matomo

How Windows 10 end of support is accelerating modern device management transformation

IT innovation is exploding. Mainstream AI products are becoming more prevalent, and with them come more complex productivity, security and compliance requirements, especially for endpoints. Whilst some organizations are looking to leverage the latest AI products, others are still tackling the transition from legacy to modern device management and updating operating systems to Windows 11. It’s not an easy transition.  

Increasing urgency 

Windows 10 end of support is scheduled for 14 October 2025, and new SCCM features are becoming fewer and fewer. Many organizations are rolling two migrations into one: moving from SCCM (or no formal management) to modern device management on Intune and updating all operating systems (OS) to Windows 11.  

Organizations who are still on Windows 10 come October 2025 will fall behind and be hit with more expenses to stay secure. "Organizations might have to cough up - and not cheaply at that - for security updates. They're going to be missing out on new features in Windows 11, particularly AI features and security features. We're seeing it already. Windows 10 is not end of life yet, but it's the last to get features,” explains Devicie Technical Product Manager, Tom Plant.  

Windows 11 OS implementation is on the radar of most organizations and MSPs, but so far, Windows 10 still has the lion’s share of the market.   

According to Statcounter metrics, May 2024 saw Windows 11 begin to take some market share from Windows 10. As the October 2025 deadline approaches, we expect to see this trend accelerate, ultimately with Windows 11 taking the lead for commercial Microsoft operating system licenses. 

Hardening security with Windows 11 

“For organizations that are wanting to maximize both productivity and security, Windows 11 is the best bet. I strongly recommend upgrading if you can,” says Tom. The OS is packed with new security features which are for the most part, on by default. “For a long time I felt that Microsoft were building all these amazing features, but unless you had Devicie turning them on, no one was turning them on. Now with Windows 11 having those features on by default, there are environments that are getting a lot of benefit out of it,” says Tom.  

Having the features on by default also requires configuration solutions for any conflicts which are created. “Credential Guard can cause havoc because it's incompatible with a few insecure Wi-Fi authentication methods commonly used in corporate environments,” explains Tom. Devicie has a configuration ready to ensure that if Windows 11 does interfere with Wi-Fi, it can be remedied quickly. “Your Wi-Fi infrastructure isn't something you can just upgrade to get it fixed, let alone the time it takes to figure out what causes the issue. We are able to save our customers in some cases weeks or months.” 

For some organizations, moving to Windows 11 will also require a hardware update. Trusted Platform Module 2.0 at a minimum is required to run the OS. “That TPM requirement and newer processors means a lot of older hardware that's been getting by on Windows 10 for a decade or so, it's just not going to be viable anymore,” says Tom. 

Combining Windows 11 rollout with modern device management transformation initiatives 

The Windows 11 rollout presents an opportunity for organizations to uplift devices and device management across the board. “Users are a bit more tolerant to a software change like Windows 11 alongside a hardware change and the experience changes that you get from modern management. We have a lot of customers who use that opportunity to refresh their fleet and deliver a new improved user experience - all bundled into one to minimize effort,” says Tom. 

Moving from legacy management to modern device management requires some adjustment. “A big difference is in modern device management; policy syncs every eight hours. If you're working in an on prem environment, where you have direct network connectivity to your devices you can do syncs in seconds, not hours. But the advantage of that is scale, right? You get that sync in eight hours, no matter where in the world that device is,” explains Tom.  

Approaching an operating system and modern management transformation project can be overwhelming. It requires a new SOE, testing applications and potentially a hardware refresh. If the team isn’t experienced with Intune, there’s also a learning curve to understand and manage it.  

“You're learning a whole new endpoint management framework - so book out a good two or three months just for training. It’s a lot of overhead and a big budget commitment. We see a lot of organizations that will push that as far in the future as possible, especially in the current economic climate,” says Tom. 

Organizations and partners are now using product solutions to configure and manage Intune, provision new devices and update Operating Systems. The combination of Intune and device management hyperautomation products like Devicie enables organizations and partners to swiftly deliver modern device management transformations and automate ongoing device management.  

“They can throw together a pilot group and start testing applications, and they don't need to worry about the security stuff. If their Wi-Fi breaks, they shoot us a ticket and it's fixed. They don't have to spend days figuring out what's broken. And similarly, they get help migrating all these applications. When you’re moving from Windows 10 to 11 and SCCM to Intune there are some user experience adjustments. If you consolidate that into one SOE refresh it saves a lot of time in terms of the communications pieces and the repetitive work that you'd otherwise have to do with two separate migration projects,” explains Tom.  


3 ways modern management makes OS updates easier 

  1. Easy deployment of new operating systems and configuration to ensure productivity and security for the entire device fleet, regardless of location 

  2. Visibility of hardware, warranty status, and OS version to identify required refreshes and measure progress in near real time 

  3. Zero touch provisioning of new hardware to eliminate manual tasks, accelerating rollout of devices which meet TPM requirements for Windows 11  


The fastest path from SCCM and Windows 10 to Intune and Windows 11 

Combining the move from SCCM to Intune with the update from Windows 10 (or prior) to Windows 11 accelerates the Windows 10 to Windows 11 process and delivers enhanced visibility. 

Not only does modern management allow for easier operating system version updates, especially across globally distributed fleets, products like Devicie enhance visibility. Partners and organizations can easily see fleet details including warranty status, OS version, OS patching and application updates. Any devices which need to be replaced can quickly be identified, and zero touch provisioning eliminates the need for IT teams to touch the devices at all, they can be shipped directly to the end user and set up automatically within 30 minutes. 

The demand for modern management transformations and Windows 11 rollouts is only going to soar. MSPs are increasing their capacity to deliver device management to more customers by including hyperautomation products in their toolbox. “Intune is an incredibly complex platform. It takes years to really know the ins and outs. We often see issues with enrollment creating a poor user experience - it might take a couple of hours to get a new device instead of 10-15 minutes. We also see config that can cause poor user experience which can be pretty rough. Maybe the config was written for Windows 10 and doesn't make sense with Windows 11 anymore. We see that a lot with attempted Intune deployments that didn't work out for these reasons and then just get abandoned. Devicie and our partners are able to come in and often we get what the customer was trying to do and we can then deliver the outcome that's actually going to achieve those goals,” says Tom. 

Automation doesn’t mean just accepting a standard template. “Customized config is the key difference with Devicie. We're a hyperautomation platform. We meet customers where they are. A big part of our role is getting customers on Intune from SCCM. We can't just throw a baseline and then let them go. They need a tailored set of configuration, whether that's their industry, or even niche specifics. For example, a lot of our customers still have file shares which is a known pain point to do through Intune, so we have tooling to make that simple for them. Equally, we have a lot of partners whose customers might not have any management at all. They're looking for advice on: ‘what's suitable for this industry? Can you patch an industry-specific application?’ And we do," explains Tom.   

Ultimately, a shift to modern management enables organizations to take advantage of technology innovations faster - whether they’re to boost productivity, harden security or more quickly achieve compliance maturity. The forcing function of Windows 10 sunset will elevate environments into modern management, ready for the next generation of technology innovation.