Microsoft Services - GCloud 7 Catalogue Cloud Based Device Management Using Enterprise Mobility Suite Production Pilot Service Definition Document
1 Overview of the Service 1.1 Service Objectives The 2 to 3-week Enterprise Mobility Suite Pilot is designed to create the enterprise mobility foundation and deliver a live production pilot to help customers start to manage mobile devices and enable their employees to securely collaborate on new devices. The engagement builds on your investment in Office 365 by enabling rich integration with Microsoft Azure Active Directory Premium, Microsoft Intune and Microsoft Azure Rights Management Service cloud services. The pilot activities focus on delivering key components of Enterprise Mobility, including: Implement Intune and configure for Mobile Device Management (MDM) Enable Multi-Factor authentication for Enterprise Mobility Suite (EMS) users Implement Azure Rights Management (A-RMS), including up-to two templates Enroll mobile devices Design and implement one corporate mobile device policy Enable Self-Service password management of EMS users Operational and Service management is a key component of mobile device management. Microsoft Consulting Services will work with your support and operational teams to ensure that the new technology is mapped onto your organization s existing service management model. 1.2 Overview of Work Performed This is a 2 to 3 week pilot engagement. Week 1: Assess and Enable Project and technical workshops Azure Active Directory, Rights Management and Intune Configuration Define and build EMS Service Capabilities o Establish project aims and goals o Validate personas to target o Quickly build technical guidelines and test plan using Microsoft best practice, including design and hardware requirements. Week 2: Enable and Manage Enrol up to 25 devices for management Define Service Management model for EMS Establish the Live Pilot and Service Readiness o Deployment of all core infrastructure and configuration of services o Implement and integrate EMS services o Start the process of knowledge transfer o Define device enrolment process o Provide support as devices start to enrol o Service Readiness report o Technical guides updated with as-built details
o o Production deployment plus test and remediation of identified issues Operations and maintenance recommendations You can choose to end the pilot at the completion of week 2, or extend the Live Pilot and Service Readiness as follows: Week 3: Enable and Manage - Extended Enrol up to 250 devices for management Extend the Live Pilot and Service Readiness o Continue enrolling users to the service o Provide support as needed o Service Readiness Report. Following this, there is the option to extend further to cover more devices. Microsoft consultants will work alongside your IT team to plan, design, implement and support the software configuration, whilst sharing Microsoft best practice knowledge and skillset. The Enterprise Mobility Suite Pilot concludes with a discussion of next steps and how to take the learnings from the exercise forward to meet your organization s mobility aspirations. Enterprise Mobility Pilot Capabilities 2 Week Pilot 3 Week Pilot Microsoft Intune - Mobile Device Management ios, Android, Windows; Mobile Application Management, Certificate management for mobile devices 25 users, max 25 devices, Application Deployment (up to 5 Applications), up to 10 policies 250 users, max 250 devices Azure Active Directory Premium - Single Sign-On to connect to Gallery applications, self-service password reset Azure Right Management Services establish two default policy templates 25 users 250 users 25 users 100 users from the core deployment group Enable Azure Multi-Factor Authentication on the Azure application portal for administrative users. Administrative users Administrative users
1.3 Service Outcomes The customer will be able to see the effect of Enterprise Mobility on their organisation for up to 250 devices. Microsoft will provide next steps and how to take the learnings from the exercise forward to meet your organization s mobility aspirations to help you to realise them. 1.4 Inputs and Pre-Requisites Prerequisites for the Enterprise Mobility Suite Pilot: Completion of the 1-day Enterprise Mobility Strategy & Planning Workshop Identify target mobile devices for enrolment across Windows phone 8.1, ios and Android must have enough available for up to 25 or up to 250 devices. Your organization currently consumes Office 365 or directory synchronization has been established Ensure the availability of one (or more) of your IT staff to work with Microsoft Consultants Environment pre-requisites must be met for Azure Active Directory Premium as per below Access to Microsoft cloud Service(s) and Portals Technical Configurations scope details: 1.5 Additional Information on Service Features Initial project and technical workshops with key stakeholders to establish goals and aspirations Identification of candidates for enrolment before Azure Active Directory, Rights Management and Intune Configuration Definition and build of EMS Service Capabilities, technical guidelines and test plan Enrolment of up to 25 or 250 devices for management, depending on requirements Provide full support as devices start to enrol into the program Definition of Service Management model for Enterprise Mobility Suite Establishment of the Live Pilot, running and all Service Readiness
