Microsoft began rolling out Windows 11 on October 5, 2021, and the rollout is expected to continue through mid-2022. For Windows 10 users, the upgrade is free, but the rate of adoption has been relatively low. The highest estimate comes from the AdDuplex Report for November 2021, which estimates that Windows 11 is running 8.9% of the world’s PCs.
This blog post provides guidance to MSPs about when to upgrade clients to Windows 11 and how to overcome the challenges of managing this major migration at scale.
Upgrading Windows 11 clients: When is the right time?
The word on the street is that the main differences between Windows 10 and this first version of Windows 11 are in the end-user experience. Some key features of the new look and feel are:
● The Start Menu is centered on the screen, with a less cluttered design.
● You can define multiple virtual desktops (personal, work, kids, etc.) and toggle easily among them.
● You can download and run Android apps natively.
● You can customize Snap Layouts for running applications, which is great for large monitors or multiple screens.
● An upgraded Microsoft Teams is pinned to the Taskbar and delivers an enhanced chat experience.
● You can access personalized widgets directly from the Taskbar.
But it’s not all about UX. Windows 11, which was designed to leverage the next generation of powerful processors, also boosts performance and security. For example, Windows 11 manages memory in a way that optimizes the performance of apps running in the foreground. RAM remains energized during sleep mode so that the PC wakes up significantly faster. In addition, Windows 11 streamlines the disk usage and I/O footprints of non-critical apps by seamlessly loading system binaries on demand.
In terms of security, Windows 11 offers Virtualization-Based Security (VBS), which creates a secure memory region that is isolated from the operating system (OS) and protects against exploits that target OS vulnerabilities. Yet another Windows 11 security feature is Microsoft Defender Application Guard, which creates an isolated memory instance of the browser, protecting systems and data from untrusted websites.
However, there are also compelling reasons for not rushing your clients into a Windows 11 upgrade. First and foremost, experience has shown, time and again, that it is beneficial to wait for later versions of a new Windows OS — versions that are less buggy, more secure, and more feature rich. Yet another consideration is that your customers’ endpoints may not be compatible with Windows 11. This issue is discussed in some detail in Windows 11 hardware and system requirements below. Lastly, Microsoft has made it clear that Windows 10 will continue to be supported for four more years — until October 25, 2025. In fact, in an unprecedented move, Microsoft released a new version of Windows 10 (21H2) after its release of Windows 11.
Bear in mind, however, that although you may not be pushing your clients to upgrade to Windows 11, there will be some who expect or demand it. To maintain your reputation as a leader and innovator who stays one step ahead of the customer, you should be ready to support a well-orchestrated Windows 11 rollout.
Windows 11: MSP upgrading challenges
This section highlights the key challenges that MSPs face when it comes to migrating their customer base to Windows 11.
Windows 11 hardware and system requirements
The minimum system requirements for Windows 11 installation are quite high. Therefore, when migrating customers to Windows 11, the first MSP challenge is assessing the compatibility of their current devices and estimating the cost of upgrades, if required.
Microsoft maintains a comprehensive portal of Windows 11 specs, features, and computer requirements. The minimum system requirements, as of this article’s publication, are summarized in Table 1, below. In addition, there are feature-specific requirements that should be checked carefully against your customers’ inventory of devices.
Table 1: Minimum system requirements for installing Windows 11 on a PC
There are several ways to pre-check locally if a computer is Windows-11 compatible:
● Use Microsoft’s free PC Health Check app.
● Locally run a Hardware Readiness script provided by Microsoft from an elevated PowerShell prompt.
● Use open-source apps such as WhyNotWin11 or CheckIt.
As an MSP, however, assessing your customers’ fleets of computers one by one can be time consuming and prone to error. Instead, use your RMM stack — or a Microsoft automation tool or service such as SCCM, Endpoint Manager, or Intune — to run the Hardware Readiness PowerShell script at scale. You can then use the data to prepare a cost / benefit analysis so that your customers can make an informed decision about their optimal Windows 11 migration roadmap.
With your guidance, they could decide to postpone a migration altogether or start with devices that are already compatible and continue the migration as new devices are provisioned. You can also enhance your value as an MSP by assuring customers that you are fully capable of managing their full range of active OSs, from Windows XP to Windows 11, and everything in between.
Secure Boot and TPM enablement
Secure Boot and Trusted Platform Module (TPM) 2.0 must be enabled on all machines attempting to install Windows 11:
● Secure Boot is a software feature that controls which OSs can be active on the PC. It protects against invasive malware that can take over the machine, such as ransomware.
● TPM is either a standalone microchip or part of firmware that secures hardware and firmware at computer startup. TPM has been mandatory on Windows’ machines since 2016. Windows 11 requires the latest version, TPM 2.0. The requirement to enable TPM 2.0 only applies to the manufacturing of new devices.
Most likely, you routinely ensure that the most up-to-date versions of Secure Boot and TPM are installed and enabled on your clients’ machines. However, to run a smooth migration to Windows 11 at scale, you should use your endpoint management stack to pre-verify that all the target machines are compliant with this requirement.
How to avoid data loss during a Windows 11 upgrade
Your customers count on you to protect their data assets from loss or corruption. To that end, you have likely implemented a robust cybersecurity platform that proactively prevents insider or external attempts to delete or steal data. But what about data that is accidentally deleted or misplaced due to human error — or, in this case, an upgrade gone wrong?
In theory, the upgrade to Windows 11 will have no impact on data. Whether carried out through the Windows Update interface or by downloading the Windows 11 ISO file (for Microsoft Insiders only), at the end of the installation, the data and files should be intact and available where they were prior to the update.
However, it is known that upgrades can fail now and then, due to unexpected hardware failures, undetected software incompatibility issues, insufficient storage space, and so on. A failed upgrade could result in data loss. Thus, it is essential that Windows 11 upgrades are carried out within the context of a disaster recovery plan. This includes ensuring that, prior to the upgrade, all data and system files have been backed up, are clean from malware and that the backup has been tested.
To do this migration painlessly, consider using Acronis Cyber Protect Cloud.
Acronis Cyber Protect Cloud
The Acronis Cyber Protect Cloud is an all-in-one solution that combines data protection, cybersecurity, and endpoint management within a centralized command and control console. Built with MSPs in mind, Acronis Cyber Protect Cloud integrates seamlessly with the leading RMM and PSA systems. With Acronis Cyber Protect Cloud, you provision just one agent to deliver a wide array of services, including backup and recovery, next-gen anti-malware, email security, workload management, file sync and share, and notarization.
Out of the box, Acronis Cyber Protect Cloud supports worry-free Windows 11 migration at scale by delivering the industry’s best cloud backup and recovery solution. Its full-image and file-level backup and recovery capabilities continuously protect your customers’ workloads across all endpoints and on more than 20 platforms, with near-zero RPOs and RTOs.
You can also add advanced protection packs to further enhance your Windows 11 migration activities:
● Advanced Disaster Recovery (DR) maintains replicas of your clients’ systems in the Acronis Cloud and can restore business operations and data availability anywhere, immediately. Orchestration, runbooks, and automatic failover are just some of the ways that Advanced DR ensures painless and efficient disaster recovery.
● Advanced Management provides end-to-end visibility into your clients’ assets and workloads. You can use it to build out client-tailored Windows 11 migration roadmaps. It also allows you to plan and monitor upgrade tasks, as well as verify system health after the migration is complete.
Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 18,000 service providers to protect over 750,000 businesses.