, and Deploy—Business IT department can follow to deploy Windows Update securely through the internet. It is rather obvious that one will have to use Configuration Manager or Windows Update for Business to complete this. The calendar below shows a potential timeline for rolling out Windows 10, version 2004, across the organization. Note that it is aligned with Microsoft 365 Apps and Configuration Manager release cycles.
Phase 1: Plan
There are four parts of planning—Modernizing, Compatibility, Deployment, and Capability.
Modernizing should ensure that Windows can be deployed securely. VPN configuration changes, Desktop Analytics, and Co-management will be needed along with Windows Update for Business. This is followed by compatibility planning, where IT will have to make a list of applications used by remote workers and figure out which are critical to be tested with feature updates and which will work just fine.
Next comes Deployment Planning, where the team has to be ready with all minimum requirements for deployment. That includes the latest version of Configuration Manager, InTune, and Windows Update for Business. You will also need to update Administrative templates, security baselines, etc.
The last part of this phase is Capability Planning, where everyone should know about the set of new features released with the latest update. It should be able to find how to change it using Group Policy, Registry, and even PowerShell Commands.
Phase 2: Prepare
It is divided into three preparation parts—Compatibility, Deployment, and Capability. All these are extensions to what was planned in the first Phase.
Starting with Compatibility preparation, it is advised to test all listed applications, especially those which are critical to work. The primary idea is to figure out how to test, and how to expand testing to a pilot group. That’s where the Desktop Analytics will give you insights and prepare for fixes, and perform even more testing. There can be multiple approaches to testing, including the use of Desktop Analytics to create a pilot group of devices to validate apps and drivers.
Deployment Preparation is next to where the focus is need of infrastructure upgrade (if necessary), and configuration to support new Windows 10 Feature update and remote workers. It is highly recommended that the pilot test be conducted to clearly understand how the process will take shape when deployment finally starts. The steps to be followed are updating Configuration Manager, applying a new configuration to pilot devices, delaying the creation of the Windows base image, and then preparing for Windows Update for Business.
The last section in this phase is about Infrastructure preparation. Here, you can map new features to worker roles and communicate with pilot users to showcase known new features.
Phase 3: Deploy
There are only two phases here—Pilot and Broad Deployment. What is interesting is the approach to deployment. It does not use a Red button to push updates down to all devices—instead, it uses a pull approach to prevent the update from automatically going to the next ring.
The Pilot phase is recommended to start on the prepared configuration and infrastructure from the Preparation Phase. Using Windows Update for Business, updates are sent out in the smallest package size, and lowest latency. That is why the VPN configuration was necessary, and a more cloud-based approach was suggested instead of locking those computers to the corporate network.
The Pilot Phase is critical, and it is recommended that the pilot devices be monitored closely by collecting feedback and data from the analytics tool. If things go south, Windows Rollback can be used immediately.
The last part is where you go ahead for Broad Deployment, depending on how successful the pilot deployment. You can use deployment rings, and Windows Update for Business will continue to push updates. To accelerate deployment, Microsoft recommends expanding configuration and policies, enforcing compliance deadlines for the update, creating broad deployment plans, keeping a tab on support requests, creating baseline images, autopilot to deploy new devices to remote works, and documenting the experience.
Rolling out a Windows Feature update is a different ballgame for Businesses. Many factors need to be taken care of and carefully planned to ensure there is no massive breakdown. It is essential that IT admins document everything so it helps the next time they have to do it again.
Make sure to go through the official website for more details on this process.
