How to create and implement a cloud strategy

How to Create and Implement a Cloud Strategy

Cloud-based solutions are helping organisations achieve greater agility, efficiency, and innovation, and even increasing end-user satisfaction. That said, moving to the cloud is not always just as simple as clicking a few boxes and pressing go. It can be a drawn-out or complex process. Any cloud migration strategy requires careful planning and execution to ensure a successful outcome and avoid the typical major pitfalls. 

In this article, we will explain what your cloud strategy should include, why you need one, and how to create and implement one for your organisation.  

We will also share some tips and best practices from our experience as a Microsoft Solutions Partner specialising in Microsoft Azure, Microsoft 365 and cloud migration specialist. 

 

What is a cloud strategy? 

A cloud strategy is a concise viewpoint on the role of cloud computing in your organisation. It defines what you want to achieve with the cloud, how you will get there, and how you will measure your progress and results. 

A cloud strategy is different from a cloud implementation plan, which offers the “how” rather than the “what” and “why”. A cloud implementation plan details the specific steps, actions, and resources needed to execute your cloud strategy. 

You need a cloud strategy because it helps you: 

  • Align your cloud solutions with your business goals and user needs. 
  • Communicate your vision and direction to your stakeholders and partners. 
  • Identify and mitigate the potential challenges and risks of cloud adoption. 
  • Optimise your costs and benefits of using the cloud. 
  • Monitor and evaluate your performance and outcomes. 

Cloud Strategy

What if you don’t prepare for the cloud properly? 

Without a clear and coherent cloud strategy, you may end up with: 

  • A complex and expensive technology estate that does not meet your expectations or requirements. 
  • A lack of coordination and collaboration among your teams and departments 
  • A loss of control and visibility over your data and processes 
  • A reduced ability to respond to changing market conditions and customer demands. 

So, where do you start? 

If you have to ask that question, then you probably need a helping hand.  

Feel free to call one of our Cloud Specialist Architects to get the plan rolling. Call 01235 433900 or email [email protected] and ask about a Free Cloud Readiness Assessment.  

Windows Server 2012 R2 End Of Support – Act Now Or Face The Consequences!

Windows Server 2012 R2 End of Support

If you are an IT professional running Windows Server 2012 or Windows Server 2012 R2 server, you need to be aware that support for these products will end on October 10, 2023. This means that regular security updates, non-security updates, bug fixes, technical support, and online technical content updates will no longer be provided by Microsoft.

This poses a serious risk to your business. You will be exposed to potential security breaches, compliance issues, and performance problems. Alongside several key vendors dropping support for their products as soon as this platform leaves standard support with Microsoft.

You will also miss out on the latest features and innovations that newer versions of Windows Server offer. This includes improved security, scalability, reliability, and efficiency.

Therefore, you need to act now and plan your migration strategy before it is too late. You have two real options and one really bad idea to choose from.

Embrace The Cloud and get all the benefits

Migrate to Microsoft Azure and receive free Extended Security Updates (ESUs) for three years after the end of support. You can move your applications and databases to Azure Virtual Machines and benefit from the cloud’s flexibility, scalability, and cost-effectiveness.

You can also use Azure Arc to manage your hybrid environment and receive automated/scheduled ESU updates and installation. This can simply be a lift and shift for now. Use the three years to get prepared for a newer operating system.

Upgrade your Windows Server

Upgrade to Windows Server 2022 or purchase ESUs for Windows Server 2012. If you prefer to stay on-premises, you can upgrade to the latest version of Windows Server. This will offer enhanced security, performance, and innovation. Alternatively, you can purchase ESUs for Windows Server 2012, which will provide security updates only for up to three years after the end of support. This can only be done if you are on an Enterprise Agreement with Microsoft. For most businesses, this won’t be an option.

Or….

…and you’d be really stupid to do this!

Do nothing and wait to join over 50% of UK-based businesses that suffer a major cyber incident each year. With an unsupported product, it will only be a matter of weeks before a major attack is launched by a threat actor against an operating system using unpatched vulnerabilities.

Whichever option you choose, you need to start preparing now and avoid the risks of running unsupported software.

Don’t know which way to turn…. Then reach out to the Technical Architecture team and we will help you understand your options and support you in the drive to move away from 2012 R2.

