How are you moving your Windows 10 Lace computers to new versions of Windows 10 in a GxP lab?
Lab computer systems seem to get little attention from IT and even less love. Our validated Lace machines are complex to setup and critical to helping departments get work done. We are facing a new hurdle with Windows 10 with end of support (EOS) where Microsoft will no longer release security updates.
There was a major push to get all Windows 7 computers off the network this year. January 2020 was the EOS and final push to remove legacy W7 from the network.
Windows 10 is different. W10 has two yearly *versions*. Each is released with only 12 - 30 months of support. Security patches are released every month during this life-cycle. When a version of W10 goes out of support (EOS) there are no further security patches or support from MS.
Since the 2015 release of Windows 10, Microsoft has significantly changed its operating system (OS) strategy for product updates. Microsoft propensity now is to push significant Windows 10 updates via Windows Update, and to eventually force updates. Windows-as-a-Service approach (WaaS).. The monthly critical security patches are an expected and excepted balance. When they can force a new W10 OS we have to ensure our validated applications function with the labs timelines.
IT is not going to allow old EOS W10 to remain on the network! How are we going to address this every 1 - 2 years? I do not want to have a flood of paperwork or downtime! We deployed W10 (1709) which is EOS in October 2020. We have to get dozens of machines upgraded before November. If I have to do all the same IQ/OQ/PQ procedures for each one there will be a large risk of downtime. Of course you should test first and we should have Waters specify their support.
My suggestion is to treat the new W10 release in a similar way to the monthly patches. Compatibility is what MS is being paid for so Empower should continue to work as before. The IQ/OQ should not be impacted. I don't believe the FDA wants older unpatched nodes risking cybersecurity breaches. So all vendor updates could be considered like-for-like and less risk overall. Higher risk if they are NOT done.
Microsoft's Windows 10 release support policy impacts very short End-of-life and End-of-support details. We are required to install critical security patches each month.
What GxP validated paperwork does that generate on your site?
If you have Windows 10 on your Lace nodes how are you planning to keep W10 updated?
What do you think?