The modern workplace is an evolving concept and in today’s world it means allowing employees to work anywhere, anytime, anyhow.


What are the capabilities and features of a modern workplace?

Windows Autopilot is a program that allows zero-touch management of PCs. It eliminates the need for costly imaging of machine and the maintenance and upkeep that comes along with it.

Windows Autopilot allows PCs to be shipped directly to an employee. The employee connects to the internet, signs in, and everything else in the computer’s setup is automated. This eliminates the need for imaging in your company.

Apple’s Device Enrollment Program (DEP) and Androids Android Enterprise programs allow for zero-touch management of corporate owned mobile devices.

Unified Endpoint Management (UEM)

This concept has been around for several years. However, many companies fail to take advantage of available technologies.

UEM is achievable via most modern UEM platforms and works by treating all devices as untrusted and deploying the same policies to all devices. Combined with Windows AutopilotDEP and Android Enterprise, a company can truly manage all endpoints in a unified manner from a single pane of glass.

We recommend taking a look at Microsoft Intune. This platform is now coming of age and is included in Microsoft 365 licenses. We use Intune internally at Mobile Mentor to manage all our desktops, laptops, tablets and smartphones, including BYO devices.



Passwordless Authentication

Modern laptops can leverage Windows Hello to eliminate the need for entering passwords on a day-to-day basis. Signing into a laptop can be as easy as looking at the screen.

Underneath the hood, authentication is managed via JWT tokens, allowing for a more secure and faster authentication method than passwords alone. PIN codes become a backup authentication method. Multi-factor authentication is supported as well.

Password-less authentication is possible on mobile devices too via Apple FaceID. Android still lags but reports of facial recognition in the Pixel 4 and in Android Q are common.


Managed Bring-Your-Own (BYO) Program

Allowing users to bring their own devices lowers capital expenditures, which can be a great saving for small and large companies. It also improves the employee experience. Who wants to have two phones or even two laptops?

A modern workplace allows employees to use their own devices for work. Traditionally, this would be limited to mobile phones but with modern advances in UEM (as above), laptops can be included as well.

For mobile devices, we recommend using either Mobile Device Management (MDM) or Mobile Application Management (MAM) software to protect company data.

With Android Work Profile, for example, it is possible to secure work data and work apps while ignoring personal data and apps. This allows employees to feel reassured that their own mobile usage is private while ensuring that company data remains protected.

In the event of a lost or broken device, remote wipe can remove company data while leaving personal data in place.

Finally, because work and personal are siloed, information sharing between the two can be protected. Copy and paste from work apps to personal can be turned off. Photos taken from a work app are stored in a separate partition that has its own encryption key, personal apps cannot access them.

A common challenge in healthcare is employees and contractors who work with multiple entities. For example, a doctor might work for a physician services group that has MDM and perform procedures in a hospital that has a charting app. There is currently no solution on the market that allows for device management by two or more companies simultaneously. In these situations, we would recommend a MAM solution (mobile application management) to apply policies to the hospital app on the doctor’s device which is managed by MDM through their own company.



Live Document Collaboration

“Didn’t you get the updated version I sent in email yesterday?” If you’ve ever said those words you know that document collaboration can be a real point of frustration.

With Office 365 and Microsoft 365, live document editing is now possible directly in your most commonly used Microsoft applications like Word, Excel, and PowerPoint. Live collaboration is possible from a single document, even within the desktop applications.

We recommend leveraging Microsoft Teams to facilitate live document collaboration and a host of other collaborative activities like instant messaging and video chat. Teams is included in Office 365 and Microsoft 365 licenses and can often replace 3rd party vendors’ solutions, reducing cost while benefit employee experience.

As a note, offline editing is also possible but can sometimes create merge conflicts so be wary of offline editing when many users are working within a single document.


Cloud backup & syncing with OneDrive

Another great feature available in Office 365 and Microsoft 365 is OneDrive. Laptops can be configured via MDM to use OneDrive for all user folders like the Desktop, Pictures, Documents folders and more.

The integration is seamless, and most users wouldn’t know or recognize the difference. Policies for OneDrive setup can be managed remotely, allowing for over the air configuration on local and remote devices.

Using OneDrive means that 3rd party backup tools can be sunset, and users will not face information loss when a device gets broken or lost.

The OneDrive app is available on both iOS and Android as well.



1-Hour Device Replacement

Modern Workplace Frontier is a concept describing a work environment that leverages the latest technology, balancing investments in 1) Endpoint Security and 2) Employee Experience to obtain the best outcome for a business.

All companies have constrained budgets, particularly with Information Technology. However, we believe that with the suite of software provided in the Microsoft 365 license packages, companies can achieve many of the items on the frontier and save cost at the same time.

For some companies it may not make sense to implement all the capabilities on the frontier. Some will be impractical or economically infeasible. However, you should know that these capabilities exist and that your competitors are working towards them.

If you are interested in learning more about how to achieve a modern workplace, contact Mobile Mentor.



Life on the Frontier

Windows Autopilot & Zero-Touch Provisioning

  • Unified Endpoint Management

  • Passwordless Authentication

  • Managed BYO Program

  • Live Document Collaboration

  • Cloud Backup & Sync with OneDrive

  • 1-Hour Device Replacement




Microsoft Intune is a part of Microsoft Endpoint Manager and provides the cloud infrastructure, the cloud-based mobile device management (MDM), cloud-based mobile application management (MAM), and cloud-based PC management for your company.