Kieron Kennedy: Okay, we are ready to go. Hello everyone. My name is Kieron Kennedy from Code Blue. Thank you for taking the time to join Code Blue’s latest knowledge sharing session today. We are delighted to have Kane McGee from Dicker Data to talk about how you can enhance your organization’s efficiency and security with Microsoft Modern Device Management.
During this webinar, we’ll discuss real world examples of modern device management and deployment, aligning with the Windows 10 end of life and providing ways to streamline the redeployment of your Windows 11 fleet strategies around information governance to support future use of copilot for Microsoft 3, 6, 5 core security features and protections for business.
A little bit about Kane McGhie. Kane is the Microsoft Security business development manager for Dicker Data. Kane has over a decade of experience in it and specializes in cybersecurity. Kane’s experience includes supporting organizations raging from sole traders to thousand plus seek global enterprises to help them overcome complex threat environments.
Prior to his current role, he was the security response team lead for a medium sized managed service provider, leading responses to cybersecurity incidents, big and small. During Kane’s presentation. If you have any questions, please pop them into the q and a function. You’ll see that on the top bar of your team’s meeting.
Invite Matt Bourne, our Solutions Architect and National Modern Workplace Practice lead here at Code Blue will be helping moderate the incoming questions. We will commence the live q and a around 9:40 AM and we do promise that we will wrap this seminar up at 10:00 AM sharp. So without further ado, over to you Kane.
Kane McGhie: Awesome. Thanks Kieron. So yeah, today we’re just gonna work through, starting out with how we address some of the challenges that are in our small and medium business environment today. And then some of these that sort of don’t change. We are always looking to reduce our costs, but we need to do so in a way that is today a lot more distributed than we’ve had to do in the past.
And that does present some challenges, particularly around how we secure those environments. A part of that, when we speak about our modern device management, our devices sit at the edge of where we protect our environments. And so it’s really critical that we have those managed in a nice and consistent way.
So we’re gonna talk about that quite a bit today.
And security continues to be a challenge for us. We see a massive increase still of ransomware attacks. We see that stat there, 300% increasing. And 50% targeting small businesses. And, I think we can analyze that a little bit further and say that, 50% of our businesses are small businesses, so really it makes no difference what size you are or where you sit.
One of the things that I say quite regularly to, to my customers is that an attacker doesn’t know that you are not worth attacking until they get in. And so it’s really important that we treat everyone with a high level of security, and we make sure we’re doing things to best practice all the time at least hitting the minimum standard.
And of course, there’s a big challenge on our horizon which is really relevant to our device management. And that is Windows 10 going end of life on October 14. I wanted to touch on some of the risks and challenges that. 10 going end of life means, and the number one is that vulnerabilities aren’t gonna be patched by Microsoft four Windows 10 come October 15 when Windows seven went through the same process we did actually see Microsoft Patch some of the really terrible vulnerabilities that came out soon after this.
But it’s really a case of, whether it’s worth Microsoft’s effort. If it’s an easy patch, then they’ll put it through, but if it’s a hard patch, then they won’t. And my biggest concern, excuse me, is that we are going to have a number of attackers that have vulnerabilities that they’re currently sitting on that defenders don’t know about yet.
And then once they release these vulnerabilities after October, the response from Microsoft is gonna be far more muted than what we’ve been used to over the last 10 years. Coming outta that, of course, our new features from Windows updates just aren’t gonna come through and other software is gonna stop supporting Windows 10 of particular importance.
A lot of the software that I’m gonna be talking about today in our productivity suite won’t be supported on Windows 10 come October 15. That doesn’t necessarily mean that they’re gonna stop working, but it does mean that you’re gonna stop getting updates, you’re gonna stop getting some of these features that you’re gonna see.
And again, importantly, we’re not gonna get vulnerability as being patched.
So when we’re talking about small and medium businesses, particularly in New Zealand, the Microsoft 3 6 5 business premium is a particularly attractive skew. I’m aware a number of Code Blue customers are already using business premium, which is amazing. So I want to go through what this. Package looks like a little bit so that we can understand how we can get the most out of it.
A lot of these tools aren’t necessarily, plug and play. They do need a bit of configuration. While Code Blue will have a number of these systems turned on by default, just because you are with Code Blue, you do need to make sure you’re having conversations with them to make sure that some of these value add pieces that maybe aren’t turned on by default within their packages that you do talk about how to get those turned on.
Because Business Premium does provide this really, almost enterprise grade it’s right at the bottom end of what I would call enterprise grade security. It really does the job. If you’re sitting in a, 300 person organization or below Business Premium is the best value enterprise system that you can get.
And the reason I say that is because it takes a very layered approach to security. It is going to protect your identity, it’s gonna protect your devices, it’s gonna keep your emails and communication platform secure, and it’s gonna keep your data secure as well, using Microsoft Purview.
