Modernising Desktop Management – Part 1

May 20, 2020 | Blog | 0 comments

An Introduction to Modern Desktop Management

In the past few years, Microsoft has been engaging with the community, and developing their approach to, Modern Desktop Management. Many organisations are aware of some of the concepts, but are reasonably asking the question: “What exactly is Modern Desktop Management?”. This 4 part series aims to explain what Modern Desktop Management is and the ways it can benefit an organisation.

Modern Desktop Management Components

There are 3 components to Modern Desktop Management, these are:


Windows 10

Windows 10 is Microsoft’s latest and ever-evolving Windows operating system. Windows 10 now includes a subscription-based licensing model and a new update lifecycle with Microsoft releasing new features roughly twice a year.


Microsoft 365 Apps for enterprise

Microsoft 365 Apps for enterprise (formerly Office 365 ProPlus) is Microsoft’s premier productivity client app suite which includes Microsoft Word, Excel, PowerPoint and many others, licenced as part of an Office 365 or Microsoft 365 subscription, and regularly updated by Microsoft.


Cloud Based Endpoint Management

A modern cloud-based Endpoint Management solution ensures that all your managed devices are secure, up-to-date, and provides your users with a consistent experience, irrespective of their location.


Traditional Desktop Management

When discussing Modern Device Management, it is first necessary to discuss traditional management methods.


Active Directory and Group Policy Objects

Active Directory (AD) and Group Policy Objects (GPOs) have formed the cornerstone of Windows device management since they were initially released in Windows 2000 almost 20 years ago. The features and capabilities of AD & GPO were available to organisations of any sizes. They provided IT admins with a great deal of control over how their end-user PCs behaved, how users could use their device. AD and GPO enabled admins to update configurations based on many different and changing criteria. However, as various organisational needs changed, it became necessary to specific exceptions or different configurations for different devices or users. All the different exceptions meant that the number of AD Organizational Units (OUs) and GPOs grew exponentially over time. After these have been in place for a long time, the task of rationalising these configurations became so daunting that no IT admin ever wanted to touch them.


Configuration Manager OS Deployment

Many medium and large organisations also use Microsoft Endpoint Manager Configuration Manager (Configuration Manager), in conjunction with AD and GPOs to manage their estate. Some of the most used capabilities provided by Configuration Manager include:

  • Zero-touch Operating System Deployment
  • Custom Application Deployments
  • Application catalogues to allow users to self-service install many approved apps without needing to raise support requests or to grant users local administrator rights on their desktops.
  • Advanced endpoint configuration management
  • Asset Inventory
  • Software Update Deployments

For many organisations, these capabilities offer tremendous power, but often only function correctly when the device is connected to the corporate network. The most common reason for this limitation was that configuring the internet-facing capabilities for Configuration Manager was difficult and offered minimal capabilities. Released in 2018, Cloud Management Gateway is the solution to this problem, designed to simplify the process of extending Configuration Manager to be able to manage any internet-connected devices. At the same time, Co-management enables Configuration Manager, and Microsoft Intune to function together as a cohesive management solution for end-user devices wherever they are.


How do I get started?

In the rest of this series I will outline the benefits of:

  • Windows 10 relative to earlier versions of Windows
  • Microsoft 365 Apps for enterprise vs traditional deployment of Microsoft Office
  • Endpoint management provided by Microsoft Intune
  • Extending cloud management with Configuration Manager with Cloud Management Gateway and Co-Management

I will also cover how to capitalise on your existing investment in Configuration Manager with Co-management and the Cloud Management Gateway.

Andrew Bogard

Technical Consultant

Andrew has fourteen years of experience working with small and large environments, designing and implementing technology solutions using various technologies including, Azure Active Directory, Exchange Online, Microsoft Intune, Microsoft Endpoint Manager Configuration Manager, Active Directory and many others.

Your Support Hub

We have created a hub to support and highlight the challenges organisations might have to navigate through over the coming weeks. We will evolve the contents of the hub as we discover the additional problems people are facing during this challenging time.

Visit Support Hub


Submit a Comment

Your email address will not be published. Required fields are marked *


It’s Official! Content and Code is now Content+Cloud

Leading UK technology providers come together Back in June 2020 we made the announcement that we were part of a new group brand. From today, Content and Code begins officially functioning as Content+Cloud! Content+Cloud is the integration of both Content and Code and...

read more

Intune Frequently Asked Questions

A Helicopter Tour of Intune, MAM, MDM and Conditional Access As an IT pro, you’re likely juggling conflicting interests, especially when it comes to end-user device management. How do you ensure that your users can work from anywhere while protecting your company’s...

read more