Jake Null, a Problem Manager for NetCentrics Corporation, recently participated in a webinar sponsored by Adaptiva focused on the challenges and opportunities associated with migrating to Win10. Here’s a recap of Jake’s Q&A in case you missed it:
1.) Why does a comprehensive survey matter and how would you use it correctly?
Although a survey is one of the simplest things to do when preparing for a migration to Win10, it’s also one of the things that usually gets ignored. Organizations can use a survey to check for software and hardware compatibility and licensing issues, and can also leverage the survey to narrow down customer-specific issues based on configuration and customization. Depending on your customer base, organizations may have a lot of different configurations and customizations. With a survey, organizations can better understand those details, then use GPO settings and security groups to adjust as necessary.In-person surveys can be used the majority of the time – any missing or hard to obtain information can be collected through SCCM, Tanium, or other similar tools. Running a pilot is also a good way to get a handle on what to expect after a full upgrade. Handpick users for the pilot with customer-specific customizations and configurations applied to their user/computer objects. It’s always better to have a problem with one user, or a small group, than to have a problem surface across an entire component, or worse – your entire enterprise.
2.) How do you make sure an endpoint is secured properly after the task sequence completes?
It may seem obvious, but like a survey, basic virus scanning is often overlooked as an effective security precaution. At the application layer, AppLocker can be used to prevent users from installing unsafe software, and tools like Host Based Security System (HBSS) and Host Intrusion Prevention System (HIPS) can be used to prevent unwanted intruders from accessing your network and workstation. These tools can also be used to prevent users from both uploading and downloading data to and from the network (e.g., thumb drives, CDs, external drives, etc.). All of these tools help an organization to protect its data and you can grant permissions and exceptions as necessary.
3.) What are some best practices for managing task sequences?
Organizations should always update their task sequences with new patches to vulnerabilities and drivers to support hardware. A good way to track issues is to track the version of the image they are related to. To verify which version was installed, you can use something as simple as a text file or registry key to track the version loaded on each machine. From there, you can deploy changes to meet the current rollup version you are imaging with; if there is an issue with a particular version, you can find it quickly to correct whatever issue may have affected those customers and adjust the new task sequence accordingly. You can also customize task sequences depending on the customer base through GPOs, security groups, and specific task sequences for different configurations such as laptops vs. desktops. This will allow you to uniquely adjust to meet your customer’s needs.
4.) Why is change management important and what are best practices to ensure it goes smoothly?
Good change management is about knowing what changed, when it changed, and why it changed. The vast majority of the time, when something breaks, it’s because something changed. Keeping track of who made the change, when, and why can help you resolve the issue quickly. It’s critical to have a review board or a change advisory group to review and document all changes on the network within your organization. Although it’s more work initially, proper change management can result in significantly reduced times for problem resolution, outages, and other issues. A problem that may take two or three weeks to solve normally, may be solved in only two or three hours with effective change management.
Is your organization ready to make the move to Win10? NetCentrics Corporation has more than 21 years of experience in cybersecurity and enterprise IT and is a leading provider of enterprise systems management, solutions engineering, service delivery, IT operations, information assurance, and computer network defense. To find out what NetCentrics can do for your organization, find us at netcentrics.wpengine.com or follow us on Twitter @NetCentricsCorp.