Case Study:

Secured Remote Workforce with Microsoft Endpoint Manager

With minimal time to adapt to remote work challenges due to the Covid-19 pandemic, our customer faced a dilemma: they lacked centralized device management and increased security risks for 600+ employees.


Joined endpoint to Microsoft Azure Active Directory

Icon Cloud Migration

Cloud Migration

Managed individual workloads while transition to cloud-based workstation management

Icon Lock


Deployed critical system updates to non-domain-joined systems


A major national association representing the largest network of craftsmen, builders, innovators and problem solvers was forced to shift to an all-remote workforce almost overnight because of the Covid-19 pandemic. They implemented a fleet of laptops without centralized management that greatly impacts security risks. After further examination of their existing infrastructure, Canalini determined that they were using Microsoft Endpoint Manager Configuration Manager (MEMCM) to manage on-prem workstations and already had a Microsoft Azure Active Directory (AD) tenant. Management of internet-only (cloud-based) was not possible with their existing toolset. More importantly, there was no way of ensuring these machines would receive critical Windows updates.


  • Used Azure AD connect to Hybrid Join existing machines to “cloud enable” them through their Microsoft Azure AD tenant
  • Co-Management was configured within MEMCM, so our customer’s technology team could select individual workloads to be managed by Microsoft Intune while transitioning to cloud-based workstation management
  • A Cloud Management Gateway allowed all MEMCM clients to be managed over the internet
  • Microsoft Intune was configured with Microsoft Autopilot to automate a hybrid AD-join scenario
  • Update Rings were set up for deploying critical system updates to non-domain-joined systems


We swiftly implement a system to centrally manage a multi-layered network serving our client’s remote workforce of 600+ employees. Canalini’s experience with Identity Access Management, MEMCM and Microsoft Intune solutions were critical to reaching the client’s goal of quickly deploying a solution with minimal disruption and zero downtime.


“Canalini is easy to work with and trusted. They have cream-of-the-crop talent, adapt to our needs, and are always right there when I need them.”

Director of Network Services