If you’ve moved your ERP system to the cloud, you’re most likely already enjoying the flexibility, mobility, and security that comes with it. The success you’ve seen in moving such a vital part of your business to a cloud platform may have you looking at what other parts of your business you can move.
May we recommend your golden image? Moving this to the cloud significantly streamlines and simplifies your endpoint management process while taking some responsibility off your IT team. Even if you’re not currently using a golden image to manage endpoint or remote devices, you’re likely to start once you understand how simple this technology makes managing devices.
That’s what we’ll discuss here: moving your golden image to the cloud using Microsoft technologies, specifically Microsoft Endpoint Manager and Autopilot. You’ll also see how HealthEquity, a company helping Americans to make smarter healthcare and financial decisions, partnered with JourneyTEAM to move their golden image to the cloud. Finally, our Cloud Solution Specialists will provide details on the architecture of these solutions, how to use these solutions, and what the future looks like.
What’s a Golden Image?
At its most basic level, a golden image is a template made from an ideal software environment. When the environment is considered perfect, it’s captured then replicated across other devices, including desktops, laptops, smartphones, and tablets.
The benefits of a golden image include higher accuracy as the chance of user error is lower, deployment is simplified, and your IT department saves a ton of time on manual, repetitive tasks.
This solution refers to a collection of technologies that are used to reconfigure and set up new devices before productive use. Using Autopilot, IT teams can repurpose, recover, and reset devices, which makes for faster and simpler management of endpoint devices.
What’s Endpoint Manager?
Similar to Autopilot, Endpoint Manager is a collection of products that brings your endpoint management strategy to a single, central location within the cloud. Here, you can do everything from set up new devices to update or authenticate applications.
When used in conjunction with Autopilot, these two solutions significantly reduce the amount of time IT spends on managing new devices. Using Autopilot, your IT team can register and set up new devices which are then sent to the user. When it’s turned on, Endpoint Manager goes to work installing new updates and configurations. Within minutes, the new device is set up and updated according to company standards, reducing the amount of time your IT department has to spend on endpoint management.
Creating a More Efficient Endpoint Management Process for HealthEquity
Since their founding in 2002, HealthEquity has remained focused on one thing: providing Americans with more choices and control of their healthcare and financial future. Recently, they’ve seen a lot of growth, their numbers growing to include around 3,000 employees. With more new hires being added every week, HealthEquity realized they needed a more efficient endpoint management process.
While the company used a golden image to help streamline the setting up process, their IT team was manually applying these images, a process that was taking hours to complete. Senior IT Manager at HealthEquity Devon Ritchie stated:
“We used a gold image and applied those through Pixie Server. Then we had the technicians join the computers to the domain, then added the user account, set up the profile, and then install any additional software on the laptop. This process would take generally anywhere from two to four hours depending on what was on the profile and the amount of software that had to be installed.”
Setting up the device was just the beginning of the process. Once it was set up, HealthEquity had to gather shipping information from each employee, find out what devices they needed, and coordinate shipping through a carrier. Finally, once an employee received their devices, they had to contact IT to get them up and running.
In addition to a lengthy management process, Devon stated that they wanted to replace their expensive, non-scalable solution with something more flexible and cost-effective. He also described how they wanted to bring all user devices and accounts to a single domain, something that would make navigating the demands of the COVID-19 outbreak easier.
After some research, HealthEquity chose to implement both Microsoft Autopilot and Endpoint Manager. The company saw the benefits of these solutions almost immediately. They started shipping devices directly from a vendor and included step-by-step instructions on how to setup equipment. This eliminated the need for their IT professionals to figure out shipping. Additionally, it reduced the amount of time they spent on device setup.
Overall, Devon stated that the implementation process of both these solutions was relatively smooth. The two biggest hurdles they experienced was informing and training employees on the new process and migrating existing user settings to new devices. However, a PowerShell Script in Autopilot easily solved the latter issue.
For others looking to implement these solutions or to do a computer deployment with Autopilot, Devon has this advice:
“Have a plan on what you want the end state to look like. Work very closely with your security teams to understand your security requirements upfront, what you can expect, and what you need to implement going forward.”
This understanding will help you find that perfect balance between usability and security.
Looking ahead, Devon says that HealthEquity is focused on building more dynamic groups within Autopilot and creating additional distribution packages. They’re hopeful that by doing so, they’ll create a seamless, accessible process for new employees and existing teammates, and that IT will have easy management of devices from setup all the way to retirement.
HealthEquity’s story is just a small taste of what’s actually possible with Autopilot. There’s so much more that this solution can do--if it’s architectured correctly. Tim Brandt, a Cloud Solutions Specialist at JourneyTEAM, talked about how they took advantage of the customizable features within Autopilot to build something that fit the company’s specific needs. According to Tim, this is perhaps the most important step of installing these solutions.