We are an IT company based in the UK that advises thousands of businesses, IT managers and leaders on all things Tech. We can help you with your migration plan and ensure a smooth transition to the latest Windows Server solutions. Contact us today and let us help you secure your future.

Windows Server 2012 R2 End of Support

WEBINAR RECAP: Ransomware in the real world. Is your IT Department ready to be attacked?

Ransomware in the real world

Last week, we hosted a Webinar to ask businesses if their IT department is really ready for a ransomware attack.

Over 50% of businesses will be victim of Ransomware in 2022, and the average bill to rectify an attack, considering downtime, people time, device cost, network cost, lost opportunity, ransom paid, and more… will be over £1.3m!

Did you miss it? Or would you like to watch it again? Well, the good news is that we recorded it and you can check it out here:

 

Your Questions, Answered.

A sign of a good webinar is the quality of the questions asked at the end. We had too many questions to be able to answer them all in the time allowed so James and Kosta have answered anything we didn’t have time for during the session.

Remember, if you you would like to find out more about Sophos MTR, have any questions around cybersecurity or need advice for your IT team, please reach out to James directly, [email protected], or call one of the team 01235 433900

 

What about false positives within Powershell and ps1 files, repositories like PSGet, NuGet etc – these constantly get flagged in our org with Defender Endpoint!

We would suggest if these are trusted internal tools they should be excluded from Scanning based on their HASH values or path. If these are dynamic libraries then in Sophos central we would create a policy for staff allowed to use these system tools and restrict all other user access to these tools.

 

How much Sophos will be responsible in case of a Ransomware attack?

If your business only has the Sophos Endpoint products, firewalls or email products in the case of an attack Sophos will provide remote support but hold no responsibility as the configuration and management of the platform is the responsibility of the business. However if the MTR service is in use then the business does have a level of protection from Sophos and the remediation services are covered under your contract.

 

How do we get the board to take cybersecurity seriously? We’ve covered the basics in terms of controls, but anytime I try to increase budget to add additional controls – it gets pushed back.

The best option to get senior management / board to take ownership of cyber security and cyber insurance is to use the scare factor of examples like our cyber victim where all senior management, directors and the board where removed from their posts under gross negligence as part of the work that took place to recover the business. Many of these have struggled to get new roles following the merger of the business because of the legacy association with such a large scale failure.

Michael Davey

What are the biggest cybersecurity threats right now?

The biggest threat remains ransomware and this continues to appear in different forms and flavours but ultimately the goal remains the same and that is to disrupt system usage.

 

Am I spending enough, appropriately on information security-related tools and controls? (Is there a network security or information security tool I should buy?)

There is no golden figure for how much to spend on protection but what you need to do is take a risk based assessment on what protection you have in place and make sure you are covering the full stack and have a solution in place for every risk in the system.

 

Not convinced that cyber insurance provides any real cover

Cyber Insurance is only going to work for you and your business if you have the right tools in place to protect the business in the first place as with car insurance they wont pay out if you are negligent , it is up to you and your business to make sure you have the correct protection in place.

 

Who would you recommend in terms of cyber security insurance providers?

We don’t directly recommend providers.

Cybersecurity health check

If you have someone in your team who is a disgruntled Employee and may be leaving the company and they leave a logic bomb on your network without you knowing it would Cyber Security Insurance cover this or would it then be void as its happened within your own team? What would be the legal response to this?

This is a very loaded question. In most cases, Cybersecurity Insurance will protect against this provided you have all other requirements in place. If however this disgruntled employee was part of your security team, that may raise questions around your employee vetting process and you may need to lean on your employee terms and conditions, specifically your computer misuse act should you need to follow up with legal proceedings.

 

Is the standard Sophos Endpoint not enough either?

We would recommend Sophos Intercept X as a minimum for protection in 2022.

 

Are there any courses that you would recommend for Cyber Security specialisation?

We would recommend you look at CISSP and then anything linked to business solutions you have in place.

 

Are the MTR team UK based?

Sophos MTR is a global follow the sun team. There is a UK team as part of this but to enable truly 24/7 support this is covered by a global team.

 

How do we get the board to take cybersecurity seriously? We’ve covered the basics in terms of controls, but anytime I try to increase budget to add additional controls – it gets pushed back.