So I’ll dig into this a little bit further. Broadly speaking, we can break business premium into two categories. We’ve got our productivity suite that you’re gonna see on the top there, and you’re gonna see the security suite that we’re gonna go on the bottom there. The productivity suite is made up of your word office, ex Excel, outlook these sorts of tools, even teams, which is what we’re running on today.
This is part of that productivity suite. I’m gonna go through some of those features now quickly just to make sure we’re abreast of any recent updates on those and make sure that you are getting the most out of the features that you are already paying for in many cases.
Some of the big focuses of business premium from productivity space is really that productivity sorry, that collaboration piece. So really getting our employees working together, which is something that is quite hard these days with a lot of remote work. Microsoft Loop is a really good example of this where I don’t think it’s official yet, but Microsoft are looking at taking OneNote and moving it into loop.
So Loop is an online version of OneNote, if you’ve used that before. And it has a massive focus on collaboration and I’ll talk a little bit about that in a couple of slides. Of course, we’ve got a more traditional file sharing and SharePoint and OneDrive tools, which I’m sure we’re all very familiar with at this point.
So going into Loop a little bit further, one of the things that makes that. An amazing tool is the ability to take particular elements out of the loop and then share those those specific elements out to specific users. And even beyond that, we can take that element and we can drop it into a teams channel or a teams chat, and then we can have people within that teams chat and add and interact with that element.
So you might have in my sort of work that we do at the moment, my manager will create a loop that he is interacting with the other people at Management Layer. They’ll create that loop, say, Hey, there’s this Code Blue workshop that we’re, we are doing today. Kane can update this table and let us know how that goes.
Once you’re finished with that, I’ll be able to update that live. And then the management team are able to see that in a more secure sort of area, which is just for them, where they’re then able to interact and collaborate. So it’s this. Really tight, really polished collaboration tool.
Obviously we’ve got OneDrive and our file sharing features. The update here is really that integration with copilot coming into our day-to-day sharing and really being able to discover the information and your OneDrive’s. If your OneDrive’s look anything like mine, they’re absolute chaos all the time.
And so finding information in there can sometimes be a bit challenging, and that’s where copilot starts to really come into its own.
We’ve also got Clip Champ. Now, clip Champ is something that if you’re a little bit like me and I do quite a bit of video editing, it may not necessarily appeal to you. But if you do some video editing once every couple of months have an office trip that you just wanna put something together, it’s not worth going out and paying for a full featured professional video editing tool.
But you do need something that can just throw together a couple of clips, make it look, reasonably okay. Clip Champ is definitely a powerful tool there, which again, because this is included with Business Premium, it’s really about saving you money so you don’t have to pay for those big tools.
And of course, everyone’s old favorite outlook. One of the things I wanted to work through here is really just show that despite Outlook being. Probably older than I am now. It is still getting updates. Microsoft is still adding features that all of the time. And being a part of business Premium means you get those features every month as soon as they get released.
Microsoft’s editor, so this is one that I wasn’t particularly aware of before I prepared this slide deck, but this is replacing publisher. Again, publisher itself didn’t really lend itself to those collaboration features, so we’re starting to move off to the more cloud-based tools. Keep an eye out for editor and give it a shot.
I spent a lot of time on publisher and primary school making up random little posters and stuff. So has a good place in my heart.
And PowerPoint, of course is not a, not without getting some updates here. With the greater integration of AI tools, we are starting to see some of those come in really embedded into our office applications. Particularly with PowerPoint, the speaker could coach and embedding your image into PowerPoint slides and prerecording content really just makes your content stand out above others.
Of course, there’s dozens of other applications here. I don’t want to go into all of them, but that gives you a little bit of a taste as to the real push that Microsoft has to always, constantly improve those productivity tools that, many of us rely on every day.
So we are just gonna move into now the more security focused tooling. And this is where we start really digging into what modern device management can do for us. So before we start talking about the actual tools here, when PowerPoint clicks the button, there we go. I want to have a little talk about how bad things actually happen.
So obviously in my previous job I was working in security response and understanding the chain of events to how these incidents really trigger is very important to how we then protect from them. So this is a really nice slide for a couple of different reasons. The first is that it’s from 1991 and that really shows that a lot of these security principles, they remain pretty consistent.
Across basically the lifetime of the internet. So even though there’s all this change going on and it can be really intimidating, having so much happen and technology is always evolving, it’s really comforting to understand that the core fundamentals really remain the same and remain consistent.
And so we can take these lessons and then apply those to these new tools and these new techniques and have confidence that we know they’re gonna work. The second thing I like about this slide is that there’s a lot of non-technical things on this. And so when we are talking about how we protect our environment, we always need to be aware of the non-technical aspects of how we are defending as well.
We can’t get too narrow focused on just the technical elements. But with that said, I’m gonna spend the next sort of 10 minutes just talking about the technical elements.
