Windows Autopilot: A Device Management Solution
All things are going cloud-based and if you’re not getting in on the action then you are missing out on its obvious benefits. Windows Autopilot presents a way to do managed device deployment, whether it’s a mobile or desktop, one-user or kiosk device, on-site or remote configuration. It offers “low-touch” deployment across a range of scenarios, with the easiest cases being where companies have moved to cloud organisational identity management with Azure AD.
What does this mean for you and your IT team? Far less time spent on configuring devices for use at work.
The benefits of using Windows Autopilot
No need to re-image new devices
Devices can be ready to go, out of the box (or simply require a user to load the Windows Autopilot profile).
Users can set up devices themselves
In what usually would require at least a disk handed to them from IT, users can now instead set up a device simply by switching it on and connecting to a network.
Devices can be rolled out anywhere
Devices needn’t be connected to an internal network: regular internet will do to provision the device on start-up. This is great news for the shift towards remote work.
Have a custom security profile in place across all devices before deployment
Did you know 69% of SMBs in the US have lost sensitive data from security breaches? By ensuring security even before users can access the desktop, you are helping stay even more protected against security vulnerabilities.
Customized workplace profiles
Assign different profiles to different devices before they reach the end-user, such as administrator, human resources team, or software developer, each with their own configuration, access, and apps.
Reset devices while keeping organisational enrolment
Simply removes the user-specific files, settings, and apps.
How it works
Here are the steps required for all deployment scenarios:
The hardware vendor adds the device itself to the list of enrolled devices within the organisation.
Profile creation and assignment
Create a deployment profile for groups, then assign devices to that profile.
Rolling out the device
On start-up, after connecting to a network, the device loads the assigned profile.
Windows Autopilot deployment scenarios
There are a few different ways in which you can set up and provision devices, ready for use. These include:
A traditional approach, where IT administrative staff pre-provision the device in advance, ready for users to get up and running straight away
A user-driven approach, where the user themselves can set up new Windows 10 Pro devices without any assistance needed, remote or on-site, using Microsoft Intune and Azure AD. This involves connecting to a network and using organizational email credentials to login and initiate the sequence. For complete instructions, head over to Microsoft.
A hardware provider approach, similar to the traditional approach, but where hardware partners have the capability to pre-provision the device in advance.
Requirements for Windows Autopilot
There is a long list of requirements necessary to have in place before Windows Autopilot can be a successful program. Fortunately, if you have Azure AD implemented already, and you are provisioning new Windows 10-compatible devices, these requirements will already be in place.
- Windows 10 Pro, Education, or Enterprise
- Proper internet functionality
- Windows Activation
- Network Time Protocol (NTP) Sync
- Domain Name Services (DNS)
- Network Connection Status Indicator (NCSI)
- Approved firmware
- Diagnostics data (optional)
- Windows Update (optional)
- Windows Notification Services (WNS) (optional)
- Microsoft Store (optional)
- Office 365 (optional)
Other required organisational services:
- Windows Autopilot Deployment Service
- Windows Activation
- Azure Active Directory
- Delivery Optimization (optional)
- Certificate revocation lists (CRLs)
- Hybrid AAD join (optional – if hybrid Azure AD is used)
- Microsoft 365 Business Premium subscription
- Microsoft 365 F1 or F3 subscription
- Microsoft 365 Academic A1, A3, or A5 subscription
- Microsoft 365 Enterprise E3 or E5 subscription
- Enterprise Mobility + Security E3 or E5 subscription
- Intune for Education subscription
- Azure Active Directory Premium P1 or P2 and Microsoft Intune subscription (or an alternative MDM service).
Ready to streamline your device deployment?
If you would like assistance in setting up Windows Autopilot for your organisation, along with guidance in how to set up profiles, roll out new devices, update existing devices, and wipe old devices, then get in touch. We can help set up your device management environment, educate the team in best practices for management, and have you smooth sailing when it comes to new, repurposed, or end-of-life devices.
Subscribe to our newsletter
Enter your email and stay in touch with the latest updates from A1.
You might also like…
- The Essential 8 Cyber Security Mitigation Strategies: Recommendations from Australia’s Top Cyber AgencyIf cyber attackers can get into our country’s foremost cyber defence agency, the Australian Signals Directorate (ASD), they can definitely get into your...
- We’re sure you’ve heard the horror stories in the news by now, like “He worked for NBN and struggled to get high-speed internet....
- Whaling Attacks and How to Prevent Them A whaling attack is a clever little play on words that has its roots in phishing....