Finding Your Environmentally Sound Windows 10 End of Support Strategy

Last week I attended a discussion in Leeds hosted by Optimo on the subject “Sustainable Bytes: Green Machines”. Of particular interest to the discussion was the upcoming end of support for Windows 10. What this exactly means is that the OS will continue to function but will no longer receive security updates. Without patching against vulnerabilities those Windows 10 PCs will require removal from an organisation as they will pose an unacceptable risk to security. I have seen and heard various statistics but it’s estimated that between 200 – 600 million PCs won’t be able to support the upgrade and as a result will get disposed of. Somehow.

Old computers. Photo by Daniel Dan via Pexels.

Globally e-waste is an increasingly problematic issue that needs desperate attention. Although many of us will go to the effort to recycle devices at the end of their useful life to us it’s not always the case that IT waste is recycled completely. Not all components can be “economically” separated from each other, some components will contain toxic materials and sometimes e-waste is shipped to faraway places where it’s just dumped anyway. That’s regrettably just the start of the problems too.

As a company Digital Incite and Matter Ltd are committed to finding solutions that address the mountain of e-waste humans are leaving behind. So as there’s one year left until Windows 10 is no longer supported by Microsoft here are some strategies that can be used to prevent your otherwise working devices from ending up as scrap.

The first thing you should do is check the upgrade report in the settings app to see what the exact reason you can’t upgrade to Windows 11 for. It may be as simple and straightforward as the TPM hardware is disabled in the firmware settings. In which case check with the PCs documentation for assistance getting to the firmware settings and which setting to enable. You should then check Microsoft’s list of supported Intel or AMD CPUs for Windows 11 to confirm your device is supported.

You can install Windows 11 on unsupported hardware by various means but we’re assuming that your organisation requires official support without complications either from the device manufacturer or Microsoft. We’ll leave you with the idea surrounding that though.

Purchase Extended Security Upgrades (ESU)

An immediate solution without having to do much is to invest in Extended Security Upgrades. The cost of which is $61 per device for year 1. The cost increases each year but there is a discount of 25% if you use Microsoft’s cloud management tools such as Intune. Anyone using Windows 365 receives this for free as well and we understand that educational establishments will also be given a significant discount.

The downside to this solution is that it incurs a significant cost especially in organisations that have many Windows 10 devices. You should also double check with your software vendors as to their support policy for their apps. You may find they drop support for Windows 10 anyway. It also needs to be noted that this solution is for security updates only. There are no bug-fixes, design changes or additional technical support given through this.

We recommend this solution sparingly as the investment can be substantial. If your organisation has a handful of devices nearing the end of service (circa 10 years we try to aim for) then this might prove a good choice in the short-term as opposed to purchasing new devices straight away.

Replace with an Alternative OS

Windows is a favoured choice of many organisations but it’s not the only OS out there. Linux distributions like Ubuntu are increasingly popular and viable in the workplace. Such operating systems are not just trusted, reliable and secure but are also free of cost. This makes it an economical solution for replacing Windows.

A potential downside to using a Linux distro is the software support. Not all application vendors offer support for Linux. Microsoft Office for example does not have support for Linux. Alternatives such as LibreOffice or Collabora office are widely but not completely compatible with Microsoft Office document formats and as such may not 100% fit in with your workflow.

Replacing Windows 10 with a Linux distribution is a great solution as it will allow continued use of the hardware. Organisations that use a browser based workflow should strongly consider this

Reworks

If the only reason you can’t get Windows 11 installed is hardware limitations and alternative OSes aren’t possible then another avenue to explore is the possibility of upgrading or replacing the internals of the device to address whatever incompatibility that has arisen.

If the issue is a lack of support for a TPM (Trusted Platform Module) then the chip can usually be attached to the motherboard header of a desktop PC and can be acquired for around £20. Do check to see if your device just needs firmware based TPM enabled in the settings first however.

Alternatively if the CPU is not supported then looking at upgrading hardware is a nearly last resort. It should be noted that Windows licences are tied to the motherboard (the licence is stored as a firmware variable). As there would be almost certain to have to upgrade the system motherboard to gain a supported CPU (particularly Intel CPUs which generally change socket every generation) you may find having to acquire another licence for Windows anyway. Despite this potentially chassis, power supply, memory, and storage devices can be reused. This would effectively make your device a “custom build” which may still be a good option for higher end devices. Otherwise you may find some of the parts – particularly storage devices, GPUs, and sometimes memory – as useful spares or upgrades for other PCs.

This option is unfortunately a little bit trickier than the others given often limited options particularly around finding compatible upgrades but it’s still worth consideration.

Conclusion

Although the end of Windows 10 means that some hardware becomes “obsolete” it’s definitely not the end of the line.