So when we are defending against threats, we need to take a layered approach. Very often, the first layer of that is gonna be your communications platform. This is how a lot of our threats are gonna come through. And so you’ll notice that maybe five years ago when we talked about the edge of these, we were talking about email.
Whereas today I’m talking about the communication suite because really attackers know that they can use more than just email to get you a dodgy link. These days, they can send you a teams message, they can, access an overshared document and then embed a link into that document, or change a link in that document that’s been shared out by a OneDrive.
So Defender Office 3 6 5 provides the tooling required to protect against this entire environment so that wherever an attacker tries to. Poke and prod and get through these defenses. We have something there ready to meet
Kieron Kennedy: them.
And then right at the
Kane McGhie: other end of the layers, we’ve got our data. Now this is actually what the attackers are trying to get access to. So one of those very early slides, we talked about how there’s been this massive increase in ransomware attacks. There’s some other data that’s come out very recently that showed the actual successful rate of attacks, the number of successful ransomware attacks has actually dropped quite significantly.
Attackers aren’t making the money outta ransomware that they used to be because we have really met that threat as security professionals. The threat’s still there. We still need to be very careful about it, but we can start thinking about. The things that the attackers are gonna be moving on to next.
And we’ve already started to see this. There was an attack that I responded to last year where within 12 minutes, the attackers had located the data that they were looking for and had extracted that data from the system. So they are really laser focused. Once they get into an environment, they’re not just sitting there bombing ransomware like they used to.
They’re really just gonna go after the information that they want to go after and they’re gonna extract it. Business Premium gives us the tools through Microsoft Purview to actually start placing restrictions on how that data leaves the environment. And so we can start actually getting in front of these attackers.
So even if they are able to get into our environments temporarily, we’re able to put these barriers in front of them so that they can’t get what they’re after.
And what that actually looks is encrypting emails so that if they, if an email gets forwarded out to someone that it shouldn’t do, it’s encrypted. If they forward that email to someone else, that someone else can’t read it, if they try and send a teams message to themselves with some data, that data is still protected by the purview system.
Sometimes business premium doesn’t quite give us all of the tools that we need, though. Purview is a good example of this, where a lot of the tools are a little bit manual. We need to set default. Labels and default rules for how we protect this data at a site level very high up in the system. This can represent challenges for users.
Sometimes it can be a bit burdensome for a small business. Normally this is okay because we are able to communicate with each other. We understand what we need, we understand what those labels are. But if we need some more automated classification, maybe we work in a health sector and we really just wanna make sure that patient data is protected all of the time, regardless of what’s going on.
We can create rules to protect that data based on, key words based on whether it complies with certain patterns or not. And we are able to automatically protect that with these add-ons that are available to business premium. We’ll give a little summary of what those add-ons are at the end of the slide deck.
One of the really important things that I want to call out here though, is if your industry has some compliance standards that you or your insurance company or your customers require you to meet, such as ISO 27 K one, maybe you work in Australia and you’re required to adhere to the essential eight standards, or in New Zealand, maybe you have a requirement to, adhere to some of the NCSC standards.
Then some of these add-ons that are available in our, very reasonably priced, are able to give us the tools we need to meet those compliance and really call out those areas that maybe we need to work on a little bit to, to meet those compliance
Kieron Kennedy: standards.
Staying on the
Kane McGhie: subject of sort of data exfiltration and how we can manage those devices, when we are looking at what our devices are doing in the environment, we need to have an understanding of what. Applications are being used out in the cloud. And this is a concept that we call shadow IT management or shadow IT risk.
There are some tools here using the depending for cloud apps that will enable us to discover what our users are working on. Normally it’s all, absolutely fine, but particularly when attackers come in maybe we have some staff that aren’t necessarily doing what they should do. We’re able to get visibility of that using this particular tool set.
This is one in particular that I wanted to call out though because by default this one doesn’t necessarily get turned on. So while you’re licensed for ingesting data with business premium via Defender for cloud apps, we still need to configure. The tool to, or whatever tools we’re using in our environment to actually send that data up to Microsoft to actually analyze.
And talk to Cloud Blue if this is something that interests you because there’s some configuration that is required
Kieron Kennedy: on this one.
So then we can talk about,
Kane McGhie: Once an environment is compromised, how do attackers actually get into our environment and then leverage that compromise? And invariably they have to authenticate with something and that’s where Microsoft interest steps in. And so Microsoft enter is the platform by which everyone authenticates into their 3, 6, 5 tenants.
What we can do is use a tool called conditional access. To really get smart about how we authenticate to our environments. And this might mean making it easier in some cases where we are very confident that a particular sign in is safe. So yeah, MFA can be very annoying sometimes it can really get in the way.
We can suffer from something that’s called MFA fatigue or notification fatigue where, maybe we approve things that we shouldn’t. Just out of habit. Conditional access really alleviates that risk because it makes sure that we’re only getting notified when there is a need to notify us to go through those extra factors of authentication.
