Modernising Desktop Management – Part 1
An Introduction to Modern Desktop Management
In the past few years, Microsoft has been engaging with the community, and developing their approach to, Modern Desktop Management. Many organisations are aware of some of the concepts, but are reasonably asking the question: “What exactly is Modern Desktop Management?”. This 4 part series aims to explain what Modern Desktop Management is and the ways it can benefit an organisation.
Modern Desktop Management Components
There are 3 components to Modern Desktop Management, these are:
Windows 10 is Microsoft’s latest and ever-evolving Windows operating system. Windows 10 now includes a subscription-based licensing model and a new update lifecycle with Microsoft releasing new features roughly twice a year.
Microsoft 365 Apps for enterprise
Microsoft 365 Apps for enterprise (formerly Office 365 ProPlus) is Microsoft’s premier productivity client app suite which includes Microsoft Word, Excel, PowerPoint and many others, licenced as part of an Office 365 or Microsoft 365 subscription, and regularly updated by Microsoft.
Cloud Based Endpoint Management
A modern cloud-based Endpoint Management solution ensures that all your managed devices are secure, up-to-date, and provides your users with a consistent experience, irrespective of their location.
Traditional Desktop Management
When discussing Modern Device Management, it is first necessary to discuss traditional management methods.
Active Directory and Group Policy Objects
Active Directory (AD) and Group Policy Objects (GPOs) have formed the cornerstone of Windows device management since they were initially released in Windows 2000 almost 20 years ago. The features and capabilities of AD & GPO were available to organisations of any sizes. They provided IT admins with a great deal of control over how their end-user PCs behaved, how users could use their device. AD and GPO enabled admins to update configurations based on many different and changing criteria. However, as various organisational needs changed, it became necessary to specific exceptions or different configurations for different devices or users. All the different exceptions meant that the number of AD Organizational Units (OUs) and GPOs grew exponentially over time. After these have been in place for a long time, the task of rationalising these configurations became so daunting that no IT admin ever wanted to touch them.
Configuration Manager OS Deployment
Many medium and large organisations also use Microsoft Endpoint Manager Configuration Manager (Configuration Manager), in conjunction with AD and GPOs to manage their estate. Some of the most used capabilities provided by Configuration Manager include:
- Zero-touch Operating System Deployment
- Custom Application Deployments
- Application catalogues to allow users to self-service install many approved apps without needing to raise support requests or to grant users local administrator rights on their desktops.
- Advanced endpoint configuration management
- Asset Inventory
- Software Update Deployments
For many organisations, these capabilities offer tremendous power, but often only function correctly when the device is connected to the corporate network. The most common reason for this limitation was that configuring the internet-facing capabilities for Configuration Manager was difficult and offered minimal capabilities. Released in 2018, Cloud Management Gateway is the solution to this problem, designed to simplify the process of extending Configuration Manager to be able to manage any internet-connected devices. At the same time, Co-management enables Configuration Manager, and Microsoft Intune to function together as a cohesive management solution for end-user devices wherever they are.
How do I get started?
In the rest of this series I will outline the benefits of:
- Windows 10 relative to earlier versions of Windows
- Microsoft 365 Apps for enterprise vs traditional deployment of Microsoft Office
- Endpoint management provided by Microsoft Intune
- Extending cloud management with Configuration Manager with Cloud Management Gateway and Co-Management
I will also cover how to capitalise on your existing investment in Configuration Manager with Co-management and the Cloud Management Gateway.
A Helicopter Tour of Intune, MAM, MDM and Conditional Access As an IT pro, you’re likely juggling conflicting interests, especially when it comes to end-user device management. How do you ensure that your users can work from anywhere while protecting your company’s...read more
Content and Code, an IT Lab company, becomes Content+Cloud When we became part of the IT Lab group back in November 2018, we brought our market-leading expertise in Office 365 and SharePoint into a successful managed services organisation, giving it the capability to...read more
Cloud Endpoint Management In the third instalment in this series, I discussed the changes in Office 365 ProPlus, including licensing, deployment, and update changes. Here, in this fourth and final part, I outline the options for Cloud-driven Endpoint management....read more