The best option to get senior management / board to take ownership of cyber security and cyber insurance is to use the scare factor of examples like our cyber victim where all senior management, directors and the board where removed from their posts under gross negligence as part of the work that took place to recover the business. Many of these have struggled to get new roles following the merger of the business because of the legacy association with such a large scale failure

 

For us, the major deficiency we see today is not with attacks via known end points or servers but the chances of unknown devices being attached to our networks. This is an area which I feel very few companies or vendors are addressing well and cost effectively so I’d love to know if this is an area you guys both Planet and Sophos are investigating/investing in?

There are a number of NAC product’s that have surfaced over the years to try and fill this gap. What we are seeing the the solution for most business now is to terminate all VLAN’s on the firewall and use the synchronised security aspects of the Sophos XGS firewall to remove unwanted network traffic in controlled sectors, with only trusted devices being able to route traffic.

 

Is webinar recorded?

Yes, you can watch it here: https://youtu.be/qLPPw4kndy4

 

 

Please don’t tell me it’s Window’s Defender!

windows defender

Cyber-attacks happen and are increasing in frequency. Certain sectors are naturally susceptible to these attacks; banking, government, healthcare, and energy sectors will always be targets due to the nature of what they do. But did you know that the Education sector is also very high up the list?

Around 20% of all educational institutions have been specifically targeted by cyber criminals, and a MASSIVE 83% of UK schools had experienced at least one cyber security incident. There are many other scary statistics that can be quoted, and you would think that with this information being readily available for review, schools and other institutions would take cyber security seriously; you would think wrong.

 

It’s just not good enough

Here at Planet IT, we have many dealings with the education sector, whether that be providing fully managed support, running security health checks or just the facilitating the procurement of specific classroom hardware, we have seen how vulnerable a lot of school environments are. We talk to schools daily and something that keeps coming up is the widespread use of Microsoft Windows Defender as the sole endpoint security solution. Something else that keeps being apparent on most calls we join is that the on-site IT team are too busy being reactive and fighting fires to spend the time being proactive and looking at the bigger picture.

Microsoft Windows Defender is a consumer-grade antivirus that is native to Windows 10 and comes preconfigured. There is an anti-ransomware element to it, but the testing we have done in the past shows that it is not capable of detecting most live ransomware threats:

education Vulnerabilities Found

So, what should you do?

Well, you should start with an industry-leading endpoint / server security solution such as Sophos Intercept X Advanced which will detect ANY Ransomware attack using the CryptoGuard element (this detects any file encryption attempts and rolls them back using Windows Shadow Copy if any encryption has started by the time it is stopped). This combined with the award-winning Endpoint Protection / Server Protection means that your endpoints and servers would enjoy a very high level of cyber security protection.

With any good security solution should come a good EDR product. EDR stands for Endpoint Detection & Response. This provides additional reporting and threat mitigation tools for your environment.

 

But does this really happen?

A real-world example that I have seen first-hand – we have a large private school as a customer. They were hit by ransomware which took down some critical file servers AND compromised the backups. With Sophos Intercept X Advanced with XDR (Sophos’ EDR offering), we were able to see that not only did Windows Defender not stop the ransomware from running but didn’t even detect it as a threat.

Also, with the recent Log4j vulnerabilities, and further back the Hafnium vulnerability, XDR was a requirement to investigate customers’ environments to easily check if they were open to attack due to these vulnerabilities. With Hafnium, XDR could report what hosts were vulnerable but also if they had been compromised and the location of the remote consoles that had been deployed by the bad actors. We at Planet IT saw at least 2 instances of Microsoft Exchange servers that had been compromised, and our job was made easier with XDR.

 

What if my team just don’t have the time to manage XDR.

The downside of adding XDR to Sophos Intercept X Advanced is that you need the resources to respond and investigate detected threats. Sure, Sophos Intercept X Advanced will of course detect and block any threats it comes across, but any advanced solution like this requires the time to configure and monitor to ensure you get the value from the product.

This is where MTR comes in; MTR (or Managed Threat Response) is a managed SOC (Security Operations Centre) provided by Sophos themselves, and will give 24/7 threat detection and activity reporting among many other benefits that are essential for any security conscious educational institution. With the Sophos MTR service, you can focus your time on ensuring your local infrastructure is running well safe in the knowledge that your Sophos environment is being looked after competently.

Planet IT recommends Sophos Intercept X Advanced with XDR and MTR Standard as the minimum level of protection for any educational institution.