It also gives us the power to start bringing other third party applications into our authentication workflows. If we are logging into a device that is joined to, it’s a Windows 11 device. It’s joined to our Microsoft system. We know, we trust it, it’s being managed effectively. We trust this device to then log in, not just to our 3 6 5 tenant, but maybe we have some other third party applications Dropbox or Salesforce come to mind.
Then we can make it easier for our users to access those applications as well.
When we talk about multifactor authentication, these are some of the tools that we would use. And again, we are really starting to get into that modern device management piece. When we’re starting to talk about Windows, hello, and we’re talking about how can we trust a device, how can we configure a device in a way that we are comfortable, that users can log into this, they can access our systems, they can access our tools, and in many cases we don’t even need them to put in a password.
Simply having the camera, we trust this device, we trust its camera. Looking at the user and saying, Hey, this is my user. I know this person. He can log in. She can log in, they can access our systems, and they can carry on.
So how do we trust our devices? How do we as it admins, as IT engineers, as business managers, how do we know that a device is secure? We have this concept called secure by design, and this is where. Beyond just the security tools, beyond just making sure we have our antivirus tool, making sure we have our our EDR tool installed.
Maybe there are things that we can do to actually have a device secure simply in the way that it is configured. This is normally done by turning off things that are not used. ’cause every time we turn something on, it creates a little vulnerability. But turning those things off can be challenging. It can be hard to do that at scale.
It can be hard to do that. Without interrupting our users. We need to know that our users don’t actually need that feature. With Microsoft Intune, we are able to get those modern device management features that we actually need, and we’re able to integrate those device management features with conditional access.
Previously as well. It’s important to note that we would refer to this as mobile device management. This kind of gives us the impression that all we are really talking about is, mobile phones. The reality though is that we can use these same tools to manage any device in our network, in our systems, whether they are mobile phones, whether those are laptops, whether they are desktops.
And in many cases, the devices that we manage may in fact sit in a data center rack and never even leave the building, let alone you have any other sort of mobility about them. And so that’s why we start using this term mobile modern device management instead.
But I do wanna spend some time talking about mobile devices because.
I be, I bring my own mobile device. My company OData pays me to use my personal device for work purposes, but that presents with me as an employee, as a human being, a bit of a challenge because, maybe I don’t actually want my work to be able to see my personal devices, my, my apps.
I don’t necessarily want my work to see what I’m doing on my device and vice versa as well, because, work doesn’t want my personal device personal applications potentially compromising my work data in, in that enterprise environment. And so within Intune, what we’re able to do is create these walled gardens around our sort of applications that are for work and for personal use.
We’re able to maintain that separation between work and personal life, which, is so important, particularly in a sort of really distributed workload. And, we’re all working from home. It can be challenging to keep our lives separated sometimes. And making sure that we have the tools to support our employees work-life balance is really important and obviously very important that as enterprises, we protect our data as well from, potentially unmanaged applications that, sometimes are a little bit risky.
Bringing it back to our sort of regular workplace devices, our laptops, our desktops, our even our servers. I wanted to touch on quickly. How in the past we would manage these devices and, if you’ve been around in sort of office environments for very long, I’m sure you’ve seen people like myself running around with, USB sticks with golden images on them.
And we would run around and plug in a sort of a cd, so to speak, of a Windows installer. We’d sit there and type away for hours at a time trying to build out a Windows image. We’d plug in and use some fancy tool to deploy a pre-configured image. Those methods were good for their time and there were ways that we were able to speed that up.
But these days, the demands on our devices, the demands on our imaging systems are significantly different. It is not unusual today for us to need to rebuild a device that is on the other side of the world and we can’t realistically ship a device around the world. Image it and then ship it back in a timely manner.
We can’t do that. And then we have other challenges as well where with these image and manual builds around configuration drift, which is this concept that over time the things that we set up, the secure by design settings are gonna change. And so with Intune, what we have is this concept of a live build where we don’t have an image per se.
What we have is a set of rules in place that intune then go through and actually configure the device so that it is secure by design and it stays secure by design. And we can update that configuration as we learn new tools and new changes, or as the needs of a business change, we are able to change with that design.
We do this with Intune, particularly there’s a subset called Autopilot. Autopilot gives us an ability to rebuild a device based on its hardware id. Now, I don’t want to go into the details of how the hardware ID is actually built, but every device has a set of things that are unique about it and we can use that to, to build out this hardware id.
And this is true from the factory. And so what we can do is have these rules pre-configured so that we, as soon as a device leaves a factory, it’s ready to go. We can call up hp, Dell, Lenovo, or Diner book, or Microsoft Surface, and we can make sure that these devices, we can preload their hardware, IDs into Intune and everything is good to go.
And this gives us that protection from day one so that from the moment a user. D Box is a machine and opens the lid, starts logging into it. It is secure, it is ready to go. That user experience, they don’t need to spend three hours on the phone with it. Getting a device configured, that means that, for a user, that experience is just gonna be, really smooth and really great.
