Microsoft Intune is a service from Microsoft that allows you to manage corporate employee devices, both desktop and portable devices. We will help you plan the deployment of Microsoft Intune in your organization: develop the architecture and design, gradually connect all the devices, and help in solving possible problems when working with this system.

    Microsoft Intune is a cloud service located on Microsoft servers in Azure; it allows you to manage the devices that are used by your employees to access corporate data.
    Protect private company information, reducing the possibility of unauthorized access to it, both by company employees and third parties.
    Manage applications on employee devices. Monitor the compliance of devices with the requirements for working with corporate services.

    This service will allow you to design and plan your deployment and start using Microsoft Intune in your company.

    IT Partner responsibilities #

    1. Identify goals and objectives for Microsoft Intune deployment
    2. Identify use-cases and system requirements
    3. Develop rollout and communication plan
    4. System architecture design
    5. Configure Intune domain, users, and groups
    6. License assignment
    7. Resource profiles, configuration policies, and compliance policies setup
    8. Conditional access policies setup
    9. Provide user reference material on self-setup of devices
    10. Force automatic enrollment for domain-joined workstations
    11. Post-implementation break-fix support for one (1) month

    Client responsibilities #

    1. Coordinate Client resources and staff schedules
    2. Provide a dedicated point of contact responsible for working with IT Partner
    3. Coordinate any outside vendor resources and schedules
    4. Participate in the project discussion and provide all the information necessary to implement the solution
    5. Configure all network equipment, such as load balancers, routers, firewalls, and switches
    6. Users must self-enroll their corporate mobile devices
    7. Users can self-enroll their own Windows PCs and mobile devices
    8. Review and approve engagement deliverables in a timely manner

    Additional cost items not provided by the project #

    1. Applications deployment through Microsoft Intune
    2. User training
    3. Device data protection configuration
    4. Thread protection configuration
    5. Device management after-service implementation

    Prerequisites #

    • Enterprise Mobility + Security (EMS) / Microsoft Intune subscription
    • Office 365 subscription (for Office apps and app protection policy managed apps)
    • Apple APNs Certificate (to enable iOS device platform management)
    • Azure AD Connect (for directory synchronization)
    • Intune On-Premises Connector for Exchange (for conditional access for Exchange On-Premises, if needed)
    • Intune Certificate Connector (for SCEP certificate deployment, if needed)
    • Managed device must be compliant:
    • Apple
      • Apple iOS 10.0 or later
      • Mac OS X 10.12 or later
    • Google
      • Android 4.4 or later
    • Microsoft
      • Windows 10 (Home, S, Pro, Education, or Enterprise versions)

    Plan #

    The plan may vary depending on your needs.

    1. Kickoff meeting
    2. Determination of deployment goals, objectives, and challenges
    3. Determination of use-case scenario requirements
    4. Rollout and communication plan development
    5. Design and configuration of the Microsoft Intune environment
    6. Test implementation
    7. Testing and validation
    8. Production implementation
    9. Verification and fixing of issues, if any

    Success criteria #

    1. Microsoft Intune services are configured properly and provide the ability to manage desktop and mobile devices
    2. Devices that were planned to be connected to Microsoft Intune during the implementation stage were successfully connected
    3. The Microsoft Intune administrator can see and manage devices added during the implementation
    4. The Microsoft Intune users and administrator can add new devices to manage them in Microsoft Intune

    Related services

    Password-less Authentication

    The common practice for IT to attempt lessening password risk by employing stronger password complexity, including special characters and demanding more frequent password changes, makes employees' work vastly more complex and decreases their productivity. Most importantly, this approach isn’t enough for current cybersecurity threats and doesn’t deliver on organizational information security needs.

    Automatic In-Place Upgrade to Windows 10

    The simplest path to upgrade PCs currently running Windows 7, Windows 8, or Windows 8.1 to Windows 10 is through an in-place upgrade. IT Partner can help you with an update for any number of workstations in your organization