Since the advent of Covid-19, organisations have had to rethink the way their employees work. Increasingly, working remotely is how businesses keep their doors open, but what challenges does that present? Specifically, have you been wondering how to manage endpoints now that more employees are working from home?
The workplace is constantly evolving, and to meet its changing needs, organisations need improved collaboration and a more agile approach to control. There is also a desire for a cloud-first focus, as well as increased automation provided by simplified, integrated solutions.
What this comes down to is finding a modern way to manage endpoints, i.e., on a remote basis instead of exclusively on-premises. This is not something that will happen overnight - the journey to modern endpoint management could take a number of years for larger environments.
In a nutshell-one is on-premises and the other is cloud-based. Microsoft's Endpoint Configuration Manager (MECM - originally known as System Center Configuration Manager or SCCM) and Intune might seem similar when it comes to delivering software updates, but the reality is that they are quite different to administer, and they serve different target scenarios.
Configuration Manager Overview
Along with Intune, this tool is now a part of the Microsoft Endpoint Manager (MEM) suite following the recent rebranding. Since 1994, it has been the gold standard to manage workstations and servers, primarily used for deploying applications, software updates, and operating systems.
Intune Overview
This is the cloud variant of Configuration Manager and because it's cloud-based, it doesn't need to be on-premises to operate. It's Configuration Manager’s mobile device and application management counterpart, delivering configuration, applications and updates to devices. One of the benefits of this is that it belongs to the Microsoft ecosystem and natively supports Azure Active Directory and Conditional Access technologies.
Intune was released in 2011, so it isn’t that new, but for many organisations, the feature parity has prevented it from becoming a real contender, as policies and configuration done via traditional management were missing. However, in recent times Intune has caught up. Intune is continuing to evolve – for example:
If your organisation wants to achieve modern endpoint management moving from Configuration Manager to Intune, what would the roadmap look like? Let's break it down into stages.
If you're reading this, it's probably because you’re currently utilizing Configuration Manager for endpoint management. This is the traditional method of managing endpoints and deploying traditional Standard Operating Environment (SOE) on-premises. Achieving a corporate bespoke image ready for deployment is costly in terms of time and effort. On the flip side, once provisioned, the image can be swiftly deployed to many endpoints. These devices need to be on-premises or patched into the corporate network.
You'll likely be using Configuration Manager for:
The upshot is that Configuration Manager is resource hungry and can be time-consuming for your BAU staff to configure and maintain.
The first milestone in the move to Intune is to push updates and apps, while workloads that are more difficult to move to a cloud environment stay on Configuration Manager. What you're doing is combining the power of your existing Configuration Manager infrastructure by attaching it to Intune to gain instant cloud value. Most organisations won't face any additional costs when adopting this hybrid approach, and they'll experience an immediate benefit from remote actions such as device sync, restart and factory reset. Not only that, but you'll benefit from additional cloud-based capabilities like conditional access without further infrastructure changes.
The two fundamental steps include:
The goal is to enrol your Configuration Manager devices into Intune for additional cloud value so that when you're ready, you can migrate the remaining workloads to Intune.
With Intune operational for endpoint management, you'll experience comprehensive provisioning and management of the endpoint device lifecycle from procurement, deployment, and retirement, including the following features:
Intune enables flexible workplaces as it doesn't require on-premises IT infrastructure to operate. It significantly reduces the time and effort IT admins need to manage desktop and mobile work environments. Intune is the new way of thinking for modern endpoint management - a much-needed solution for the world's new normal.
Stay tuned for a future blog on how to use Intune to manage remote work environments. If you’re interested in embarking on this roadmap, Inde may be able to help get Microsoft funding for your organisation.