With constant innovation Microsoft is not just bringing us new technologies but also reacting to our new modern behaviours, facilitating these with new processes.
Microsoft Windows Autopilot is designed to configure Windows 10 and install apps onto corporate devices. Configured and set together with suitable security policies in Intune, Autopilot makes it possible to deploy devices remotely.
But what does it mean for the end user? Will there be anything different for non-tech-savvy workers who just wish to get on with their work once they get their new position? …or perhaps they received a new corporate device as an upgrade? In short: yes!
When we are talking about the end user I always remember some of my relatives and friends who are great specialists in their fields and yet they freeze when it comes to dealing with any IT-related issues. And they are not alone. The world is full of great workers: geniuses in their professions and crafts, who just don't understand IT.
All they want to do is get on with their work. And they don't want to worry about the matters to do with software installation. That is the perspective of the user.
What about the IT departments? Any effective automation is helpful, especially if it can reduce the countless hours spent on configuring and on the phone / service desks to the users hearing: "I am not quite sure what to do here, my computer is not working".
For all these people, it is at this point the magic will happen! No more unnecessary interactions with the users trying to get Windows and associated apps set up, no more USB sticks around the office having to watch the blue bar saying "loading" on users’ screens: with Autopilot all this is taken care of. Once configured Autopilot deploys Windows together with apps and relevant settings to many users at the same time, saving countless hours of work and effort.
So, hence we are talking savings - let’s talk figures!
In 2019 it was estimated that around $6 billion was spent on IT by the SMBs. And with that 69% of corporate data was lost to the security breaches. That is in the USA alone. I am sure the figures would be even more dramatic if we would take the rest of the world into consideration. And last but not least, the end users: 91% of them want to be more productive and have digital environments which are relevant to what they do.
How does Autopilot address the enormous spending? Money is wasted in the IT specialists' hours, logistics (when it comes to the new devices sent to the IT department for configuration and then to the end users) as well as other issues which are cropping up along the way. With Autopilot, IT departments can focus on innovation rather than on the maintenance of digital estates.
Let’s have a look at what Autopilot does to make the process seamless. As always, I would like to start with the user. All they'll need to do is unwrap the box, take the device out, connect to the internet (any network, any location) and follow very simple instructions prompted on screen. They simply choose the language, location and pick the keyboard setup, connect to the internet, login with their credentials through the corporate branded login page and from there Microsoft Endpoint Manager takes over. It will deploy all settings and apps needed by the user. They are ready to go! It sets the scene differently for them. It is that first impression from their place of work, the sense of ease and belonging to the company which they get through integrated branding and the device that is ready to go. As far as they are concerned: all they needed to do is to log in.
What does the process look like for the IT department? Probably even more pleasant then for the user, dare I say! The department doesn't have to touch the device. All they have to do is to set up the Windows deployment in Endpoint Manager, create and auto-assign the devices to the groups of users with their specific requirements, apply the branding and deploy.
Once Autopilot is deployed it enables the device to join AAD (Azure Active Directory) which means that all the benefits of cloud computing will be at their fingertips. Security policies which make the users' workflows more secure are deployed through auto enrolment to Microsoft Endpoint Manager.
Finally, let’s have a look at the way the process works in Endpoint Manager and the sequence of actions that need to be taken to configure Autopilot.
Firstly, the automatic enrolment will need to be configured in AAD. Then the branding needs to be put in place which includes the logo and sign-in page.
The next two tasks are:
- Device registration - the CSV file needs to be taken from PowerShell if the device is re-used. The CSV file enables Intune to deploy Windows to the specific device. If the device is new, the CSV file is placed by the vendor of the device into the tenant, from which the IT worker builds the needed configuration either on behalf of the client or from within the organisation (the IT department).
- Profile configuration - for each user the profile is set, and it is linked to the location and a licence.
This is how Autopilot works. It saves time and allows for better centralised control. Centralised control allows IT departments to automate help if things go wrong or something isn't working as intended. Now it is possible to reconfigure the system if the role of the user has changed or when other changes come to be which includes the end of life of the device or the user's role.
Autopilot marks first steps towards significant time and money saving through automation and centralisation.
And, for the end user, things simply work!