Why the move to an OPEX budget model in education might be driving your business manager up the wall

Education OPEX Budget

For the longest time IT in education has been on a hamster wheel of improvements tied to the yearly capital bids cycle. IT managers rush to get improvement plans and strategy budgets in for their cut off, knowing all too well that 50%+ will be dropped before they even make it to governors. The other 50% won’t make it through the process.

This capital expense programme is built from the necessities of the past. IT infrastructure had typically been the second most expensive item on a schools books after the building itself. No school, college or academy in the past could afford to stretch it’s upgrades over the operational spend of the business unless they committed to long terms lease agreements or payment plans. While good intentioned, these plans often leave the organisation dragging upgrade cycles to 5 years plus rather than their natural 3 years.

With all the changes that 2020 and 2021 have brought, this model has to change, and the main reason for that is the cloud.

The Time For The Cloud Is Now

Now this is not some fantasy of a cloud lead future. This is the reality of a world leaving behind the need for a private datacentre or server room and pushing for the convenience, security and integrity of managed public cloud.

This however leaves a challenge for all of those who are in financial roles in educational establishments. The model of spend once, wait 5 years before investing again, will not and cannot continue to work. Modern IT is mostly based around the per month or per usage model. Think Microsoft 365 and Azure, one is based on your user count or usage count per month and the other is based on the real-world usage of the last 30 days.

 

education servers

But we used to spread the cost..?

Now on legacy, I will grant that you could have purchased Microsoft services on a campus agreement. However, that is asking you to look into your magic 8 ball and hope you guess the right amount of usage for the next 12 months and then pre purchase Azure credits to cover that. This is a massively inefficient approach and misses the key benefit of cloud services – flexibility.

In a real world example you would expect an educational providers usage on a cloud based IaaS (Infrastructure as a service) to look something like:
• September – December (Mild Usage)
• Jan – Mar (High Usage)
• April – July (Diminishing usage as students slowly drop off timetable)
• then late July – Aug (Very low usage)
Now if you are paying for this upfront you need to work out what your average monthly spend should be and then try and guess how much you need to cover this.

This just won’t work, you will either hit your campus agreement renewal needing to pay overages or hit the renewal with hundreds if not thousands of wasted pounds. With Monthly flexible billing you don’t have this issue, you get a bill for what you actually use, now if it’s a critical system you can reserve the instance and gain some savings, but you have the flexibility.

 

This is a new approach for us. How best to do it?

Back to the question in hand and how does your organisation cover these costs?
Well to start with, your business manager needs to change how IT is funded in the budget. Moving the value that would have been placed on an infrastructure refresh into operational spend. They then need to find a way to increase this pot by 5-15% a year to cover cost increases. Now there is still a need for the capital bid, but these should be used for laptops, switches and firewalls and not servers and server licensing. With this shift IT becomes less of a burden as the spend is predictable and you are not looking at £500k investments every 5 years, but instead £80k a year spend on cloud services.

education budget
I often get asked how we work with our education customers to move to the cloud and for me the approach is simple; it’s about understanding. So many business managers have endured years of the CAPEX process and are used to the funding model. What our job is as technical professionals is to illustrate the savings in cooling, powers, facilitates and security that a move to the operational model brings and then work from there to deliver the best experience for the organisation.

If you are an IT manager today about to enter capital bids season, then think like this; bid for the money for your big server replacement but don’t propose legacy equipment and designs. Engage with Planet IT and we can support you in submitting a CAPEX to OPEX bid a support your move to the cloud.

 

Need more help to get it right?

2022 will be the year that most businesses make a major jump to the cloud. Don’t allow your educational establishment to be left behind and looking for answers, we have successfully worked with a large number of educational providers over the last 18 years to modernise and improve their IT for the better, we can do that for you too.

If you want to talk to one of our educational team about how we can help you with your capital bids or moving to the cloud, then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via DM or at [email protected].

The tech that should shape your business in 2022

technology trends

All the way back in January 2021, I wrote an article about what technology trends would shape your business in 2021. Looking back on those predictions, I can say without a shadow of a doubt that for many of our customers these technologies certainly did just that. If the pandemic continues to rear its ugly head some of what I said last year will still echo very true this year. You can read that article HERE.

However, the show must go on. For 2022 I am looking forward to what the new normal has become and how the technology we leverage every day can and must adapt to fit this need. Alongside this, I am exploring the tools, advancements and innovations that will change the way your business operates.

