Back to News & Resources

Cloud Connecting and Co-Management

While the pandemic introduced significant cyber security challenges to global organizations due to the increase in remote work, one of the main issues faced by organizations as of the peak of the pandemic is the use of unmanaged devices (specifically, company laptops). These laptops are given to company employees and are usually equipped with the most basic security measures, such as a Jump Box for VPN and at best, a check of the laptop’s features and updated signatures.

Elad Cohen
Elad Cohen
Feb 2024

Co-management is one of the most useful ways to manage on-prem devices and laptops used in your local domain environment, by synching your existing Configuration Manager deployment to the Microsoft 365 cloud and as a result onto the company’s desktops and laptops.

What will you get when using co-management?

Co-management enables its users to manage connected devices by using the Microsoft System Center Configuration Manager (SCCM) and Microsoft Intune, at the same time.

Microsoft Intune

There are two ways to set up co-management in your devices:

  1. Automatically enrol the local domain devices managed by the Configuration Manager (SCCM) into Intune;
  2. Bootstrap Azure AD-Joined devices already using Intune, to easily install the Configuration Manager client.

 

Main Benefits of co-managed devices

  • Conditional access with device compliance
  • Intune-based remote actions, for example: restart, remote control, or factory reset
  • Centralized visibility of device health
  • Link users, devices, and apps with Azure Active Directory (Azure AD)
  • Modern provisioning with Windows Autopilot

Another great benefit is the simple and easy application deployment. In order to simultaneously deploy the Google Chrome App in Intune and SCCM, you will need to install the Chrome App only once.

To simplify the process of secure remote work, it is recommended to use Autopilot in hybrid/Azure AD-Joined devices.

How does it work? Modern Desktop Management

After initiating a simple identification process using a Wifi connection, username and password, the computer begins installing all the applications and security baselines that the company has deployed with Intune until the laptop is fully compliant.

Azure Active Directory

More Content