And that’s what we want for our users.
Touch quickly on Azure Virtual desktops. It’s important to note that with business Premium you get a license for virtual desktops. So if we aren’t ready for this modern device management piece we can bridge the gap there with Azure Virtual Desktop or in some cases for small user deployments, we could use a service called Windows 3 6 5, which is very similar.
This is able to provide you access to a device in the cloud that again, we can manage within tune, we can manage with those mobile modern device management tools. And you’re able to overcome some of the challenges with managing, a large fleet of devices.
And with the Microsoft Azure NZ North region recently going live, we are able to get an experience that is better than ever the latency, the lag that maybe you would’ve experienced if you’ve tried a BD in the past. It’s not there anymore. We’re milliseconds away from the data centers here in New Zealand.
So we’ve talked a bunch about a bunch of different tools here, but I wanna bring it all together and show how we can use these tools in order to face the challenge that we have coming up on October 14.
Broadly speaking, when we’re talking about a Windows 11 deployment or a deployment of any tool, whether that’s a new software package that we want or whether that’s an entire new operating system, this is more or less the workflow that we are gonna go through. You’ve got this inventory step at the start, we were able to use tools like Microsoft Intra and Microsoft Intune in order to get a really good inventory of our devices, understand what’s going on in our networks, understand, how big is the challenge in front of us.
We then able to prepare our packages within Microsoft Intune. This step can take a little bit of time. It’s important not to rush this and get it right, but Intune does have a number of pre-configured packages ready to go so that we can really smooth this one over and get it going in a really efficient way.
We are then gonna start with some pilot deployments. Within Intune we don’t just have this sort of click a button and then everyone gets it kind of mentality. We have a very staged approach to very controlled approach to the way that we would deploy any sort of changes out to environment. So we deploy it to a series of pilot users first to find those within the business.
We’d want a sort of selection of users across different industry or different business verticals. So we might have some people from finance, we might have some people from, we’re a factory from the shop floor. We might have some people in it some people in management so that we can get this really good overview of any problems that we might face.
Once we’ve dealt those problems, we’re gonna start rolling it out into production. And once again, we’re gonna take this ringed approach to how we deploy this. It’s not gonna be one big bang approach. We’re gonna start with, 10% of the users, then we’re gonna go to 30% of the users, then we’re gonna go to 60% of the users.
And then finally we might go to a hundred percent assuming everything goes well, and we can roll that back as well at any point if we need to. We’ve then got compliance and enforcement. I talked about conditional access, being able to really get smart about how we deploy or how we authenticate systems.
So we’re able to use that and utilize that in combination with Microsoft Engine in order to ensure that any devices that are accessing our systems are in fact up to standard to access our systems. And we can raise a sort of escalating tree of, hey, just notify the users all the way out to fully lock out the users if they’re not in compliance.
- Coming outta that, we’re actually gonna leverage the productivity gains. We’re gonna get our users actually using our systems, using our devices, and then we’re gonna take some feedback from them and we’re gonna go back in and we’re gonna re inventory everything. And we’re gonna make sure that we are then able to do a sort of continuous improvement and always getting better approach to how we use Intune and leverage our systems.
Microsoft wouldn’t pay me any money if I didn’t come in and talk about copilot every chance I get, which means I have to talk about copilot here today. And Business Premium is a really good fit with copilot because it enables us to secure our data. And if you’ve seen any of the sort of more dedicated co-pilot sessions, you know that one of the biggest challenges that we have when we are rolling out any AI tool and co-pilot is included in that, is actually making sure that our data is protected.
- And in particular, those tools that I spoke about earlier with purview, we’re able to make sure that our data is auto is identified and encrypted or has the correct security settings placed on that data. If it’s proof for external use, then hey, that’s fine. We can go external. But if it’s, very sensitive information, if it’s patient data, if we’re working with some health organizations, if it’s, in special intellectual property, if we’re a more industry focused manufacturing industry we are able to utilize the tools within business premium to use AI tools and use copilot safely and securely.
Wanted to call out quickly here that there is a free version of it’s free in the sense that you’re already paying for it. If you’ve got business premium that comes with enterprise data protection, I strongly encourage anyone that is here to use. Copilot Chat, which is available at, I forget, the URL.
It’s in portal.microsoft.com. We browse there. We’re gonna be able to find our copilot icon and access AI in a safe and secure way without compromising any of our business data.
I mentioned, I’ll throw up a slide here, showing some of the add-ons that we can throw into business premium. So we’ve got our data protection if we need to in increase our data, sort of safety level, so to speak. We’ve got an add-on to Clip Champ, which is clip champ premium. So if we need to be working with 4K or high FPS and we wanna start using generative AI in our videos, you can go there and we’ve got teams phone standard.