I always want to take these opportunities at the start of the year, to introduce or to develop your understanding of the technology trends we as a leading IT provider are seeing coming over the horizon. Ultimately these are what your business should and will be looking into and adopting to keep your business is safe, secure and able to compete in today’s busy market.

 

Cloud Services

Here we go again… Another year, another year of the cloud. I may have said this last year, and for that matter the last 2 years before that. Cloud Services, be that in the form of IaaS (Infrastructure as a service), PaaS (Platform as a Service) or SaaS (Software as a service), will change your business in 2022 regardless of if you want to let it.

The reason I say this is because we are no longer in an IT landscape where as a consumer you can choose how to run many of the platforms or software your business uses. Your ERP or MIS, most of these platforms are or have completely moved to SaaS or PaaS offering in 2022.

Take Sage for example, the development of this product as nearly completely killed-off on premise or as a standalone. The focus is on the delivery of the cloud hosted version. That may be with Sage directly or one of their key partners.

cloud technology trends

The bad news for IT managers who are cloud adverse or cloud sceptical?

Now is time to change your mind and move with the industry or risk getting left behind with systems and solutions that will only age and cause you greater issues down the road.

Continuing on the vain on SaaS, Microsoft continue to also drive services across to Microsoft 365 in favour of the cloud hosted, forever updated version of their tools vs the previous on premise products, I’m looking at your Endpoint Manager (Intune). This product is going from strength to strength. However it is doing so off the back of SCCM and ultimately galvanising the features from this well-established platform but developing them on Microsoft’s Cloud service. This leaves the on premise version to simply hook into the cloud and co-exist rather than get any substantial upgrades itself.

With businesses that implemented cloud services in 2020 and 2021, they saw an decrease in running costs of up to 50% and an increase in uptime and productivity up to 99.99%. This makes the cloud space one that from a CFO point of view cannot be ignored and from the position of the wider business can only make day to day IT services better.

If you take anything from this about Cloud service, let it be this; They are here to stay. They are the key focus for all software vendors and it’s a case of be onboard or be left behind.

 

A New World for Back-Up and DR

Building off of what I have said above about Cloud Services, the world of back-up and Disaster Recovery is also dramatically changing. This is twofold; you no longer have all your data sat locally on servers, storage and systems, which a local back up can collect and protect. Also, the fact that now, if your data is in a public cloud provider with a 99.99999% uptime guarantee, are you really going to move this data from them to a private datacentre or back to on-premise?

This change is making many businesses have to rip up their back up and DR strategies. For many IT Managers, Business Owners and Businesses, this is causing some hard conversations.

My take on the situation is simple.. Look at what you have now and where your business will be at the end of 2022. If your data is mostly moving to PaaS and SaaS solutions then you need to ensure that as data is moved that each of these providers or systems has a solid separate back up in place. Now for a platform like Microsoft Azure this does not need to be off platform but it needs to be in a different location. So with Azure we would look at Geo Redundancy or even multi-Geo Redundancy leveraging the technologies and services of Microsoft to back up your data to their other datacentres across the globe. If the system is 3rd party hosted like Sage, which I mentioned above, then you need a tool and a location which is away from this provider to store your data. For this I would always recommend looking at AWS, GCP or Microsoft Azure as the level of protection and guarantees you get from these providers is 10 fold that of a private or local storage solution.

If we look at wider IaaS and Infrastructure backup solutions and DR these also need to change. The first thing I will say on this is that tape back up’s are going the way of the dinosaur. (To be honest they should have gone a few years ago). While the logic of having a removable magnetic tape sounds like the right decision for all businesses. In the past few years we have seen that these devices don’t hold up in a DR situation and if they do, they are often too slow to react.

The best solution a business in 2022 can implement is to have an immutable back up in place. This is based on technology and tools that allow for near instant recovery. As we have seen time and time again businesses cannot support multi-hour or day outages in a disaster. Traditional back up technologies and techniques are beginning to leave business’s vulnerable to large periods of downtime in a true disaster situation.

If you are thinking about how your business should be protected in 2022, why not reach out to the team and we can talk you through in detail the cloud era back up approach to support your business.

human firewall

The Human Firewall

I said it last year and I will say it every year until I go blue in the face! We need to invest as much time into training our staff to ensure they can be safe and secure when using the systems and solutions that as a business we expect them to use. That is why in 2022 The Human Firewall continues to be one of the key areas of development we believe all business should be investing heavily into.

