Business Need
As part of The Alliance Group’s migration to Microsoft 365, they needed a way to register and manage devices deployed devices to better protect both company and customer data. This was especially important given that many of their users had transitioned to remote work. This required the ability to remotely wipe devices, manage baseline security functions and enforce compliance policies. The ability to protect company data from being transferred to non-company resources (3rd party email, unencrypted USB drives, personal OneDrive, etc.) was also important to them.
What We Did
Affirma migrated users to Microsoft 365, deployed Intune with Windows Information Protection to the tenant, and provided support for the initial onboarding of users to Intune device management. Additionally, Affirma assessed security needs and developed a user endpoint security strategy which included device encryption, password management, antivirus, firewall, and other device security features. As part of a staged roll-out, Affirma tested all configurations alongside Client IT staff. Affirma subsequently provided training on how to perform onboarding of user devices, as well as support as the Client executed Intune onboarding. This included validation of successful Production onboarding and troubleshooting of issues during the rollout phase, such as AAD Join issues and policy enforcement.
The Result
In addition to assistance in planning and deployment of the Intune service and execution of POC and Pilot deployments, the Client received extensive training on the onboarding process and expected behaviors as Client devices were onboarded. With Affirma’s support throughout the Production onboarding process, all users were successfully onboarded to Intune using the provided configuration. Users were subsequently transitioned from audit mode to full enforcement. By using a group-based assignment approach, policies could be applied to different work groups as needed. This allowed the Alliance Group additional control over compliance and administration of devices regardless of their physical location.