A modern approach to device configuration & security

Introducing modern device management with Microsoft Intune can often seem a daunting task when it comes to the large number of options available across the multiple Operating Systems it is capable of managing, especially as which options to enable or disable can vary depending on industry/regulatory requirements.

Configuration of device policies and selection of settings has traditionally been carried out using a waterfall approach, requirements would be identified, configuration and policy structure would then be designed with testing finally followed by implementation, with each stage requiring sign-off/agreement before progressing.

We’ve seen this approach repeated across multiple clients and whilst we bring our expertise and experience from other projects, clients requesting that the traditional design and configuration steps are carried out can often lead to projects taking longer than they otherwise should.

The answer, is for modern device management to follow an agile approach. Rather than spending time going through a long design phase where you wade through countless settings before moving onto testing and deployment, organisations should look to start with a baseline or template containing settings that are suitable for their sector and begin the rollout.

These templates, once imported can be customised to meet specific organisational needs but should provide a baseline that covers 85-95% of an organisation’s requirements. The National Cyber Security Centre maintains guidance and recommendations on settings and policy configurations and these should form the core of templates, with changes only made based on sector requirements.

So now you’ve decided to take an agile approach, where do you start. The quickest way is to work with a partner that has already been through the process and maintains templates that can be readily imported, this allows deployment to start in the hours/days range rather than days/weeks.

Device management and configuration should not be seen as a static target to hit, constant assessment of the impact and suitability of these settings as the organisation changes is vital to ensure productivity and security are maintained.

About the author