By this we mean training your staff to know what is safe and is not safe in the digital world and how to prevent risks to the business.

Now with this there has never been a one size fits all approach. There is however a logical approach which will prevent your business being open to risks that exist on your doorstep. We can teach our staff in 2022 to stop, deal with and report these problems. By doing this, then we increase the ability of a business to be robust and secure and remove the guesswork from the technology we need to ensure a business is safe. This coupled with MFA massively reduces the risk of account credentials being compromised.

For me as we enter 2022, the Year of the Human Firewall (2021) continues and I am now campaigning for the decade of the Human Firewall! So please go and train your staff and protect your business!

 

Silicone…. Oh Silicone

For some reason I have left the doom and gloom to last, but it has to be said that what ultimately will shape many businesses in 2022 is the continuing silicone and chip shortages. We are now 2 years into this problem and it is not getting better. We have all felt it. Consumer devices like the PS5 and Xbox Series X which where like gold dust for another Christmas. Servers and Laptops which are still being delayed by months at a time. We will all continue to feel the pain while the chip making industry rushes to fix the supply and demand issue.

As a cautionary tale for 2022, if your organisation is looking at a large refresh or even a big project this year which is time critical, think and act early when it comes to device purchasing.

We have seen wireless access points being delayed by 365 days from certain vendors in 2021. If your new office space or move is critical then this could cause you serious issues. Alongside this you have to think that every business will be in the same boat in 2022 so don’t be the one who gets caught out by lead times. I would also say don’t hold your breath for a new car any time soon as it seems the motor industry, with its love hate relationship with technology providers, has finally realised it’s not good to be at the bottom of the queue!

 

To stay ahead of the trend…

In conclusion 2022, like 2021 and 2020 before it is going to be a very different year to the 10’s that proceeded it. Cyber criminals and the threat landscape changing everyday, new vulnerabilities and risks appearing on a daily basis, for systems which are integrated in all of our lives and with potentially dramatic effect. However as business owners, technical professionals or employees we need to switch our approach and ensure we are using these changes to make our business ready for this continually changing landscape as we move forward. Think forward, think ahead and don’t get caught out by 2022 as I believe it will be a huge year for IT change.

 

If you want to talk to one of our experts about how we can help you in 2022 then please call 01235 433900 or you can email [email protected] or if you would like to speak to me directly you can reach out to me via LinkedIn or at [email protected].

Windows 11 is here. It’s glorious but hold your horses!

Windows 11 is here

Windows 11 has arrived with a fresh new look, increased speed and a whole host of new and improved features. However, if your business is looking at Windows 11 and thinking, “we only just got off Windows 7”, now is the time to be thinking about the future.

 

You don’t need to update today of course; you officially have until the 14th of October 2025 to get your estate from Windows 10 to 11. However, as many businesses learnt the hard way with Windows 7, the migration to a new operating system is not all plain sailing.

 

Windows 11 brings its own complications and challenges, when it comes to application support, hardware support and the overall end user experience. All of these can be overcome but only if the business understands them and understands how to combat them.

 

How should you start the roll-out?

Our suggested approach is that from November 2021, a strategic steering group be created within your business to test, run, and live with Windows 11 as their primary business device. The aim of this is to begin to unpick the operating system in your business and ultimately to ensure business functionality.

 

We will recommend that for these users, a spare Windows 10 device is kept in your office to provide to these members of staff in the case of a failure. This will ensure your user can get back working in a short space of time, however as a business you need to start assessing and understanding the impact that Windows 11 will have on the company and then laying the foundations for migrating across to the platform with-in one year from active support (October 2022).

windows 11 surface devices

Why starting early is key for business continuity.

This adoption is crucial because many businesses were impacted negatively by holding onto Windows 7 for far too long past its good end of life. This was in part due to the fact the businesses had not invested the time into ensuring they understood the business change and how to successfully manage this. It is vital that this process is started early, the issues learned and how to overcome these. From this you can then develop a staged team by team plan, alongside the testing to ensure that once a satisfactory level of business support and satisfaction is reached that users begin to migrate over from Windows 10 to 11.

 

The Big Rollout.

