3 reasons why now is the time to go cloud native for device management

Since the start of Microsoft Intune in 2010, we have been working on and iterating toward simplified Windows management, in part by moving infrastructure from on-premises to the cloud. As the capabilities of our customers and Intune grew, a pure cloud or cloud-native model gradually came into sharper focus. But every customer's journey is different, so in addition to the cloud-native model, we also developed hybrid approaches for the customers that needed some cloud capabilities without making the full transition.  

We are now seeing tens of millions of endpoints managed exclusively in the cloud, and I feel like we are reaching an inflection point. We will continue to support all customers in their chosen architecture and models, but I am increasingly hearing from customers of their successful adoption of pure cloud approaches. Given the increasing evidence from customers that have already migrated and customers planning to migrate, I am convinced that now is the time to move toward this pure, native approach for Windows.  

In this blog post, I want to share three recent customer stories from a broad range of industries as evidence of what is happening. Before doing so, let me quickly define what I mean by cloud native. In this context, I am defining cloud native as: 

  1. Using pure cloud-based user identity.
  2. Devices are cloud managed exclusively and receive apps and configurations dynamically, reset, or restored from the cloud
  3. Using Windows Autopilot or zero-touch deployment for all your Windows devices.
  4. In-depth security solutions are applied at scale through cloud integrated solutions. 

Microsoft Intune

Protect and manage endpoints in one place.

a group of people in front of a computer screen

1. Greater security and cost savings

Ericsson is a telecom equipment giant—it employs over 100,000 workers and has customers in 180 countries. Its transition to a purely cloud model is an example of how the shift can be helpful in both technical and financial ways.  

“We've gained control, security, and efficiency all while allowing us to remove costly on-premises infrastructure. Rapid policy deployment, enhanced application management, and remote device control have reduced risks and boosted productivity. This transformation has led to substantial cost reduction and streamlined operations.” 

—Nickolaj Andersen, Senior Architect End User Computing at Ericsson

Ericsson raised cost savings as a key benefit for managing their user computing estate purely in the cloud, and now is certainly a time when more of our customers are looking to “do more with less.” The financial benefits often highlight the reduction in on-premises hardware—the overhead cost to keep edge servers running Microsoft Configuration Manager—but there are two other parts to the business case to highlight.  

First, pure cloud endpoint management lowers the chance of a security breach and the costs associated with that. Because it enabled having patches and policies delivered in a timelier manner to employee devices, lowering the length of time a device may be vulnerable. It also allows our customers to utilize the full scope and scale of Microsoft's cloud to detect threat signals from ever more sophisticated attackers and react accordingly.  

The other part of the business case is reducing support costs for legacy on-premises solutions. These solutions require more staff, especially difficult in short-staffed areas such as security. And the best employees will want to work on forward-facing technologies that keep their skills current. By moving out of a tactical mindset, you can elevate your team from firefighting to setting the world alight.  

2. Transformation with cloud native endpoint management

The second customer story I want to share with you is from Hewlett Packard Enterprise (HPE). HPE has more than 87,000 employees and contractors, using more than 70,000 mobile devices, and 115,000 Windows laptop PCs. Their legacy on-premises solution relied on manual IT interventions and suffered increased exposure to security breaches due to slower device updates than when using the cloud. Kregg Nelson, End User Compute Manager at HPE, explains. “We realized that a cloud-based solution would not only make us more efficient but also open up new ways of integrating with other HPE workstreams, like security operations and human resources.”

HPE recently implemented Microsoft Intune for Mobile Application Management without enrollment, Windows mobile device management, Windows Autopilot, and used Windows Update to help ensure up-to-date devices during its ongoing Windows 11 migration. 

Using the fully cloud-based solution, HPE has enjoyed many benefits, including a 60% reduction in endpoint patch adoption time and the ability for existing IT staff to focus on more strategic issues than before. Windows Autopilot has also helped reduce device set up time for newly hired employees.

“You really want to help new employees feel productive right away, and getting them through first-time setup in 35 minutes or less is a great way to achieve that—it used to take two hours or more. Windows Autopilot has been critical for achieving this. We've had 4,500-plus people try it the new way since April, and customer satisfaction scores are at 98 percent—an all-time high.”

—Kregg Nelson, End User Compute Manager at Hewlett Packard Enterprise

3. The broader upside from being ready for future innovation

In addition to immediate cost savings and benefits from Windows 11, there is one additional consideration for a cloud only approach: providing a better foundation for future innovation. Whether it is deeper insights and analysis from , or simply being ready for whatever the next wave is, adopting a pure cloud, native model will put your organization on the right footing.  

“[Implementing Microsoft Intune Suite] is part of a broader initiative to move away from a traditional on-premises solution toward [a] cloud solution. Whether that is managing the endpoint or our email and collaboration tools, … that change has had a demonstrable positive impact on our organization.”

—A lead architect in workplace services at a financial services organization (who was interviewed by Forrester on behalf of Microsoft)

Part of that broader positive impact is unlocking new scenarios. To do this, customers are centralizing enterprise data to break down silos, and unlock potential insights from running over combined data sets. With a cloud-native model, centralizing this data becomes easier. Centralized data sources that share a fabric that will allow for AI driven ways to synthesize data in a way that is not possible if dispersed. AI models operating on centralized cloud data could help identify future security threats by bringing together insights from across the organization (and outside the organization) and joining the dots. We cannot perfectly predict the future, but companies that manage their user computing estate exclusively in the cloud are closer to being ready for watever is next.  

Next steps

I hope these customer stories help provide perspective to our updated guidance to adopt an exclusively cloud-native model if you have not already. We will, of course, continue to support our customers at whatever stage of the cloud journey they are on, but I also hope that these customer examples have shown the benefits of a purely cloud-native model. Customers are increasingly telling me that the economic benefits, the benefits from Windows 11, and getting ready for what is next with AI are all key drivers in moving them towards a renewed C-suite conversation about the timing of moving all your endpoint management operations to the cloud.  

Now is the time. Please look out for a future blog early in 2024 with more of our learnings on how best to implement this new approach.  

In the meantime, learn more about Microsoft Intune


This article was originally published by Microsoft's Secure Blog. You can find the original article here.