Skip to content
Rana Usman Ahmad
All case studies

A global company with a fully distributed workforce

Intune for a remote workforce

Anonymized enterprise case study

Industry
Technology
Region
Global
Project type
Endpoint
Technologies
3

OutcomeConsistent, compliant devices with no network perimeter

Devices rarely touched a corporate network. I designed an identity-driven, cloud-native Intune model to manage and secure them.

Context

A fully distributed workforce needed managed, secure devices that rarely connected to a corporate network.

Challenge

Traditional device management assumed a perimeter that no longer existed. Devices were inconsistent and compliance was unclear.

Scope

  • Design cloud-native device management
  • Establish compliance policies
  • Integrate endpoint security
  • Enable self-service provisioning

Constraints

  • No reliance on a corporate network
  • A workforce spread across time zones
  • A need for low-friction onboarding

Approach

  1. 01Built an identity-driven, cloud-native Intune model
  2. 02Defined compliance policies tied to Conditional Access
  3. 03Integrated Defender for Endpoint for risk-based access
  4. 04Enabled self-service enrollment for fast onboarding

Technologies

Microsoft IntuneEntra IDDefender for Endpoint

Outcome

  • Consistent, compliant devices with no network perimeter
  • Device compliance tied directly to access decisions
  • Fast, low-friction onboarding for a distributed team

Lessons

Modern endpoint management is an identity problem. Anchor it to Entra and Conditional Access and the perimeter stops mattering.

What made it complex

Delivering enterprise device assurance to a workforce that never connects to a corporate network.

Other case studies

Migration/Middle East

Consolidating a fragmented Azure estate

A Gulf-region financial services group

Azure had grown across disconnected subscriptions. I designed a landing zone and migration path that brought the whole estate under one governable model.

One governable cloud estate, built on a proper landing zone

Azure Landing ZonesEntra IDAzure Policy
Security Operations/United Kingdom

Standing up a healthcare SOC on Sentinel

A UK healthcare provider

Security tools were in place, but there was no real detection capability. I designed a Sentinel-led SOC and the workflows that let the internal team run it.

Centralized visibility and a detection model the team owns

Microsoft SentinelDefender XDRKQL
Security Architecture/Europe

An identity-first Zero Trust uplift

A European professional services firm

Zero Trust was the goal, with no clear starting point. I led with identity and built a Conditional Access and privileged access model that cut standing risk.

Less standing access, and access decisions that are auditable

Entra IDConditional AccessPIM
Work with me

Let me turn complexity into a system you can run.

Securing a Microsoft environment, planning a migration, or getting ready for Copilot. I help you make the call with clarity, then build it to last.

Book a discussionExplore expertise