IT Pros: It’s Time to Automate Microsoft 365 Configurations

essidsolutions

The surge in adoption of Microsoft’s cloud and productivity tools has created both opportunities and pain points for IT professionals who have new configurations to manage. Learn how automating configuration deployments of Microsoft 365 can ease the burden on IT pros by eliminating time-consuming tasks.

Two significant events are occurring in the Information Technology sector that particularly impact managed service providers and in-house corporate technology departments. One, COVID-19 hit and everyone is now working remotely, intensely accelerating the existing trend. 

Secondly, Microsoft’s suite of cloud and productivity tools has reached maturity, and, with a compelling bundled price point, companies have consolidated services instead of using third-party providers. Independently these events would catalyze process transformation, but together they serve as a hard wake up call. 

Let us summarize how these two events led to a step function in streamlining and automation opportunities for managing Microsoft 365.

COVID-19 Crisis: Top 3 Pain Points for IT Pros

In the face of the COVID-19 pandemic, the role of IT professionals expanded and they had to address three core tasks.  

One, set up and provision computers without being on-premises. 

Two, manage, support, and monitor computers that are not on the local network. While this issue is not new, it was limited to road warriors. Now every computer must be managed this way. 

Three, switch from VPN and physical network boundaries as the basis of your security strategy to a “modern digital workplace” mindset to support workers’ ability to securely access the data and tools they need, wherever they are. 

In order to address these new requirements, IT pros must learn and implement new tools to operate effectively in a modern workplace. 

Companies Have Consolidated Business Productivity Tools Under Microsoft

With improvements to Teams, OneDrive, and SharePoint Online, coupled with seamless integration, businesses are unifying under Microsoft. Now, most business tools you manage are on one platform. The change is prevalent. Even if you were once unsure of the difference between Office 365 and Microsoft 365, you probably know by now that you should be leveraging all of it. 

Azure AD is now a first-class replacement for hosting on-premises Active Directory for most small and medium-sized businesses. And even if you still need to host your own Active Directory, integrating it with Azure AD means that your customers can use a single cloud-based identity to access applications.

Intune has reached maturity in the enterprise mobility management space, offering a comprehensive solution for managing personal, corporate, mobile, desktop, and laptop devices. Some of the greatest streamlining capabilities today exist within Intune and Autopilot. 

You can now ship a laptop directly from the manufacturer, have the end-user simply log in with her Microsoft 365 credentials and the machine will automatically configure itself in 30 minutes or less. You can now provide a seamless end-user experience when getting a new machine and eliminate manual work. 

Learn More: Why Collaboration Is the Answer and Three Steps To Protect It

Office 365 has reached a place of comprehensive collaboration, productivity, and communication functionality with its suite of tools including OneDrive, SharePoint Online, and perhaps most importantly, Teams. Between these tools, many small and medium-sized businesses have been able to replace their on-premises file servers. 

The adoption of these services onto Microsoft’s platform has created both pain points and opportunities for IT pros. Many business tools are now consolidated on Microsoft’s platform but there is a large amount of functionality and new configurations to manage. IT pros must configure Azure AD, Intune, and Autopilot for each of their tenants separately.  

Take for example a managed service provider (MSP) desiring to support its clients with improved security by implementing data loss and prevention (DLP) policies. The MSP, in this case, must create Azure AD conditional access policies and Intune application protection and configuration policies. 

This requires understanding and deciding on 20 configurations from hundreds of different choices across two portals and various screens. A skilled Microsoft engineer will spend about three hours configuring, testing, and validating the proper functioning of the newly added policies. 

Additionally, the engineer must replicate these manual steps for every client that she supports on the Microsoft 365 platform. More so, she must ensure that every option that she selected is consistent across tenants, notwithstanding clients with legacy policies needing to be reconciled to the desired state. In the event she desires to update or change the policies, the process repeats itself.

One solution is to leverage PowerShell scripts, which can help automate the operational steps above. This solution can cut down the time spent clicking and selecting choices from the various screens. This can be particularly useful in the setup of new policies. However, to update those policies, it would still be required to run the scripts for each client separately to apply the updates and ensure consistency. 

Learn More: 4 Tips to Ensure Your Office 365 Environment is Protected

Configuration Management Tools Can Help 

Where additional opportunities for automation lie is in the fact that 90% of configurations across clients are identical, especially in security-focused issues such as multi-factor authentication (MFA) and conditional access policies that should be applied broadly. To solve the pain points of needing to configure each client separately and to achieve cross-tenant consistency you should strive to configure and deploy those common tenant configurations centrally. 

If your operation has the time and engineering skills to dedicate, the best approach to accomplish centralized configuration management would be to leverage Git repositories within Azure DevOps. Using these available IT infrastructure capabilities, you can design an environment to save common client configurations as code then deploy the code to your clients. This powerful method combines the process automation of PowerShell with the concept of multi-tenant desired state configuration. A new tool, Simeon CloudOpens a new window , has introduced a method of doing exactly that. The software has the capability of exporting a tenant’s Azure AD, Intune, and Office 365 configurations as code, and it can deploy that code to any tenant.

IT pros should leverage as many or some combination of the available modern tools now more than ever because COVID-19 and Microsoft adoption have created the need to efficiently support remote work environments. There will be a clearer gap now between the skills and efficiencies of IT pros who have adapted and even excelled during this transition and those who have not. Making the switch to platforms such as Intune, Azure AD, PowerShell, and centralized configuration management may seem like a daunting task. However, it is an exercise that is well worth the investment of your time and energy to have learned these new skills and ensure that you are offering a competitive IT solution for our new world.

Let us know if you liked this article on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!

Contact ESSID Solutions

    By clicking Send Message, you agree to our Terms of Use and Privacy Policy.

    Reach out to us for a free consultation on big data consultancy and development services.

    Contact

    Rua Alexandre de Sa Pinto 143
    1300-034 Lisbon
    Portugal

    [email protected] +351927159955
    Privacy Policy Terms of Service Refund and Returns Policy

    © 2024 ESSID SOLUTIONS LDA