“Architecting the solution is a vital part of implementing Autopilot,” Tim says. “Don’t skip this step and speed through the process without proper planning in the beginning.”
He later stated that it’s important to note that this solution is not the best solution for some companies. To make sure the solution will help you achieve certain business goals, it’s important to take the time to identify business needs and then customize the solution to meet them.
In addition to identifying business needs, Tim points a few other things to consider while architecting Autopilot:
Do you have the right licensing? Do your current licenses allow for the use of Autopilot? If you’re unsure, contact JourneyTEAM.
What are your business goals? How will you know if Autopilot is helping you meet them? Having clear, specific goals will move the project forward on time and on budget. Without them, you risk lengthening the process and spending too much money.
Do you need a project manager? Having a specific person in charge of overseeing the implementation process can ensure that project deadlines are being met and that you’re staying on budget. Additionally, this person can provide status updates and identify current and future project needs.
What are potential obstacles? Determine if there are any obstacles or blockers that might prevent you from success. Once you’ve identified them, figure out how to overcome them so they don’t damage the project.
What approach should you take? Is a “big bang approach” or a phased approach better for your team?
What does the future look like? You’ll want to make sure that you’re planning for the future during your project. Ensure that there will always be someone to oversee and manage things in the future.
Adapt: There are so many things that can happen during the course of your project that will change your focus or your goals. Stay flexible and adapt to things as they come.
“Architecting a solution is the difference between success or failure. Take the time to plan things out."
Additional Ways to Use Autopilot and Endpoint Manager
Now that you’ve seen just some of what’s possible with Endpoint Manager and Autopilot, let’s look at some other possibilities of these solutions, specifically what you can do once you’ve moved your golden image to the cloud.
Easier Device Lifecycle Management
As a Microsoft customer, you don’t have to worry about arranging shipping through an outside carrier. All employee devices are shipped directly from the vendor to your users--with the golden image already installed. Once it gets to your end user and is switched on, Autopilot will recognize it as a company-owned device. Using the information from the golden image as well as the information from a user’s Azure credentials, Autopilot will immediately begin installing additional updates or software. All users must prove their identity using multi-factor authentication before Autopilot starts working.
Once all device configurations have been applied (which helps to protect sensitive information), Autopilot will routinely update the device with new software until the device reaches the end of its life, which is when all company data is removed.
Ultimately, setting up and retiring devices is faster and more efficient as Autopilot handles much of the manual setup and management process without IT touching them.
Zero Trust Architecture
As a Microsoft solution, Autopilot features zero trust architecture to ensure that all company data and resources are protected from outside threats. Built on the “never trust, always verify” principle, Autopilot ensures that only users with the right access level are able to view data or information by continuously verifying user identities.
Should a threat happen, Autopilot instantly signals your IT team, allowing them to respond more quickly and without information silos slowing them down.
Making device updates is much easier with Endpoint Manager as there’s no need for your IT team to manually install updates on individual devices. The solution automatically applies these via the golden image.
Endpoint Manager also allows for the easier risk management by using an update rollout strategy. Say there’s a new Windows 10 update available, but you want to test the update on a few devices before you apply it to a larger group of devices.
These update rings provide useful data and analytics on how policies are deployed and used in your environment. This data helps you know when to uninstall, extend, resume, or pause updates.
One of the latest features of Endpoint Manager, group policy object (GPO) analytics allows you to see how a certain GPO will translate in the cloud. Based on the output information, you can see which specific settings are supported by master data management (MDM) providers. You’re also able to see if you have deprecated settings that aren’t available or supported by these providers. Finally, this tool can help you assess existing group policies, and figure out which ones are ready to be brought to the cloud and which need additional work.
Make the Move to the Cloud with Support from JourneyTEAM
Moving your golden image to the cloud can happen in a number of ways: a “big bang” hybrid, phased, etc. It’s important to take the time figure out which of the strategies below is the right choice for you company:
However, selecting the right approach isn’t as straightforward as it seems. There are a number of factors that you have to take into consideration, which is where JourneyTEAM can help. Whether you’re unsure about what licenses you need or want customization help, JourneyTEAM is committed to providing the exact level of support you need. Take advantage of working with a knowledgeable, professional, and experienced team who will help you create the perfect migration strategy. Contact a JourneyTEAM representative today if you’re ready to get started.
Dave Bollard - Chief Marketing Officer | 801-436-6636
JourneyTEAM is an award-winning consulting firm with proven technology and measurable results. They take Microsoft products; Dynamics 365, SharePoint intranet, Office 365, Azure, CRM, GP, NAV, SL, AX, and modify them to work for you. The team has expert level, Microsoft Gold certified consultants that dive deep into the dynamics of your organization and solve complex issues. They have solutions for sales, marketing, productivity, collaboration, analytics, accounting, security and more. www.journeyteam.com
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.