If you’re still using a sort of old school copper line, we can start getting you into the world of VoIP. Those are all NZ prices and this is by no means an exhaustive list. Just two weeks ago Microsoft unlocked an E five security add-on, which has a number of sort of additional security tools beyond what we’ve talked about here that we can add on to business premium as well.
Invariably this slide deck will be available. I’m sure it will come out. So we’ve got some links here if you want to learn anything more about the business premium stack. We’ve got some great resources here and obviously Code Blue is able to answer a number of questions if you’ve got anything else here and Matt
Kieron Kennedy: will talk to that now.
Oh, sorry, I’m just off mute.
Matt Bourne: Answering all the questions. Okay for those of you who don’t know me, I’m Matt. I’ve probably, I’ve been around at Code Blue for about eight years now. So I have met quite a lot of our customers. But I would just like to take a minute just to highlight some of the services and solutions that code Blue can offer.
I know some of you’ll be aware of these, but some of you may not. So at Code Blue we’ve got a number of specialists, solution architects and consultants that are customers that can engage with. This could be around strategy, could be around design, implementation of either whether it’s cloud solutions or just looking at.
Where your business is going and how you’d like to get there. Some of these include Microsoft workplace or modern workplace strategies. And this could be around SharePoint teams. It could be device deployment or security. We also have an Azure specialist team. This is around the Azure Cloud.
So with the new Microsoft Azure Data Center come into New Zealand this is quite a big big benefit for for New Zealand in general. Gives us much better access. It allows for data go and residency in New Zealand. And so we’re starting to serve very viable option for things like virtual desktop and cloud native hosting services function as a service.
As Kay mentioned earlier, there’s also Microsoft purview. And with the increase of AI usage across customer environments understanding how you can better protect the information for your business and understanding your data governance requirements. This is a really big case and it’s gonna be in the next couple of years, it’s gonna become a big issue for a lot of companies especially with some of the new laws coming in around based on the new on the European GDPR.
These are starting to come over to the rest of the world, so customers are gonna have to they’re gonna have to get on this and start working through it. And the other last one that I’m just gonna talk about is process automation. It’s another feather in our cap that we carry out and we talk to customers about as well.
So business is always looking for ways to improve productivity and reduce costs. Automation’s a really great way to take away some of those repetitive, mundane tasks that your staff have to achieve every day. We all know those ones that you sit around and you click five buttons and you click three buttons, and then you do this and you do that, and it all comes back and then the next day you do it all over again.
So automating some of those out can just make your your employees day just that little bit easier. And I’d also like just to mention at the end there that no matter where in your transformation journey you are at if you’d like to discuss any of these things or any of the topics that Kane’s talked about today please reach out to your co account manager and they can set up a session, whether it’s with your your trusted advisor or if it’s one of our specialists or solution architects.
We can discuss that further.
Kieron Kennedy: Cool. Do you wanna jump to the next slide, Kane, please.
Matt Bourne: And lastly I’d just like to thank everyone for attending today. These these sort of sessions they take a bit to organize and so I’d also like to thank all the presenters as well and the team behind it. But the idea of these is to give everyone a bit of a information and just to, create some thoughts.
It’s one of those things in it that we find is that you don’t know what you don’t know. And so the idea of these is just really to get you thinking and seeing some of the features and the information that’s coming up. We’d love some feedback. If anyone would like to provide some feedback we’re also gonna be giving away a hundred dollars card to to whoever to someone who gives their feedback.
Kieron Kennedy: So that’d be really great there.
Cool. And I think we are on q and a.
Matt Bourne: So at the moment we have had a couple of questions that came up in the normal chat. So I can see people have been asking things in the normal chat. If anyone has any questions they’d like to add into the actual q and a, if they’d like to ask them in there, if they wanna raise them in the chat, either or if they’ve got ’em for can or for myself or any of the other team that are on here please feel free to ask them now.
But one of the ones that came up, which is was two that came up. One of them was around, if you are using Microsoft Defender as a security tool. So I answered in the chat, but the one big thing that I just want to just mention around everything that Kane’s talked about today.
Now Microsoft Business Premium is a license stack, and then each one of these licenses or tool sets inside that, they’re just a tool. So they still do require configuration and set up for these. And they also generally require some sort of monitoring or service around them. If you if you think about it, if you had a car, you wouldn’t buy a car drive for 40 years and, never change the oil, never service it, never monitor it, ignore all the lights on it.
So technology’s a bit the same. You still do need to have that ongoing monitoring and configuration, which makes a big difference. I. And the other one that came up which I can see has got a little bit of hate and I can accept that is the Microsoft Outlook new which everyone who loves Microsoft Outlook and I’ve been using it for a very long time.
Unfortunately as I put in the chat, Microsoft have indicated that it looks like Microsoft 3 6 5 licensing stacks will start to disable Outlook Classic around April, 2026. That’s not a hard confirmed date, but that’s what they’ve indicated. I hate to be the bearer of bad news, but might be time to start looking at the new one.