We suggest completing the migration in a team by team, location by location and in a phased approach. We would suggest that any business needs to be off Windows 10, 1 year before the end of support in 2025 as you do not want to be in the same potion that many where come the end of Windows 7 support. You must remember that once this date hits any system still on this legacy operating system will be at risk from attack and will increasingly be a target for cyber criminals.

 

If you would like to discuss with myself or any of the Technical Architecture team at Planet IT about how you can get ready for Windows 11 you can reach us using the contact details below.

 

Contact me at – LinkedIn Message James Dell or Email: [email protected]

 

Call 01235 433900 or Email: [email protected]

windows 11 launch

Webinar Recap: Microsoft New Commerce Experience – Big changes are coming!

Microsoft NCE changes

This week, we hosted a Live Webinar where we outlined the upcoming changes to how Microsoft sell their licences and it affects organisation of all kinds – what Microsoft are calling their New Commerce Experience (NCE).

🚨 As a Microsoft Gold Partner. we were one of the first in the UK to present this. We were so early in fact, that only a couple of short hours after the webinar, Microsoft announced that they will be pushing back the release date for New Commerce Experience from October 14 2021 to January 2022! 🚨

The reality is, that it is still happening. This just gives us a little more time to decide on the licences that best suit your organisation.

So please still watch the webinar recording below. All the information is still key to making the right decision for your business. To ask any specific questions about your situation, reach out to your Planet IT account manager or email [email protected].

On the webinar, our resident Accredited Microsoft Experts, James Dell & Adam Harrison covered:

✅ The price increases for CSP licences.

✅ Open licensing is moving to CSP. How will this affect you?

✅ How the Enterprise Agreement resizing will affect you.

✅ How CSP licensing terms are changing.

✅ How these changes effect your existing licensing

 

Did you miss it? Or would you like to watch it again? Well, the good news is that we recorded it and you can check it out here:

Your Questions, Answered.

We received lots of questions throughout the webinar and did our best to answer them. Watch the recording to see if your questions would be answered at the end, however if you have any more, please reach out to James himself on 01235 433900 or email directly: [email protected].

Remember to ask him about our Microsoft 365 health Checks!

 

 

 

 

Windows 365 – Windows 11 Comes to your Browser!!

Cloud PC Windows 11

Microsoft has just announced a new “Cloud PC” product where users can stream windows devices from anywhere!

When COVID-19 hit, many people in offices were forced to start working from home. Because of this, Microsoft sped up into the development of Windows 365 so people, wherever and whenever, can work more collaboratively.

Windows 365 will work similarly to what we know as game streaming. The computer will be hosted in a data centre, somewhere remotely, and then streamed to local technology.

This means all sorts of devices from anywhere, ranging from family computers in your home to monitors in the office, that runs Windows desktop can leverage Windows 365 and then you can close the session knowing that your data is safe, secure and saved.

Security Is Key

It is way more secure than working on a local PC, as your local PC is most likely full of personal applications, data and untrustworthy applications, which may go against your business practices. Windows 365 then solves multiple problems such as keeping Word documents and important PDFs where they belong, in business cloud storage, and not at risk of exploitation.

Additionally, Windows 365 will have ultra-fast connections to Azure and Office 365 data, which is very useful when it comes to handling data and finding sufficient ways of sharing workload amongst peers.

Microsoft is marketing it as the new way of using a PC, they want to find a way of demonstrating and solving the difficulties of working from home, so as they state, it is a “hybrid Windows for a hybrid world”.

 

So when do we get to see it, and how does it work?

The software will launch in August for business customers of all sizes however under the technical covers of it all, it is built on Azure Virtual Desktop and managed through Microsoft Endpoint Manager (MEM), Microsoft’s cloud-hosted device and application management solution and for those without MEM, tools are directly integrated into the Cloud PC portal. A MEM licence is therefore not essential.

Windows will also use multi-factor authentication capabilities and admins can apply security policies using MEM if needed. Furthermore, Microsoft has designed a custom “security baseline” meaning a set of policies can be applied to Windows 365 as a simple baseline, however, you can modify this to fit your criteria.

There are even plans in the future for an offline mode, though this will not be included in the initial release. When that happens, they would then be supporting an offline mode where the whole virtualisation environment can run locally and be isolated from your local operating system. When your connection gets restored then that workload will automatically move back up into the cloud. In the complex cybersecurity environment we have seen, businesses need a solution that helps their employees collaborate, share and create while also keeping their data secure.

