Windows 10 enterprise has loads of security enhancements. I think, Microsoft invested heavily on mainly on 3 pieces and those are 1. Secure Identities 2. Information Protection and 3. Threat Resistance. One of the most important piece in this is Threat Resistance. Windows 10 Threat Resistance involves around Device Guard (What is Device Guard?) Conditional Access and Credential Guard (What is Credential Guard?). It’s very important to have a secure boot with UEFI to fully secure the Windows 10 enterprise and to use the modern technologies which are mentioned above. In this post, I’m going to share the solution to “Automate migrations from Windows 7/8 to secure Windows 10” from Adaptiva. Using the process explained in the White paper, you can automat the Windows BIOS conversion (to UEFI) as part of Windows 10 migration. This is fully supported way of converting to UEFI via SCCM/ConfigMgr Task Sequence.
The techniques described in this document use standard tools available to any SCCM installation (SCCM 2012, SCCM CB 1511, 1602). No third party software or special tools are required to implement the solution in your SCCM ConfigMgr environment. In addition, instructions are provided to add this functionality to your existing task sequences, including example command lines. In order to modify a computer’s firmware from BIOS to UEFI and Secure Boot you must download each vendor’s BIOS configuration utility. This guide only covers the three major computer manufactures: Dell, Hewlett-Packard and Lenovo so download the utilities which are applicable to your environment.
Download the solution description from the following link “Free ConfigMgr Community Solution: Automate migrations from Windows 7/8 to secure Windows 10“