Building Security into IT Operations with Intune

Zach DeMeyer
November 14, 2023

Today’s IT teams and service providers have a massive opportunity to modernize their operations and embrace the cloud across their environment. In this process, however, they also need to understand the importance of security in IT operations and bake it into their approach from the get-go.

Considering this, we spoke with Ernest Murry, CTO of Genuine Technology Group, to discuss how he and his team are security first in IT operations as they help their clients modernize. Here are some of the methods and techniques he shared.

Security-first IT modernization

To start, it’s important to understand why businesses are shifting to cloud-based infrastructure in the first place. Genuine’s clients find that, as they leverage hybrid or fully remote work environments, their IT infrastructure needs to be adaptable to keep up. Additionally, they are struggling to deal with flat networks that open the possibility for lateral movement, as well as VPN issues and the cost of expensive firewall solutions.

Therefore, Genuine’s clients are asking to modernize their IT operations with the cloud. From Ernest’s perspective, this approach makes sense, and provides several key benefits:

  • Extensibility and scalability
  • Consistent work experience across the organization
  • Productivity
  • Reduction of capital expenses

The key to success here is baking security in from the very beginning. In modern IT, security is not optional. Traditionally, security relied heavily on the fact that the network was confined within the four walls of the office. Everything inside was safe; everything outside was not. By keeping bad actors out of the office, a company, in theory, was safe.

But, with remote work, cloud apps and infrastructure, and the overall decentralization of IT, such a luxury is not afforded to today’s businesses. Taking a reactive approach to security is simply too behind the curve and will likely lead to some kind of breach.

Using Intune to think security first

For Genuine, it all starts at the initial deployment of end-user machines. When rolling out new systems, Ernest and his team rely on solutions like Microsoft Intune and RMMs to both handle scale but also incorporate security from square one.

Intune makes a lot of sense: It already comes with a Microsoft 365 license and can be used to streamline remote deployments. Using Intune, Ernest and Co. can configure entire IT environments at scale across endpoints and cloud infrastructure. That includes the enforcement of policies to control what features end users can access on their systems, as well as their resource access through Azure AD.

Getting started with Intune

Formerly, IT admins would have to configure new machines manually, interfacing directly with the system to install software, drivers, etc. Some could leverage group policies or “golden images” to standardize the rollout process, but it would still take anywhere from 30 minutes to an hour at minimum.

Now, using Intune and Autopilot deployment profiles, Murry has cut his deployment time down to three minutes. From an MSP’s perspective, these time savings are critical, opening time for other more pressing tasks. Asa part of early setup processes, Ernest recommends not using the Intune Connector for Azure AD. The toolset is designed to create hybrid environment between Azure and on-premises Active Directory. This goes strictly against the full-cloud IT modernization approach, unlike Azure AD Connect, which syncs data between AD and Azure AD.

Watch this clip from the webinar for all of Ernest’s go-to settings:

Bringing security into the picture

Naturally, a key factor in Ernest’s thought process through this method is security. They begin by configuring the software the machine can access, removing applications with known privacy concerns like Cortana, as well as ones with potential malicious use, such as Windows 11 chat and the Microsoft game store. Other features and settings include stopping auto updates. This is largely done through policies, which can be applied to individuals, devices, or groups of either. There are several other configurations that go into place, with some varying from group to group depending on their needs.

Applications are another major portion of this process. Using Intune, Ernest and team decide what software end users have downloaded to their system on deployment based on their group membership. This prevents users from accessing applications outside the purview of their role based on the principle of least privilege. They also stick primarily to Edge as their internet browser of choice Microsoft constantly updates it and patches security concerns.

At this point, Ernest uses Intune to also deploy Genuine’s RMM (remote monitoring and management) solution. Intune is notoriously feature-poor when it comes to deploying scripts, so for those purposes, Genuine’s RMM is the preferred route. They also choose to use their RMM to install any proprietary applications to Genuine. But, for other third-party applications or client-specific apps, ntune is preferred.

This step is also when Genuine loads in applications like Todyl through Intune for securing the endpoint and collecting log data to be sent to Todyl’s SIEM. Intune has built-in endpoint security, which Ernest finds useful for aspects like Bitlocker disk encryption but limited for other aspects. Todyl integrates directly with Microsoft 365, so it adopts the groups that Ernest and his crew already have configured and use to further restrict access based on role.

With Todyl, specifically the SGN (Secure Global Network),Genuine rests assured that remote workers operate securely. They also leverage Todyl LAN Zero Trustto lock down local networks and prevent lateral movement. You can learn more about how the SGN and Todyl SASE works here.

Moving forward

For Genuine, security is not optional. That’s why they rely on Todyl to protect their clients’ endpoints, networks, visibility, and more.

To learn more about how Genuine modernizes their clients’ IT operations through a security-first mindset, watch the full webinar with Ernest.

Watch the Webinar

Stay up to date

Subscribe to receive the latest insights, news, and updates from Todyl.

Additional reading

Threat breakdown: Remote access and credential dumping
5 key elements of effective MDR providers: Beyond just detection and response
Streamlining zero trust security with JumpCloud and Todyl

Todyl updates

Sign-up to get the latest from Todyl sent straight to your inbox.