If you want further information about Windows 365 and how this could change your business practices, then please feel free to reach out and get in contact using the details below

Call 01235 433900 or Email : [email protected]

 

Harriet Besford

This article was written by 17 year old Harriet Besford, a Didcot Sixth Form student who joined us at Planet IT for a week’s work experience. Harriet has a keen interest in Cyber Security with plans to study it at University. I think from reading this article, you will agree that she has a strong future in this field!

 

It’s Time Your Business Adopted UEM, And This Is Why!

UEM Endpoint Device Management

The way in which we manage our workforces’ devices is changing. Gone are the days of large, overly complicated on-premise management solutions like Quest (Dell) KACE and Microsoft System Centre. With the continued drive of remote working, flexibility and ultimately employee separation our management tools need to change, now.

Luckily, Microsoft where ready for this move to remote management. They and have spent a long time and A LOT of investment in turning the 2011 product of Microsoft Intune into the 2021 product, which is now known as Microsoft Endpoint Manager, a now formidable UEM (Unified Endpoint Management) tool.

Evolution – just in the nick of time

The original Intune product was designed to answer the question of the time: How to we provide some form of management to the changing device landscape? With the launch of new form factors, and splitting operating systems at the time, this EMM (Endpoint Mobility Management) tool focused on delivering the same basic functional control across the spectrum of devices it supported.

Microsoft is not a company to miss a shift in the market. They released that as we moved into the late 2010’s and into 2020’s that business no longer wanted two products, one to manage devices onsite and one to manage them in the cloud. With this they began the process of taking the features from Microsoft’s System Centre Configuration Manager and merging them with the EMM tool, Microsoft Intune.

This process happened just in time to be ready for the world shifting events of Early 2020. The now mature product from Microsoft gave the best of Config Manager, Intune’s EMM and the fringe features of MDM and MAM that the suite had been dabbling with.

intune device management

So, the question then becomes, why are you not using it?

For nearly all business,Microsoft Endpoint Manager can play a huge part in ensuring:

1. All your devices controlled,

2. Windows is up to date,

3. patches and software are being deployed and managed.

This on its own takes away 3 key functions you may have existing systems in place to support. However, the largest success for Microsoft Endpoint Manager comes in the form of flexibility. Your users don’t need to be on your VPN, in your network or even in your country to get software updates or even new packages.

This is only then strengthened when we look at the white glove, of out of box experience which can be leveraged with Autopilot.

UEM Device managementImagine you never had to build a laptop again!!

Wouldn’t that just be great? Not only that, but imagine that if a device needed to be moved from user to user. Then you could remotely reset and deploy a fresh version of the operating system and all applications to the device, join it to the domain and have it ready to be reused.

Well with Endpoint Manager and Autopilot you can do just that! The core logic behind the approach is that you don’t need to touch a device to get it ready to use.

Now this can either be directly from the factory or on a previously managed device. This will reduce the time to resolution on support issues and ultimately free up you and your team to work on project that are more important.

With this process, gone are the days of creating a gold image having to run sysprep and then trying to configure the Out of Box Experience with an answer file. Microsoft has simplified this down to a steps-based process. This uses the latest image from Microsoft alongside an answer file based on the Microsoft Endpoint Manager interface, not on a text file. This combined gives you a great position to show business improvements from a system implementation.

Where can YOU make improvements?

The biggest question to ask yourself is where could you optimise your;

  • device management,
  • system imaging,
  • software deployments,
  • application installations and updates,
  • operating system updates
  • and device provisioning?

If the answer is that any of these could be improved, then Microsoft Endpoint Manager is the platform you need to be looking into.

These are just some examples of what Microsoft Endpoint Manager can do. I would be remised to say that the above is a fair representation of all that the suite has to offer. The product is massively impressive and continues to develop and grow as Microsoft as a company moves away from the legacy of its on premise-based solutions to a truly cloud driven SaaS approach.

I know taking this step might seem like a leap in certain circumstances. However, I am always available to discuss how you can leverage better device management for your business. As are the rest of the Technical Architecture team at Planet IT

Please feel free to reach out using the contact details below:

Contact me at – LinkedIn Message James Dell or Email : [email protected]

Call 01235 433900 or Email : [email protected]

Looking for a technology partner?
Let’s talk

  • This field is for validation purposes and should be left unchanged.