MSP guide for Windows 11: When should you switch your clients?

Acronis
Acronis Cyber Protect Cloud
for service providers

Microsoft began rolling out Windows 11 on October 5, 2021, and the rollout is expected to continue through mid-2022. The upgrade is free for Windows 10 users, but the adoption rate is relatively low. The highest estimate comes from the AdDuplex Report for November 2021, which estimates that Windows 11 runs 8.9% of the world’s PCs.

This blog post guides MSPs about when to upgrade clients to Windows 11 and how to overcome the challenges of managing this major migration at scale.

Upgrading Windows 11 clients: When is the right time?

The word on the street is that the main difference between Windows 10 and the first version of Windows 11 is in the end-user experience. Some key features of the new look and feel include:

●     The Start Menu is centered on the screen and has less cluttered design.

●     Define multiple virtual desktops (personal, work, kids, etc.) and toggle easily among them.

●     The ability to download and run Android apps natively.

●     Customize Snap Layouts for running applications, which is great for large monitors or multiple screens.

●     An upgraded Microsoft Teams is pinned to the Taskbar and delivers an enhanced chat experience.

●     Access to personalized widgets directly from the Taskbar.

But it’s not all about UX. Windows 11 was designed to leverage the next generation of powerful processors and boost performance and security. For example, Windows 11 manages memory to optimize the performance of apps running in the foreground. RAM remains energized during sleep mode, so the PC wakes up significantly faster. In addition, Windows 11 streamlines the disk usage and I/O footprints of non-critical apps by seamlessly loading system binaries on demand.

In terms of security, Windows 11 offers Virtualization-Based Security (VBS), which creates a secure memory region that is isolated from the operating system (OS) and protects against exploits that target OS vulnerabilities. Yet another Windows 11 security feature is Microsoft Defender Application Guard, which creates an isolated memory instance of the browser, protecting systems and data from untrusted websites.

However, there are also compelling reasons for not rushing your clients into a Windows 11 upgrade. First and foremost, experience has shown that waiting for later versions of a new Windows OS is less buggy, more secure and more feature-rich. Yet another consideration is that your clients’ endpoints may not be compatible with Windows 11. This issue is discussed in detail in Windows 11 hardware and system requirements below. Lastly, Microsoft has made it clear that Windows 10 will continue to be supported for four more years — until October 25, 2025. In fact, in an unprecedented move, Microsoft released a new version of Windows 10 (21H2) after it released Windows 11.

Remember, although you may not push clients to upgrade to Windows 11, some will expect or demand it. To maintain a reputation as a leader and innovator who stays one step ahead of clients, you should be ready to support a well-orchestrated Windows 11 rollout.

Windows 11: MSP upgrading challenges

This section highlights the key challenges that MSPs face when it comes to migrating their client base to Windows 11.

Windows 11 hardware and system requirements

The minimum system requirements for Windows 11 installation are quite high. Therefore, when migrating customers to Windows 11, the first MSP challenge is assessing the compatibility of their current devices and estimating the cost of upgrades, if required.

Microsoft maintains a comprehensive Windows 11 specs, features and computer requirements portal. As of this article’s publication, the minimum system requirements are summarized below in Table 1. In addition, feature-specific requirements should be checked carefully against your clients’ device inventory.

Table 1: Minimum system requirements for installing Windows 11 on a PC

Acronis
Windows 11 minimum requirements

There are several ways to pre-check locally if a computer is Windows-11 compatible:

●     Use Microsoft’s free PC Health Check app.

●     Locally run a Hardware Readiness script provided by Microsoft from an elevated PowerShell prompt.

●     Use open-source apps such as WhyNotWin11 or CheckIt.

As an MSP, however, assessing your customers’ fleets of computers one by one can be time-consuming and prone to error. Instead, use your RMM stack — or a Microsoft automation tool or services like SCCM, Endpoint Manager, or Intune — to run the Hardware Readiness PowerShell script at scale. You can then use the data to prepare a cost / benefit analysis so your clients can decide on their optimal Windows 11 migration roadmap.

With your guidance, they could postpone a migration altogether or start with already compatible devices and continue the migration as new devices are provisioned. You can also enhance the value as an MSP by assuring clients you can manage their full range of active OSs, from Windows XP to Windows 11 and everything in between.

Secure Boot and TPM enablement

Secure Boot and Trusted Platform Module (TPM) 2.0 must be enabled on all machines attempting to install Windows 11:

●     ·Secure Boot is a software feature that controls which OSs can be active on the PC. It protects against invasive malware, such as ransomware, that can take over the machine.

●     TPM is either a standalone microchip or part of firmware that secures hardware and firmware at computer startup. TPM has been mandatory on Windows’ machines since 2016. Windows 11 requires the latest version, TPM 2.0. The requirement to enable TPM 2.0 only applies to the manufacturing of new devices.

You most likely ensure that the most up-to-date Secure Boot and TPM versions are installed and enabled on your client’s machines. However, to run a smooth migration to Windows 11 at scale, you should use your endpoint management stack to verify that all the target machines comply with this requirement.

How to avoid data loss during a Windows 11 upgrade

Your customers count on you to protect their data assets from loss or corruption. To that end, you have likely implemented a robust cybersecurity platform that proactively prevents insider or external attempts to delete or steal data. But what about data that is accidentally deleted or misplaced due to human error — or, in this case, an upgrade gone wrong?

In theory, the upgrade to Windows 11 will have no impact on data. Whether carried out through the Windows Update interface or by downloading the Windows 11 ISO file (for Microsoft Insiders only), at the end of the installation, the data and files should be intact and available where they were before to the update.

However, it is known that upgrades can fail now and then due to unexpected hardware failures, undetected software incompatibility issues, insufficient storage space, and so on. A failed upgrade could result in data loss. Thus, Windows 11 upgrades must be carried out within the context of a disaster recovery plan. This includes ensuring that, before the upgrade, all data and system files have been backed up, are clean from malware and that the backup has been tested.

To do this migration painlessly, consider using Acronis Cyber Protect Cloud.

 Acronis Cyber Protect Cloud

The Acronis Cyber Protect Cloud is an all-in-one solution that combines data protection, cybersecurity, and endpoint management within a centralized command and control console. Built with MSPs in mind, Acronis Cyber Protect Cloud integrates seamlessly with the leading RMM and PSA systems. With Acronis Cyber Protect Cloud, you provision just one agent to deliver a wide array of services, including backup and recovery, next-gen anti-malware, email security, workload management, file sync and share, and notarization.

Out of the box, Acronis Cyber Protect Cloud supports worry-free Windows 11 migration at scale by delivering the industry’s best cloud backup and recovery solution. Its full-image and file-level backup and recovery capabilities continuously protect your customers’ workloads across all endpoints and on over 20 platforms, with near-zero RPOs and RTOs.

You can also add advanced protection packs to further enhance your Windows 11 migration activities:

●     Advanced Disaster Recovery (DR) maintains replicas of your clients’ systems in the Acronis Cloud and can restore business operations and data availability anywhere, immediately. Orchestration, runbooks, and automatic failover are just some of the ways that Advanced DR ensures painless and efficient disaster recovery.

●     Advanced Management provides end-to-end visibility into your clients’ assets and workloads. You can use it to build out client-tailored Windows 11 migration roadmaps. It also allows you to plan and monitor upgrade tasks, as well as verify system health after the migration is complete.

To see how Acronis Cyber Protect Cloud can help you deliver superior client outcomes, including smooth migrations to Windows 11, watch a demo or simply get started.

About Acronis

A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.