Deployment, implementation and integration of all core infrastructure and configuration of Enterprise Mobility Services Provision of Service Readiness reports, Technical Guides and operations/maintenance guidance. 1.6 Additional Information on Service Benefits Boost business agility by providing employees with real-time, anywhere access to business tools and information Increase business security with Hybrid Identity and Unified Device Management, and Collaborative Rights Management Allows organisation to embrace a range of devices and Bring-Your-Own-Device (BYOD) culture Mitigates risk through the use of proven Microsoft architecture, deployment and operational best practices. Deliver immediate benefit by implementing a production ready solution Implement Microsoft best practice both architecturally and operationally through the use of Microsoft Services Enable new device scenarios through device registration, security enforcement and compliance reporting Enhance the rich features of Office 365 collaboration by extending the service to mobile devices
Assumptions Customer resources will perform the installation and configuration of the solution, under the direct guidance of MCS personnel. Customer is responsible for formal acceptance testing of final infrastructure. All in-scope Enterprise Mobility Suite features will be considered and incorporated into each phase of the engagement, where appropriate. All remediated for the Engagement is completed prior to the engagement or completed within the timeframe of the engagement Hardware procurement, operating system (OS) build install, racking, stacking and wiring will be the responsibility of the customer and is finished before the engagement start. Physical or virtual servers required for the infrastructure must be available to the team during the appropriate phase of the engagement to avoid project delays and change orders. Servers are connected to the internet direct or through proxy. Enterprise services within the production infrastructure (DNS, DHCP, ADFS, Directory Synchronization, etc.) are remediated for Intune is completed prior to the engagement or completed within the timeframe of the engagement. Devices for enrolment must be physically accessible, or enrolled by the end-user. Customer is responsible for the purchasing of the Enterprise Mobility Suite (EMS) subscription. Customer is responsible for providing needed digital certificates for SSL communications and other certificates as required. Certificate Management (PKI), Network Device Enrolment Service (NDES) and Web Application Proxy (WAP) within the production infrastructure is healthy, or can be remediated before or within the first days of the engagement. Customer will determine which apps will be selected from the Azure App Gallery and will ensure that users have accounts for these applications. For administrative user only Two-way password sync is enablable prior to the start of the engagement The solution will not be integrated with Microsoft Windows Rights Management Service (RMS) for Exchange Server 2010 or later on-premises, SharePoint Server 2010 or later onpremises and Windows File Servers on-premises. 1.7 Why Microsoft Services? Microsoft Services is the Professional Services organisation within Microsoft. Our role is to work with customers to enable them to realise the full value of their investment in the Microsoft technology stack as quickly as possible. WE OFFER OUR CUSTOMERS TRUE PARTNERSHIP WITH GENUINE SHARED SUCCESS OUTCOMES Microsoft s strategy is to deliver platforms that underpin our 'Cloud First, Mobile First' vision. This shift to cloud away from on premise implementations, makes it more important than ever before that our customers are successful in their transition to Microsoft Cloud. Driven by this outcome, Microsoft Services shares your ambition to quickly realise the benefits of Cloud technologies. By selecting us as your partner, we will accelerate your migration to the cloud
and minimise costs of transition to cloud services, whilst de-risking your project by accessing our IP and expertise developed over many years, and across 1000 s of engagements around the world. We want to partner with you to achieve our shared goals, whether you are just starting your journey to the cloud, or are already well on the way. OUR CLOUD SERVICES INCORPORATE THE FOLLOWING: Advice and guidance to support development of cloud strategies and reshaping IT functions to take full advantage of cloud services and insourcing of SIAM functions Programme governance, working client side to ensure our customers benefit from the IP bank and experience of delivering similar projects to 1000 s of customers globally Full implementation of production solutions including migrations of all workloads to the Cloud both as fixed fee or time and materials engagements. Proof of concepts and jumpstarts to quickly get your cloud journey started Service Management Consulting to support shaping and implementing a Cloud First future IT operating model Adoption and Change Management services to support end user adoption and acceleration of return of investment in cloud technologies. A range of ongoing proactive and reactive support services covering all Microsoft Cloud platforms. In addition to moving enterprise workloads into the Cloud, the heritage, depth and range of Microsoft s devices and services is unique. We leverage this when we work with our