Every month, we highlight a specific product or solution that we know our customers use and trust. We take an independent look at this offering, engaging with an industry-leading insider and getting their expert opinion on a solution they know inside and out. This month, we’ve delved into the current state of Microsoft Intune and Autopilot with an expert on the matter, Adrian Alexa, Cloud Solutions Architect at Babble.
—
Get to Know Adrian:
I am originally from a small town in Romania. I finished university in a non-tech field in 2013 but always knew I wanted to work in the tech industry. So, I started a temporary role as a service desk analyst, or so I thought. Those early days were a mix of excitement and learning, troubleshooting technical glitches, and assisting users. The passion started to build, and this “temporary field” became my permanent one.
Fast forward to 2018, and I found myself crossing borders into London which became my new home and the launchpad of my career. The fast-paced environment and competition motivated me to learn on my own and pass more than 15 exams to achieve various certifications. I am now a Cloud Solutions Architect at Babble, responsible for designing and implementing cloud-based solutions that meet the business and technical requirements of our customers.
Bridging the Gap: A Day in the Life of a Cloud Solutions Architect
Question: We’d love to begin by finding out more about your IT journey – How did you get involved in technology, and what led you to your current role?
Answer: My career in IT started back in 2013, I started a role as a Service Desk Analyst which began with minimal IT exposure. I wanted more, however, so after learning on my own and trying to insert myself into anything technical within that role, I got the opportunity to transition to a 2nd line support role which essentially started my career.
After being promoted to 3rd line Specialist and then to Projects Consultant, I started studying and passing certifications that would eventually take me to where I am now as a Cloud Solutions Architect.
Q: After learning more about your journey to date, could you tell us more about your current role at Babble? What you’re responsible for and what a typical day looks like for you?
A: I’m currently part of the Professional Services Team. Our main focus is to deliver the best possible IT solutions to customers. This can be anything from a simple migration to Microsoft 365, or to a complete overhaul of their IT estate by modernising their security policies, device management procedures, and more. I plan and implement the entire lifecycle of a project, from pre-sales to when the project is completed and handed over to either the support team or the customer.
There are usually four things that need to happen every single day in my world. Client meetings that I usually have in the morning or afternoon to either scope a project or provide updates on their existing one. Implementation times, where I make progress on projects by completing tasks agreed in the project plan. Reporting and updates, which is an important part of my role as the customers, sales team, support staff and billing need to be aware of the stage of the project as they usually have pending tasks on their end depending on when a project is completed.
And, of course, coffee – which is the fuel that makes the projects move forward!
Automating Success: How Intune & Autopilot Streamlines Device Management
Q: Reflecting on the last 12 months, what were some of the primary challenges you and the rest of your team faced?
A: One of the biggest challenges that we still see companies struggling with, is the management and setup of devices for remote workers. Another we encountered frequently would be complying with certain security standards like Cyber Essentials or ISO 27001. Organising and implementing a project like this is always challenging, there are many moving parts. We must think about suppliers, auditors, users that are spread out across the country, different stakeholders, etc. at all times, which can get tricky if not planned and executed properly.
This is where Microsoft Intune & Windows Autopilot came in as a valuable tool. We needed a way to automate the device provisioning process across multiple remote locations. I implemented Autopilot for enrolling the machines and Intune policies for managing them. Now, users receive their laptop still in the box and just have to log in with their work account for applications, policies, and settings to install on that machine.
Q: Could you explain a little more about how Intune and Autopilot work?
A: Simply put, Autopilot acts as the bridge, seamlessly connecting new devices to Intune, the central hub for managing them. Autopilot allows devices to join Intune automatically when the user receives their laptop in its original packaging. Once the device is part of Intune, policies configured within the platform set up the machine according to the company’s needs. Additionally, everything you need as the user is already set up and configured securely. That’s the beauty of combining Autopilot and Intune.
Q: Have you used this solution to solve any unique challenges or streamline processes you wouldn’t have been able to with traditional methods?
A: Yes, I have already mentioned that Intune is very useful for setting up, securing and managing devices without them being connected to a traditional Active Directory. In the traditional method, the machines would have had to rely on VPNs and GPOs to do this which is not as reliable.
We also tackled the issue of handling Bring Your Own Devices (BYOD), especially, mobile phones. We could enable staff to work on their personal phones while separating the work data from the personal one and enforcing security policies, so the company always has control of their data even on non-corporate devices.
Using Intune and Autopilot has proven to be invaluable tools in addressing several of our unique challenges, helping us to streamline processes beyond the capabilities of traditional methods. Firstly, Intune empowers us to securely set up, manage, and enforce security policies on devices even without them being connected to a traditional Active Directory domain. This eliminates the need for complex and sometimes, unreliable solutions like VPNs and Group Policy Objects (GPOs) for remote device management. Secondly, we’ve leveraged Intune’s capabilities to effectively manage Bring Your Own Devices (BYOD), particularly mobile phones. This allows employees the flexibility to work from their personal devices while maintaining a clear separation between corporate and personal data.
Additionally, Intune enables us to enforce robust security policies on BYOD devices, ensuring that company information remains protected even on non-corporate equipment. Overall, Intune and Autopilot have significantly enhanced our ability to manage and secure these devices, within the traditional office setting and in the increasingly prevalent remote work environment too.
