On Wednesday, 13th March at around midday EST, Facebook suffered outages around the globe, during one of its longest recent outages to date...
Windows Autopilot: A Device Management Solution
All things are going cloud-based and if you’re not getting in on the action then you are missing out on its obvious benefits. Windows Autopilot presents a way to do managed device deployment, whether it’s a mobile or desktop, one-user or kiosk device, on-site or remote configuration. It offers “low-touch” deployment across a range of scenarios, with the easiest cases being where companies have moved to cloud organisational identity management with Azure AD.
What does this mean for you and your IT team? Far less time spent on configuring devices for use at work.
The benefits of using Windows Autopilot
No need to re-image new devices
Devices can be ready to go, out of the box (or simply require a user to load the Windows Autopilot profile).
Users can set up devices themselves
In what usually would require at least a disk handed to them from IT, users can now instead set up a device simply by switching it on and connecting to a network.
Devices can be rolled out anywhere
Devices needn’t be connected to an internal network: regular internet will do to provision the device on start-up. This is great news for the shift towards remote work.
Have a custom security profile in place across all devices before deployment
Did you know 69% of SMBs in the US have lost sensitive data from security breaches? By ensuring security even before users can access the desktop, you are helping stay even more protected against security vulnerabilities.
Customized workplace profiles
Assign different profiles to different devices before they reach the end-user, such as administrator, human resources team, or software developer, each with their own configuration, access, and apps.
Reset devices while keeping organisational enrolment
Simply removes the user-specific files, settings, and apps.
How it works
Here are the steps required for all deployment scenarios:
Device enrolment
The hardware vendor adds the device itself to the list of enrolled devices within the organisation.
Profile creation and assignment
Create a deployment profile for groups, then assign devices to that profile.
Rolling out the device
On start-up, after connecting to a network, the device loads the assigned profile.
Windows Autopilot deployment scenarios
There are a few different ways in which you can set up and provision devices, ready for use. These include:
A traditional approach, where IT administrative staff pre-provision the device in advance, ready for users to get up and running straight away
A user-driven approach, where the user themselves can set up new Windows 10 Pro devices without any assistance needed, remote or on-site, using Microsoft Intune and Azure AD. This involves connecting to a network and using organizational email credentials to login and initiate the sequence. For complete instructions, head over to Microsoft.
A hardware provider approach, similar to the traditional approach, but where hardware partners have the capability to pre-provision the device in advance.
Requirements for Windows Autopilot
There is a long list of requirements necessary to have in place before Windows Autopilot can be a successful program. Fortunately, if you have Azure AD implemented already, and you are provisioning new Windows 10-compatible devices, these requirements will already be in place.
Device:
- Windows 10 Pro, Education, or Enterprise
- Proper internet functionality
- Windows Activation
- Network Time Protocol (NTP) Sync
- Domain Name Services (DNS)
- Network Connection Status Indicator (NCSI)
- Approved firmware
- Diagnostics data (optional)
- Windows Update (optional)
- Windows Notification Services (WNS) (optional)
- Microsoft Store (optional)
- Office 365 (optional)
Other required organisational services:
- Windows Autopilot Deployment Service
- Windows Activation
- Azure Active Directory
- Intune
- Delivery Optimization (optional)
- Certificate revocation lists (CRLs)
- Hybrid AAD join (optional – if hybrid Azure AD is used)
Licensing requirements:
- Microsoft 365 Business Premium subscription
- Microsoft 365 F1 or F3 subscription
- Microsoft 365 Academic A1, A3, or A5 subscription
- Microsoft 365 Enterprise E3 or E5 subscription
- Enterprise Mobility + Security E3 or E5 subscription
- Intune for Education subscription
- Azure Active Directory Premium P1 or P2 and Microsoft Intune subscription (or an alternative MDM service).
Ready to streamline your device deployment?
If you would like assistance in setting up Windows Autopilot for your organisation, along with guidance in how to set up profiles, roll out new devices, update existing devices, and wipe old devices, then get in touch. We can help set up your device management environment, educate the team in best practices for management, and have you smooth sailing when it comes to new, repurposed, or end-of-life devices.
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- It used to just be that your employees had a desktop computer, a landline, and maybe a company mobile if they were lucky....
- This is a follow-on article to the article ‘Microsoft Passwordless Security Reduces Chances of Being Compromised by Up to 99.9%’ where we looked...
