Moving Your Golden Image to the Cloud? Let JourneyTEAM Help

Email | Print

If you’ve heard of the golden image before, you know of its benefits. If not, we’ll enlighten you. Essentially, this tool makes for the faster creation and management of endpoint devices, including remote ones. With more individuals working from home since the outbreak of COVID-19, streamlining this process is a huge benefit. That’s where the cloud comes in. 

We all know that the cloud provides increased accessibility of business applications and more flexibility for IT teams, but when combined with the golden image, IT teams and end users enjoy even more of this. 

That’s what we’ll talk about in this article: taking your golden image to the cloud with the help of Microsoft technologies. Specifically, we’ll look at how Microsoft Endpoint Manager and Autopilot and the role they play in this process. We’ll also discuss how HealthEquity, a healthcare company, used Microsoft solutions to create a faster, more efficient endpoint management process with JourneyTEAM’s help. Finally, JourneyTEAM Cloud Solution Specialists will provide details on what’s possible using these solutions and what we can expect in the future.

A Quick Review

What is a Golden Image?

A golden image, also called a master image or clone image, is essentially a perfect build of an environment that is then duplicated across other devices. Using this template, an IT department no longer has to make monotonous changes or updates on endpoint devices. This helps to save time, increase consistency, and simplify the deployment process.

What is Microsoft Autopilot?

This solution is actually a collection of other technologies that when used together, can set up and preconfigure new devices before they reach the end user. Common uses of Autopilot are to repurpose, retest, and recover devices, and to streamline and simplify the device management lifecycle. 

What is Microsoft Endpoint Manager?

What used to be Microsoft Intune, Endpoint Manager is a suite of productsf products (ConfigMgr, Desktop Analytics, Co-Management, and Autopilot) available on the cloud where you can manage your devices from a single location. This includes setting up and configuring devices, deploying applications, and safeguarding data.

Using Endpoint Manager and Autopilot together allows you to streamline setting up new devices and managing them from a single location. With Autopilot, your IT teams can configure device workflows, then deploy them using Endpoint Manager. Once the user gets the device and signs in, Endpoint Manager syncs the settings from Autopilot, which automatically installs new updates and configurations. This drastically reduces the time IT has to spend on endpoint device management.

How HealthEquity Created a More Efficient Endpoint Management Strategy with the Help of JourneyTEAM

HealthEquity was created in 2002 as a way to help Americans make smarter healthcare and financial decisions. In the last ten years, the company has seen enormous growth, their team growing to over 3,000 employees with more added every day. The amount of new hires was creating a very long endpoint management process, despite utilizing a golden image.

To get new devices set up, HealthEquity was manually applying a golden image to each device. Senior IT Manager, Devon Ritchie, said this about the process:

“We used a gold image and applied those through Pixie Server. Then we had the technicians join the computers to the domain, then add the user account, set up the profile, and finally installing any additional software on the laptop. This process would take generally anywhere from two to four hours depending on what was on the profile and the amount of software that had to be installed.”

After IT had set up the device, it had to be shipped to employees using a carrier (this is after COVID-19 broke out). Getting this done required IT to first get shipping information, then determine what equipment each employee needed. Next, the carrier had to be contacted to arrange shipping. Finally, the IT department had to walk team members through set up once they received the devices.

A long management process was just a part of what drove HealthEquity to look for a more efficient process. Devon also discussed how the company wanted to bring all devices and user accounts to a single domain while managing the new demands that came from the COVID-19 pandemic. Finally, their existing solution was expensive and not scalable.

HealthEquity turned to Microsoft Endpoint Manager and Autopilot

Installing these solutions brought a number of improvements to the company. HealthEquity now ships all devices and equipment from their vendor and has included setup instructions for end users. No longer does their IT department have to arrange shipping or walk users through the setup process. 

We asked Devon if HealthEquity had any issues with installing the solutions. He stated that the two biggest roadblocks were informing employees about the new process and figuring out how to copy user settings from a previous device to a new one. Luckily, using a PowerShell script in Autopilot allowed old user settings to be migrated over smoothly.

Devon had this to say when we asked if he had advice for other organizations looking to do a computer deployment using Microsoft Autopilot: “Have a plan on what you want the end state to look like. Work very closely with your security teams to understand your security requirements upfront, what you can expect, and what you need to implement going forward.” He stated that by finding a good balance between usability and security, the entire process was much easier.

As HealthEquity continues to grow, Devon says that the company is focused on creating more distribution packages and dynamic groups that can be used in Autopilot to make it even more accessible and seamless for current and new users. They’re optimistic that with a seamless, efficient process, IT will have the perfect endpoint management process from setup and configuration clear down to settings.

Why Architecting Autopilot is a Must

The success that HealthEquity saw with Autopilot is just a portion of what it can do. Cloud Solutions Specialist Tim Brandt (who was involved with the HealthEquity project) discussed how they were able to use the flexibility of Autopilot to architect it into something to fit the unique needs of HealthEquity. Tim feels that this is one of the most critical steps in the installation process.