We call upon Microsoft and their hardware partners to support devices for as long as possible instead of planned obsolescence. The needs of the planet and human society need consideration when an OS becomes “unsupported” rather than shareholder first marketing plans to sell new hardware when the ecosystem struggles to deal with the disposal of the hardware already in circulation. Some models of laptop and unfortunately PCs are becoming harder to upgrade & repair and we don’t agree with that principle at all.

Digital Incite and Matter Ltd are here to help when it comes to creating an environmentally considerate strategy around hardware procurement, service and end of life policy for your organisation. Feel free to get in touch with us for help and assistance.

Windows Server 2025 Now Available

Microsoft have recently announced the availability of the next version of Windows Server. Through retail or channel partners Windows Server 2025 is now ready for deployment in both your own datacentre or in public cloud environments.

Windows Server 2025

There are many areas of new features and improvements in Windows Server 2025 including enhancements to Active Directory Domain Services (ADDS), security, performance, software defined networking, general management, and much more.

As with all previous releases of Windows – server and desktop – it will take some time before applications are certified to run on the new release. That being said it’s well worth evaluating Windows Server 2025 for any near term deployments you may be considering. Although Windows Server 2022 will continue to be generally supported moving towards the latest version of the Microsoft server system is recommended for maximum longevity and taking advantage of the latest improvements.

Whether you’re considering a new deployment, a cloud repatriation strategy to reduce costs or need to move away from older versions of Windows Server that are no longer supported Digital Incite and Matter Ltd have the knowledge and expertise to help. Please contact us today to discuss your upcoming projects.

Seriously, Stop Using Windows Server 2012 & 2012 R2!

(Also SQL Server 2012 please)

Extended support for Windows Server 2012 and 2012 R2 expired on October 10th 2023. We’re coming up to November 2023’s Patch Tuesday which means that there’s really, really, really no life in Server 2012 or 2012 R2 any more in case that first deadline wasn’t important enough. Hacking crews out there will highly likely be able to spot a vulnerability in Server 2012 / R2 by checking out the vulnerabilities for Server 2016 and newer. So in other words if you’ve not planned to be off Windows Server 2012 / R2 by now you’re a bit stuffed. That is unless your organisation’s forking out for Extended Security Updates in which case you can breathe easy a bit longer.

If you are in the UK have Cyber Essentials renewals coming up you either need to be shut of the servers or segregate them somewhere off the main network to their own retirement VLAN before the audit starts otherwise you’ll fail it. Don’t say I didn’t warn you.

Don’t Just Move It To Azure!

Yes it’s true that you can move your server to Azure and get an extra three years of security updates included in the price of the VM service. Three years sounds a lot of time but that will run down before you know it. So don’t kick the proverbial can down the proverbial road.

Moving a series of servers from a private cloud or IT infrastructure to a hyperscaler can also be costly in direct costs for the VM (CPU, memory, Operating System, disks, etc) but may also result in hidden fees in terms of having to build remote access solutions bring in consultants and even patch the application. It’s generally cheaper to run VMs in a private cloud if they are needed 24/7 so check costs carefully.

Mark Your Calendars for Windows Server 2016 End of Extended Support

January 12th 2027. It’ll be here before you know it.

Windows 11 Launch Next Week

Microsoft will be releasing Windows 11 on October 5th 2021. The anticipated OS will bring a fresh look and core improvements to the operating system.

I have not yet used Windows 11 myself however initial impressions are that the revised user interface looks smart and overall more cohesive than before. I also hope that the vision for the development of the OS is more complete. I felt that Windows 10 ended up more of an “us too!” project following trends set out by other OSes instead of focused goal to improve the OS that we all work and play on. Let’s not forget release 1803.

This will be the first Windows OS since Windows Vista that I’ve not upgraded to on release. This is regrettable however it’s down to the fact that I’ve not upgraded hardware due to Spectre & Meltdown and then the COVID-19 pandemic and thus have no hardware that can support it. For all the controversy over the TPM and processor requirements I think these are becoming overblown. TPM should be available as part of any recent PC or easily obtainable through an add-on module. The processor requirements increasingly look like it’s a performance question when virtualisation based security is active. Older devices have to emulate the CPU instructions that HVCI needs thus incurring a performance penalty. It is absolutely the wrong timing for Microsoft to push steeper requirements. It’s absolutely not the best time to be adding to e-waste issues by encouraging users to throw out hardware. Fortunately Windows 10 will still be available and supported.

I really do feel that we’re in a different world now. Mine and your primary computer are arguably no longer a Windows machine but the phone that you’ve got in your hand. For that reason I won’t be chasing the latest and greatest Windows release.