We support you
on the way to the
digital workplace
with M365

Modern Workplace:
Modernize and
automate with M365
Nenad Velickovic – Coming Computer
Engineering

We didn’t
know, now
what?
Defender for Business M365BP
Azure AD Connect 1.x retired, may stop working after 31.12.2022
Changes for Windows licensing from 1.10.2022 / per core VM
Microsoft WIP – Microsoft Purview
Exchange 2013 EOS, April 2023
Exchange EM service 0day
Windows server 2012 R2 EOS, October 2023
Remove last exchange in org, even hybrid need to be patched
New way to access on prem resources without CA - cloud trust

• In the last year, the number of Windows,
Android, and iOS devices protected by Intune
grew by 60%.
• More than 80% of new Windows 11 endpoints
are cloud-managed from the start.
• Nearly 50% of Microsoft-managed endpoints
are now cloud-connected, compared to less than
20% in 2020.

Login
options in
Azure AD
FIDO2 hardware key Number matching will be enforced for all users from May 8, 2023

Microsoft Defender for Business

Microsoft Defender for Business

Microsoft Defender for Business

Welcome
back Intune!

What is Intune?
• Intune is a single, integrated management platform
for managing, protecting, and monitoring all of your
organization's endpoints.
• Endpoints include the mobile devices, desktop
computers, virtual machines, embedded devices,
servers, and shared devices that your organization,
whiteboards, conference room devices..
• Security Baselines, BitLocker, FW, Defender

Azure AD Join vs Hybrid Azure AD Join?
•Use as transition step in specific environments
•Recommended by Microsoft and way to go

Cloud-native
Windows endpoints
• Manage Windows Endpoints from cloud only
• Allow access to corporate data only to compliant
devices
• Implement zero-touch provisioning

Device onboarding
with Windows
Autopilot
(zero touch deployment)

Android
management high
level overview

Android enrollment
options

Prioritize security
and usability with
easy access to
critical resources

Identity Governance:
Azure AD PIM, JIT for
RBAC, Access Review

Azure AD Application Proxy – enable access and
IAM to your on-premises applications

If it works, don’t touch it
It requires continuous monitoring and modification, implementation of new features and
services included in our license

Will it work for us?
Hybrid approaches for some services:
• Hybrid Azure AD Join – Azure AD Join
• Exchange Hybrid
• SCCM – Intune Co-management with
Cloud Attach

Solving problem
with old EOS
services by
migrating and
recommended
way to go:

News for
Intune
• New Intune plans Intune Plan 1, Plan 2
• Intune Suite
• PEM, Remote Help, Advanced Endpoint
Analytics, ServiceNOW integration,
Android/iOS per app MAM tunnel
• LAPS in cloud, Windows LAPS
• Managing 3rd party patching
• Managing driver and firmware updates from
Intune

Microsoft VDI
(Virtual Desktop
Infrastructure)
options

Microsoft VDI
(Virtual Desktop
Infrastructure)
options

Our mission is to find
and implement the
right solution for the
modern workplace in
your company.

Automate your
application
installations and
updates in Microsoft
Intune

Automated environment
• Automated and managed access to corporate data
• Automated deployment of endpoint, updates, apps
• Automated SOC with MDfB
• Automated compliance and device management
• Automated protection of documents
• Automated protection of endpoint hardware failure

We support you
on the way to the
digital workplace
with M365
Questions?
Nenad.Velickovic@coming.rs