Upgrading from Windows 10 to Windows 11 has become a must-do, especially with Windows 10 reaching its end-of-life on October 14, 2025. This means businesses have a shrinking window to ensure their fleet is secure, efficient, and equipped with the latest tools.
For companies already using Intune, the upgrade is less painful than you might think. Here’s how Intune can make the transition smooth and efficient, keeping your devices up-to-date and secure as you move to Windows 11.
Why Upgrade to Windows 11?
Windows 11 introduces a significant leap forward in terms of security, productivity, and usability. The updated operating system offers:
With cyber threats becoming more sophisticated, a secure OS is non-negotiable and moving to Windows 11 positions your business to stay protected.
Migrate to Windows 11
Here are the 3 recommended high-level steps for a successful migration to Windows 11:
Why Use Intune for Your Windows 11 Upgrade?
If you’re already managing devices with Intune, transitioning from Windows 10 to Windows 11 is a more straightforward than you might expect. Intune offers an end-to-end management platform, allowing you to automate, monitor, and fine-tune the upgrade process without the hassle of a hands-on approach.
If you’re still using traditional update tools like WSUS (Windows Server Update Services), now is an ideal time to make the switch as Microsoft recently announced the deprecation of Windows Server Update Services.
Intune enables:
Migrating to Windows 11 with Intune
-
Set up Intune
Intune is a huge platform with over 10,000 settings and many integrations to other parts of the Microsoft 365 ecosystem;, however, we have compiled a list of 10 steps to success.
- Deploy Intune with a best practice set of security policies, profiles, compliance rules
- Configure Conditional Access policies and self-service password reset in Entra ID
- Integrate Autopilot with a preferred hardware vendor and validate new provisioning process
- Create dynamic assignment groups to deploy applications and OneDrive content
- Configure BitLocker, certificates, EDR agent(s) and Endpoint Privilege Management
- Configure Edge browser settings in Intune for extensions, password blocking and TLS
- Configure Autopatch with deployment rings for OS, firmware, driver and O365 updates
- Setup a tool for 3rd party application patching (e.g. Microsoft EAM, or PatchMyPC)
- Setup Company Portal, Endpoint Analytics and Remote Help tools
- Create a profile for Windows 365 cloud PC (for unmanaged devices and frontline workers)
2. In-place Upgrades for Windows 10 to 11
Here’s a checklist to help you perform in-place upgrades of all compatible Windows 10 machines:
Pre-Upgrade Preparation
- Backup Data: Ensure all important data is backed up (synchronized) to OneDrive / SharePoint.
- Check Hardware Compatibility: Verify that all existing hardware models are compatible with Windows 11 (8th Gen processor, TPM 2.0 and a Secure Core Profile) Budget will need to be assigned for hardware upgrades in the first half of 2025..
- Verify Application Compatibility: Test line of business applications to ensure they work as expected on Windows 11. Applications in compatibility mode with Edge or other browsers will be available until 2029. Applications that rely on IE will not be supported.
- Refactor Policies: Update security policies to leverage new features in Windows 11 and deprecate features from Windows 10. Some security features that were optional in Windows 10 are now set as the default in Windows 11.
- Update Drivers: Ensure all device drivers are up-to-date.
- Free Disk Space: Ensure there is sufficient disk space for the upgrade (at least 20 GB for 64-bit systems).
- Disable Security Software: Temporarily disable third-party antivirus and security software to prevent conflicts.
- Draft Comms: Brief users in advance as the look, feel, navigation and functionality is different. There are some useful resources in Windows 11 itself, as well as on LinkedIn and YouTube.
- Develop Support Resources: Prepare knowledge base articles and FAQs for the upgrade.
- Train the Service Desk: Equip desktop technicians with the tools and knowledge to resolve end user issues promptly.
Upgrade Process
- Download Media Creation Tool: Obtain the Windows 11 Media Creation Tool from the official Microsoft website and create a Win32 App Package to deploy via Intune
- Run the Tool: Launch the Media Creation Tool and select “Upgrade this PC now.”
- Follow Prompts: Follow the on-screen instructions to complete the upgrade process.
- Monitor Progress: Keep an eye on the upgrade process to address any prompts or issues that arise.
Post-Upgrade Tasks
- Re-enable Security Software: Turn on any antivirus or security software that was disabled.
- Check for Updates: Run Windows Update to ensure all the latest updates and patches are installed.
- Verify Applications: Ensure all applications are functioning correctly and update them if necessary.
- Restore Data: Restore any backed-up data if needed.
- Check System Settings: Verify system settings and configurations to ensure they are as expected.
Additional Recommendations
- Battery and Network Checks: Ensure the device is plugged in and connected to a stable network.
- Remove Incompatible Applications: Uninstall any applications that are known to be incompatible with the new Windows version.
- Driver and Firmware Updates: Check for any additional driver or firmware updates post-upgrade12.
Looking Forward with Windows 11
Upgrading to Windows 11 isn’t just about keeping devices supported; it’s about equipping your team with a future-proof operating system that’s built for the modern workplace. With the added productivity features and security that Windows 11 provides, your business will be ready to tackle security and productivity effectively.