How Windows 10 will be kept always up-to-date for businesses

Introduction and level of control

Windows 10 isn’t just a new version of the operating system, Microsoft’s Stella Chernyak told TechRadar. “With Windows 10 we have a new generation that’s Windows as a Service.” Part of being a service is getting updated often, but businesses have asked Microsoft to make that easier and cheaper.

“Windows Update for Business is an update delivery mechanism that we expect will help customers adopt the Windows as a Service model,” she explained – that’s because it doesn’t just keep devices up-to-date with the latest features and the latest security updates. “We expect it will also reduce the cost of device management. For the classic enteprise with classic IT tools, the cost of managing devices is pretty high. Windows Update for Business will reduce costs for IT admins and for the organisation.”

“If you look at the Windows installed base today,” she admits, “it’s pretty fragmented. Over many years what selective patching has created in the marketplace is an insane amount of permutations of Windows versions and updates and service packs that creates a matrix for our business customers to support. That makes it very difficult for them to keep their environment reliable and up-to-date and secure.

“Today’s landscape is changing in terms of security threats and customers need to be agile and fast in adopting the latest security fixes. As soon as they’re out, they should be able to deploy them but it’s hard for them because of the fragmented nature of their environment. And of course it’s not just security fixes – they want to take advantage of the latest technologies, their users want that. For that we want to help them take fragmentation out of their environment and get them to the latest known state and the most innovative thing.”

Importance of control

For consumers, she says, Windows Update does “a pretty good job of keeping them up-to-date” – that’s a different approach from WSUS, the Windows Server Update Services businesses use today. “WSUS is a very functional, heavy-duty mechanism for businesses to get updates and select patches and then roll out. It’s good but it’s not necessarily enough to help them get into the new Windows as a Service world or just respond to their business requirements. Windows Update Services continues to be available and customers can continue to use it but they will also have this new option.”

Using Windows Update at work is something businesses have asked for, Chernyak says, but on their own terms. “When we went to businesses and said we wanted them to be on Windows Update because it would help them be more agile, they said to go on Windows Update they need certain features that give them some level of control of what updates are offered to the organisation, but not necessarily as heavy-duty as WSUS.

“So we’re bringing capabilities to Windows Update that essentially give businesses that comfort level, that level of control, while automating the process for them and making it predictable, giving them structure for the updates that come from Windows Update for Business.”

The control businesses get works much like the Windows Insider preview program, where some groups of users get new releases as soon as they’re available and others wait until they’ve been tested and proven stable.

“You can decide how quickly you want certain groups of users to get the updates,” she explains. “You can say there are some internal groups that will get them first and then the general users that will get them next and then the finance department, for example, you want to get them last. It’s up to each organisation how many distribution rings they want – whether they want three or five or ten, to stagger updates in a way that works for their business. For every specific set of functionality they can also stagger it inside their environment to make it truly incremental.”

Smoother running

Chernyak promises that updates will be “much more smooth” but there will still be times when you don’t want the disruption of having PCs restart. “Even for people who get updates almost immediately, you may still want to have maintenance windows – let alone your general users or the finance team. You can put in extra scrutiny – make sure it’s overnight or that there are no updates in the last two weeks of the quarter or maybe no updates every last week of the month. You can just set the schedules.”

Businesses can do that with Windows Update for Business, and “integration with System Center means they can still use it to manage and schedule things … for an extra level of robustness.”

P2P benefits

Windows Update for Business also supports peer-to-peer delivery (something that’s been in Windows Server for a while as Branch Cache, and is already in WSUS), and that helps with both security and bandwidth costs. “Not every machine has to be connected to the internet to get updates; you can use peer-to-peer connections to save bandwidth.”

Windows Update for Business isn’t just for Windows either, Chernyak told TechRadar. “We’re working with Office to have a similar approach. We’re looking to make sure this is a general ‘as a service’ delivery of Microsoft products going forward.”

Getting updates out faster will help Microsoft improve the quality of updates too, she suggests. “It’s win-win – everyone is more secure and up-to-date and we have higher quality. Us delivering updates and IT having control is part of the equation, but it’s also important that we’re getting telemetry back from user systems and that will allow us to ensure higher quality updates. When we ship an update we can see how it’s going and we can immediately take action if it needs our attention.”

But it’s not just about noticing problems with updates – the idea is that lots of smaller updates can be more reliable than a few big changes. “It’s the incremental nature of updates. We used to have these big updates that were rare and hard to consume. We’re changing our approach. We’re getting incremental with small updates so that it’s almost constant, so that it becomes almost a non-event. There is a much higher probability of delivering high quality when you ship in increments and you have telemetry to know if you ship and there is something that is breaking.”

Change in philosophy

This is all part of the change to how Microsoft delivers functionality in products, which is now through updates as much as through new versions (it’s entirely possible that Windows 10 will be the current version of Windows for a very long time).

“I don’t think the volume of updates changes,” explains Chernyak, “I think the frequency changes because it’s the same volume spread in smaller chunks, so it makes it easier for you because you can take every small chunk and react much quicker because it’s easier to fix. It is a different paradigm.

“We’re coming from the idea of a big splash and then silence, then a big splash and then silence again, it’s more like a crank of the pedal on a bicycle and it moves. The more continuous it is, the easier it is for everybody. But with Windows we do understand some people may want to go faster or slower on the bicycle and that is the control we give people with Windows Update for Business – we’re giving them essentially speed control on the bicycle, like different gears.”