The one benefit I would say is that the Microsoft their roadmap for the Outlook new, or the one that we’re familiar with is new, is quite aggressive and they are making changes regularly and improving it. I started using it when it first came out and since then it has. It is gotten better.
My boss, Paul, he’s sitting there and he’s gonna laugh for a minute because when he started with Outlook, he was running two. He would run the classic and he’d run the new. But most of the time now when I see a screen, he has the new one up and he’s, I think he’s got used to it now. And if he are using things like copilot, then it sits in there natively.
Everything just naturally works. So I would say give it a chance. Initially it’s like everything, no one likes change, but once you actually start using it and you give it a chance, it does make quite a bit difference. And I’ve got used to it. I don’t think I go back now.
Kane McGhie: What I’d say around that as well is it sounds like speaking at a brick wall, right?
But, if you have particular challenges, and this applies to any of the tools in this suite, do feed them back to Code Blue and Code Blue will feed them back to us here at Dicker, and then we do feed that information back to Microsoft. I don’t work for Microsoft even though I have a Microsoft badge on me.
I work for another company and we do feedback, quite honestly, feedback to people within Microsoft and that does get actioned. Do send your feedback through and we will feed anything back, particularly if there’s something that, you think is broken or something like that. We do have lines into Microsoft that we can feed that and it takes some time.
It’s, it’s like moving a massive ship. It doesn’t turn quickly, but we can turn it if we put enough pressure on.
Kieron Kennedy: Yeah, I can still see the funness
Matt Bourne: coming through about Outlook. Yeah, the the other big annoyance and outlook that you’ll probably all find is and one thing that drive me nuts is if you wanna, if you’ve got a word that’s got the little red squiggly underneath it, ’cause you pelt it wrong because we all fat finger type sometimes.
And on most of them it’s most old ones. It’s always right click and then select it. And an outlook. It’s left click, which was, I found quite annoying for a while. And so I got used to it. That was one, yeah, I think there is another question in there. How much lead time is needed before we change the windows, living with Code Blue doing the work?
So I would say in that scenario it’s probably best to have a chat to your account manager. ‘Cause there could be, depending on the aspects there depending on your, the fleet you have currently making sure they support Windows eleven’s probably one thing to consider. And then obviously. Getting, if you need to replace devices.
So there could be device lead time, although from my understanding from all the suppliers at the moment, devices are not an issue. They’ve got plenty of them in the country, so they’re prepared for this. And the other big one around that is just the complexity of the configuration and fuel.
Currently an on server, envi on-premise server environment versus if you have full modern workplace where you’ve got autopilot deploy ready to go. So those two aspects, they can heavily indicate that as well. So if you want more information reach out to your co blue team.
Kane McGhie: Yeah I do. So we do have enough devices right now for demand right now.
Yeah. The challenge is that. New Zealand as a whole is running at about 50% of where it needs to be in order to replace all of the Windows 10 devices by October 14. So the demand we are expecting is going to ramp up fairly quickly. And there is a strong risk that there may be supply chain issues for devices when that happens.
So what I would say is that, in terms of Windows 11 replacement time, the process that I’ve got up at the moment, it really is a sort of three month process. You could do it faster, but it would get rushed. If everyone is doing this process at the same time, then we are gonna start hitting resourcing problems.
When we are talking about, when do we need to start talking about doing this Windows 11 update, kind of yesterday is the answer, unfortunately. Like we need to get moving pretty quickly so that we can start planning that resource.
Matt Bourne: I can just see another comment come in from Brad just around is an enterprise way of purchasing copilot. I’m not quite a hundred percent sure what you mean by that. And I’ll also clarify that with that one there, just to really muddy the border a little bit would be which version of copilot Microsoft on the last count had about 127 copilots.
It’s not super helpful. But I’m gonna work on the theory that you’re talking about copilot for Microsoft 3 6 5, which is the one most people commonly call copilot. So yes, it’s a suite. The, at the moment, yes, you need to buy copilot M 3 6 5. Per person. The reason for that is because it’s a personal productivity tool.
That version of it is. Now, if you want more of an enterprise level co-pilot, there’s a few options there and we can talk further to you about this if you’d like. You’ve got your co-pilot agents. So agents is more of a organization, organizational level version of copilot. So you can create a you can create a a chat bot or a, copilot that focuses on certain areas. So if you’ve got a a customer base section, you want to be able to ask the questions around your customer base internally and have a just bubble that one section, you can create that. And then you can either use a consumption based model so people don’t have co-pilot you can pay per time they use it, or people who have co-pilot get that included.
But again, it still needs to be configured for your business and customized. So there’s a lot of options around co-pilot agents. And there’s also new co-pilot features coming out of organizations at the moment. Roadmaps quite heavily focused on this both around search and around productivity.