customers to help identify new opportunities to transform their business and deliver more for less. WE DESIGN CONNECTED EXPERIENCES In a world of devices and services we bring everything together, to build and deliver connected solutions across all channels, with a focus on digital services transformation; ranging from single purpose applications to the most complex technical engagements. We provide effective use of existing assets, platform modernisation and breakthrough experiences. We deliver digital solutions through the research, envisioning and design of new products, services and experiences. WE CONNECT CONSUMER AND ENTERPRISE We will bring the unparalleled experience and breadth of our consumer, commercial and enterprise business to your organisation. We are able to connect service promise to tangible value. WE HAVE A MATURE PUBLIC SECTOR APPROACH
We are the partner of choice for a range of Public Sector organisations across Central and Local Government, Security Services, Defence, Emergency Services, Health and Education. We understand the environments you operate in and the security requirements specific to secure Government environments. We work closely with CESG and other cross-government bodies to develop standard approaches to project delivery that meet stringent security requirements in certain areas of Government. We employ a large number of SC and DV cleared staff across our portfolio of services, to ensure we can deliver our solutions across all Departments and Agencies. CUSTOMER PROFILE: Microsoft Services is engaged with one of the top Public Sector departments to achieve their goal of moving their 200k seat organisation to a Public Cloud Service based around Office 365 and mobility. The Microsoft Services team are engaged to determine how the department could move to cloud services in a quicker timescale than their current contract. Our team worked with the customer and its IT suppliers to accelerate the transformation of its desktop environment to one that enabled a modern workforce through fixed and mobile devices accessing cloud services. This transformation was brought forward by 2 years and is now leading the way for UK Public Sector. Microsoft Services defined two visions to drive this transformation: Enabling Choice: for the last 10 years end users had only one device based on 13-year-old technology that was expensive, complex and inhibited business agility and productivity. This vision led to a platform that enabled end users to have a choice of device (desktops, laptops, tablets, smartphones from Windows/iOS/Android) accessing a choice of services from a choice of locations using a choice of wired/wireless connections based on their role and business scenario. Get Modern Stay Modern: Microsoft Services showed the department how it could get onto a modern platform and then how to Stay Modern using the Evergreen capabilities of Microsoft Cloud Services. As new capabilities are now added on a monthly basis, end users can take advantage of these as and when ready. This provides future cost avoidance for the department as it no longer needs to carry out long and expensive upgrade programme in 5-10 years time (which has been the traditional path for the last 15-20 years) The services team not only defined the journey but have also been part of the delivery, de-risking the migration activities. We approached the engagement from a business/end user experience perspective showing how Office 365 could lead New Ways of Working whilst resolving the technical, security, identity and support constraints in a very short space of time taking an end to end view of the service, not just the technical aspects. This provided real business value improving the productivity of the whole department, enabling real time collaboration at all levels and significantly reduced the operating costs. CORE COMPETENCIES AND CAPABILITIES: All of our Services offered on G-Cloud incorporate the following core competencies and capabilities: World Class Expertise: We are proud to be a world leader with decades of experience not just in our technologies but also the Services that support them. Our knowledge, expertise and proven practices underpin the delivery of our consultancy and support services.
Connection with Microsoft Product Groups: At any stage of the design or implementation process, Microsoft is able to connect with specific Product Groups and technical communities at the heart of Microsoft. This means we have unique access to the latest developments surrounding our own Microsoft technologies to resolve issues quickly, and assist in planning and strategy. Distinctive Intellectual Property (IP): Microsoft is able to draw upon unique IP including frameworks and accelerators developed through hands-on use of our own technology and many worldwide deployments, to accelerate and de-risk the delivery of your solution. Strong Customer Relationships: We are committed to long-term customer success and have close, intimate relationships with our customers that enable us to support their projects and wider business goals. All of our projects are monitored and measured in terms of customer satisfaction, which is a key metric for our delivery teams. A Relentless Focus on Driving Customer Impact: Through architecture, deployment, adoption and support, ensuring our customers do and achieve more with their investments in Microsoft to help them please their own customers.