“Architecting the solution is a vital part of implementing Autopilot,” Tim stated. “Don’t skip this step and speed through the process without proper planning in the beginning.” He described how this solution is not a perfect fit for every organization. 

Tim also provided a few more things to consider during the architecture phase: 

  • Review Licensing: Before you install Autopilot, make sure you have the right licensing, or determine what licensing you need so users can access and use Autopilot. JourneyTEAM is happy to assist you during this step.
  • Goals: What are you hoping to achieve? What factors will indicate that Autopilot is working? Having specific goals in mind will help you remain focused, keep the project moving forward, and keep you on budget.
  • Consider Using a Project Manager: A project manager will help to focus efforts where they’re needed while ensuring the end goal is being met. They can also manage finances, identify project needs, provide project updates, and ensure checkpoints are being met. 
  • Identify Obstacles: Figure out what, if any, obstacles might prevent you from success. Doing so will ensure you can address them before they derail your project.
  • Phased Approach: Determine if your organization can handle a “big bang approach” or if implementing the solution in phases is more appropriate. 
  • Consider the Future: Make sure that you’re setting yourself up to succeed later on. One way to do this is by having a designated person to manage and oversee projects after installation. 
  • Be Flexible: There are numerous obstacles or roadblocks that can occur during implementation which can shift your timeline or your focus. Stay agile and adapt as needed.

As Tim said: “Architecting a solution is the difference between success or failure. Take the time to plan things out.”

The Possibilities of Endpoint Manager and Autopilot

The number of things you can do with Autopilot and Endpoint Manager is endless. While HealthEquity gave us a glimpse at some of these possibilities, we’ll take a closer look at some additional ones.

More Efficient Management of the Device Lifecycle

Setting up, shipping, and managing devices is so much simpler with Microsoft solutions. Devices are shipped directly to your employees with a golden image already installed. Once the device arrives and is turned on, Autopilot recognizes the device as a company one and will begin to work its magic once a user has provided their Azure credentials and proved their identity using multi-factor authentication. 

From there, device updates and configurations are instantly applied which helps to protect company data. Next, the solution determines what software (if any) needs to be installed or updated based on the information from your golden image. Finally, once the device reaches retirement, Autopilot will remove all company data and employees can send the device back to the vendor.

By making the management of the device lifecycle easier, your IT team doesn’t need to worry about touching each individual employee device. Autopilot does it all automatically.

Enjoy Zero Trust Architecture from Microsoft

Autopilot features zero trust architecture which is built on the “never trust, always verify” principle. Using this approach, you can safeguard company data and resources by giving a certain amount of access to users based on their identity. Information and devices are continually verified to ensure that hackers can’t access sensitive company data.

When Autopilot detects a threat, the solution will immediately alert your IT team who can respond appropriately without IT organization silos hindering or preventing a response.

Update Rings

When you need to make updates to endpoint devices, Endpoint Manager allows you to do so with ease. There’s no need to approve every update on devices as the solution does it automatically. 

You can also reduce the number of risks to your environment by taking a rollout approach to updates. For example, you can preview what an update will look like on devices by rolling them out to a select number of devices before applying them to a larger group. 

Update rings also provide valuable and helpful analytics of your environment, helping you to figure out when to pause, uninstall, resume or extend certain updates. You’re also able to get information on how policies are being deployed in your environment.

GPO Analytics

This is one of the newest features within Endpoint Manager and it helps you figure out how group policy objects (GPOs) are translated within the cloud. The output information shows which of your settings are supported by master data management (MDM) providers as well as which (if any) deprecated settings aren’t available to MDM providers. GPO analytics can help you easily evaluate your existing group policies. You’re also able to see which of your policies are ready to be moved to the cloud and which aren’t. 

Enjoy Support from a Microsoft Gold Partner

Taking your golden image to the cloud is not an easy process. Even with extensive knowledge and experience with this technology, you may be unsure which of the processes below are best for your organization. 

That’s where professional guidance from a Microsoft Gold Partner can help. JourneyTEAM can help you identify specific goals, create a project plan, and resolve issues as they arise. Whatever level of support you need, JourneyTEAM is happy to help. Don’t wait to start enjoying a faster, more efficient device management process and increased productivity. Contact JourneyTEAM today to get started.

Click HERE to See Full Article

Dave Bollard Chief Marketing Officer | JourneyTEAM Microsoft

Article by: Dave Bollard – Chief Marketing Officer


JourneyTEAM is an award-winning consulting firm with proven technology and measurable results. They take Microsoft products; Dynamics 365, SharePoint intranet, Office 365, Azure, CRM, GP, NAV, SL, AX, and modify them to work for you. The team has expert level, Microsoft Gold certified consultants that dive deep into the dynamics of your organization and solve complex issues. They have solutions for sales, marketing, productivity, collaboration, analytics, accounting, security and more.

Related Posts

Ask This Expert a Question or Leave a Comment