Because device setup time has decreased so significantly, the IT team have more time now to focus on what is more important. Dedicating more time to improving the IT infrastructure and supporting users when they have issues. Our teams were also happy that they could use their personal phone for work with the knowledge that their private data is not visible to the business and enjoyed the convenience of not having to carry two phones with them.
Q: Have you encountered any challenges or drawbacks with these solutions? And if so, how did you overcome them? Is there anything you wish you knew or understood better about Intune and Autopilot before you started using them?
A: One notable drawback we encounter often is the current inability to directly install printers through Intune. However, we effectively addressed this challenge by leveraging Intune’s script deployment capabilities. By creating a custom script, we were able to seamlessly integrate printer installations into the device setup process, which many of our customers appreciated.
Another limitation to consider is that Azure AD-joined devices, commonly used with Autopilot, cannot authenticate directly to traditional Active Directory domains. This currently presents us with compatibility concerns in certain environments. To overcome this, we have implemented alternative authentication methods that still maintain security while ensuring functionality.
Looking back, one key takeaway is the immense value of scripting with Intune. While pre-defined policies offer a robust foundation, scripting unlocks a vast array of possibilities. Had we fully understood this potential earlier, we could have streamlined certain processes even further.
Future-Proofing Security: Intune, Autopilot, and AI
Q: How do Intune and Autopilot contribute to the overall security of the organisation? What features have been most impactful in mitigating security risks?
A: I think security is one of the key benefits of Intune. It includes a baseline security package that you can use to rapidly deploy a recommended security posture to devices, a way to deploy and enforce Defender for Endpoint Antivirus, compliance policies to ensure that devices that connect to the company’s resources are secure, and update policies that keep endpoints patched and limits vulnerabilities.
AI is a very powerful and useful tool and one that can certainly be used by bad actors. It makes creating programs to exploit vulnerabilities accessible to more people. Nowadays, you do not need to have expert knowledge in coding as you can ask a chatbot to generate one for you.
Luckily, there are also AI tools used to protect against malicious attackers, like Microsoft Security Copilot that help find, investigate and neutralise threats much faster and more efficiently.
Anticipating the Future: The Impact of Emerging Technologies
Q: Looking ahead, how do you see your role evolving alongside the advancement of these technologies? What are some things you most excited about?
A: Looking ahead, I see my role as one that will always be evolving in tandem with the constant advancements in technology. This necessitates staying up to date with new features and solutions to ensure I can leverage them effectively.
Now, there are two developments in particular that I am excited about. Firstly, is the integration of Security Copilot with Intune. This holds immense potential for enhancing device security by proactively identifying and neutralising threats.
Secondly, the possibility of Intune and EntraID fully replacing traditional server-hosted domains is something I would like to get my hands stuck on. This shift promises to streamline IT operations and contribute to a more secure and efficient environment.
Q: What advice would you give to other IT professionals who are looking to make a bigger impact and to change the perception of IT in their organisation?
A: My advice is to focus on demonstrating the value that IT can bring to the business in tangible results. This can be achieved by proactively identifying and proposing solutions to pain points, providing solutions that boost productivity and save time and focusing on security and what are the consequences if a security breach occurs.
I know cost is a major influence in whether an IT project is approved or not, which normally comes with a higher initial cost, so I make a point to demonstrate the cost savings and benefits the proposed solution can provide in the long run. IT is usually known as a function which is there to keep things running, but nowadays it is being recognised as a transformational function, driving businesses forward.
Q: We’d love to know more about your experience working with and using Copilot for Microsoft 365. You’ve been using it for a few months now, so what do you think?
A: I am incredibly excited about the future potential of Copilot for Microsoft 365 and seeing how it can be more integrated into the rest of Microsoft products. By far the most useful feature for me is the assistance in meetings. I do not need to worry about taking detailed notes anymore as it will efficiently provide the agenda, meeting summary, actions and more in a very professional and detailed manner. Also, it makes Automation via Power Automate even more accessible to non-developers, with just a prompt you can ask Copilot to create almost any Office automation.
With Intune and Autopilot, ensuring a secure approach to managing endpoints, AI tools like Copilot need to be integrated correctly. Devices must be onboarded into the organisation in the right ways so that Copilot can be integrated with the operating system. This will allow the devices to send log data which Copilot can analyse and keep the machines secure.
Copilot is a very useful tool that already saves me quite a lot of time, and it only gets better the more you use it. Also, it has massive potential to be even better with how fast everything is moving, which I am looking forward to seeing.
Get to Know Adrian More:
One thing I have learnt is that it’s about family. I’m blessed with a wonderful toddler daughter—a tiny whirlwind of curiosity and boundless energy. As a parent, I’ve discovered the delicate balance between career aspirations and bedtime stories, between deadlines and playdates. Parenthood is a wonderful rollercoaster, and I wouldn’t trade it for anything.
I love everything tech, my YouTube subscription list is mostly people talking about tech or unboxing tech! I’m drawn to the digital world like a moth to a pixelated flame. Recently, I’ve been curious about cybersecurity and ethical hacking. I find the methods by which weaknesses are detected, exploited and especially repaired captivating.
When I’m not at work, I unwind with my favourite pastimes which are gaming, reading and mountain biking. My daughter, my little co-adventurer, is usually in her kiddie seat with me while we explore the British countryside and forests. This is who I am: a tech enthusiast, a dedicated parent, and an avid explorer. I’m always looking for new challenges and opportunities to grow, both personally and professionally.