Kane McGhie: Yeah it’s one of those really hard ones to give a clean answer to, right? Because there’s so many different use cases. I’d just echo what Matt says and if co-pilot’s something that you are looking to implement you definitely want to talk to someone that’s done it before and that’s where Co Blue comes in.
They’ll understand the use case and be able to give you a good implementation and they know who to reach out to as well if there’s any challenges. Yeah.
Matt Bourne: Yeah. I can see this comment there. What is Windows 11 update involve? Can we just click the button that comes up saying move to Windows 11 now?
Technically yes. You could. You could I would probably advise against it initially purely for the reason that I would recommend if you’re still sitting on Windows 10, that you are at least if you are if you have a, code routine, at least discuss it with them first. Purely because there could be applications on your device that don’t support Windows 11.
It could cause issues when you run that update, it actually wipes a whole bunch of your configuration on your machine. When it goes to Windows 11, there’s feature sets that don’t exist in Windows 11. There’s new feature sets which can cause problems. So normally the way we recommend doing it, if you are looking at doing that then do a, we can have a chat, we can work with you on doing a small proof of concept to set.
That’s actually a viable option. But yeah doing a, ’cause it’s quite a fundamental change to your entire system. It also affects the way you connect to your environment as well. If you’re running VPNs, the way they’re configured in Windows 11 is different from Windows 10. So there, there’s a lot of aspects around that could cause problems.
So I advise printers, heavy caution printers. Yeah, that’s another big one. Yeah.
Kane McGhie: Printers are a classic one that the drivers are very different between Windows 10 and Windows 11. And even making sure that your environment has printers that are going to work with Windows 11 can sometimes be a question that needs to be asked.
That I would say that the pilot stage is one of the hardest stages to get right. And that’s, those first few deployments will almost invariably have some sort of problem. It, you can just click the button and it can just work. I did that at home, but I’m a home user in that instance.
It’s very different to a work environment. In a business environment, you’ve gotta make sure you’ve got a rollback strategy for when things go wrong. How do we fix it? Do we have another device that we can use? And that’s still running Windows 10. There, there’s a lot of questions around how we manage that, that at the very least, as Matt says, a conversation with Code Blue is definitely the minimum recommended.
Kieron Kennedy: Starting point. Yeah.
I think that looks like the end of the questions.
Matt Bourne: And I know people are thinking more yeah. For copilot you can choose who to buy it for. You only need to you only need to give it to those people. The only thing I would say about copilot is that it does learn your habits. Try and give it to somebody for a period of time. Don’t give it to them for two weeks and then they say, oh, it’s not working properly.
It does learn your habits the longer you have it. Yeah, I definitely recommend giving someone a license for a period of time so they can actually get the best out of it. And I think we’re looking at that. We’re wrapping up on time.
Cassandra Ong: Matt?
Matt Bourne: Yes.
Cassandra Ong: I noticed that there were two more questions in q and a.
Kieron Kennedy: There. Sorry, I was keeping an eye on the chat. Ah, sorry. Yep. Sorry about that team. I missed those.
Matt Bourne: Okay, so purview, DLP and information protection. Yes it is included, but the big caveat here only the manual versions of it are, so when I say manual, it means, for example if you want to tag a file, you have to manually tag that file.
If you want to retrospectively go back and tag a whole bunch of files in your environment, you have to manually do that. Otherwise it won’t it won’t tag these a automatically. Now if you look at either an E five license or the compliance add-on you get what’s called automatic tagging. And that can be done in a couple of different ways.
One way is that you can have and so you can say, if it’s in this particular area of our SharePoint automatically give it this tag, automatically. Make this read only automatically. Make this internal only however you’d like to configure it. The other option you can also do is you can do true automatic tagging, which is where you have it based on rules and configuration settings.
So you can say if this file has information around I don’t know, our customer ID numbers, if it has more than three of them in there, make it turn only. And so you can create rules around the matrix and it checks things and it will automatically tag those files. So it depends on your requirements, but yes, at a fundamental basic level, it is included.
So you can set it up, you can start playing with it, configuring it have a chat to our team. We can help with all of that. And the other question in here is there an enterprise way of purchasing? I think that one there from, we
Kieron Kennedy: actually answered in the main chat as well.
Sorry about missing this. Brilliant. I’ll just jump back in. We did promise everyone that we’d let them be gone by 10. Thank you again Kane for an absolutely awesome presentation. Matt, thank you for wrangling the q and a and chat session there for us. Most of all, thank you to all of our attendees today for your time investment.
We really appreciate it. Please do reach out to us with any questions or anything that you’d some follow up on. As you can see on the screen there we would really appreciate your feedback. And there will be a lucky winner of that a hundred dollars E Prezi card that will be selected from those that do provide us with some feedback.
And we’ll notify that winner by email. So yeah, once again, thank you very much for your time. Please do get in chat contact with one of our Code Blue team if you’d like to further discuss. And have a great day. Thank you very much.
