Hello my friends! In my day job at Microsoft, I have the privilege of working with our internal account vTeams, Partner ecosystems and customers like you to better understand our top successes and opportunities. In recent months we have begun some refreshed holistic top-down guidance when it comes to deploying Teams Devices like Phones, Displays, Surface Hubs, and MTR devices. Just today I had the opportunity to speak on the topic of Device Deployment Accelerators and I wanted to share some of that information with you as I know this is top-of-mind for many of the folks that happen to frequent my little ol’ technical blog.
Why This Topic Matters
Device Deployments are increasing. As customers are returning to office, having a strategy and clear guidance for deployment of devices is top of mind. Our guidance needs to be clear. Our guidance needs to address their felt needs. Our guidance needs to be sane – in that it needs to follow the logical flow of device procurement, unboxing, identity creation, licensing application, and of course any endpoint management needs the customer might have. Having a mechanism to properly guide our customers toward device selection and deployment is top-of-mind for my day job! To aid in this conversation, here’s a simple screen shot from a new asset under development to guide the Device Deployment conversation.
Top Deployment Considerations
Based on a lot of internal feedback, and customer / partner conversations, we’ve identified a set of top deployment considerations. Each of these became a simple slide and set of talking points to help do some internal education and some customer guidance best practices. I’d like to take a few moments to share those with you today in hopes to help accelerate your own Device Deployment journey.
1. Account Identity
As we consider which types of devices to deploy, one of the first things to consider is the type of experience to cover. Is this a personal device covered by typical end-user identity? Or is this a shared device which would need to be covered by a resource account identity?
To help customers think through that, some typical scenarios can help them select devices to match. For example, is this a personal phone? Is this a common area phone? Is this maybe an executive who has a room device, but, utilizes that in their personal office? Or, is this a shared room device in an office conference room? Customers need to properly create their identity to match their device experience.
There are many best practices and key things to consider in the account identity topic. Here is an excellent resource you can utilize in the Personal vs. Shared Identity conversation!
2. Account Licensing
Let’s start by talking about Microsoft Teams Room Standard. The MTR Standard license is a great license SKU to cover things like Teams Room on Windows, Teams Room on Android, Panels, Surface Hub, and even Displays for hotdesking needs. It includes the appropriate SKUs for meetings audio conferencing and also the Teams Phone System.
In our topic of the day, it also includes the licensing for Azure AD Premium to cover off on Conditional Access deployment. Additionally, it includes the licensing for Intune to cover off on device compliance / endpoint management. It’s a super versatile licensing plan!
The Common Area Phone license is undergoing a transition. Until now, the CAP license only covers the Teams baseline licensing needs and the Teams Phone system needs. Based on some of our customer need and evidence, we’ve announced an enhanced Common Area Phone licensing and features. In the very near term, we’re enhancing the CAP licensing SKU to also include Azure AD Premium and Intune. This is going to be rolling out to customers soon.
You can click on the Enterprise Connect Announcements link to learn more – a small snippet is below.
Until this does roll out to your customers, customers will need to cover off on their Intune and Azure AD needs either with bridge licensing or other licensing methods like the EMS suite.
3. Device Ownership – Personal vs. Corporate
Companies may – or may not – have a specific point of view to consider with how devices are procured and put into production.
Let’s consider a company that is super controlling. They might be in a highly regulated industry or have a very strong security and compliance posture. They want to fully control what makes and models and manufacturers are approved. Maybe that’s only Poly. Or only Logitech. Whatever, it doesn’t matter.
They can configure their Intune / Endpoint Management to only allow devices to enroll and be utilized from their vendor of choice. Further, they can lock it down to not only their vendor, but, they can require only devices with serial numbers registered and entered by Corporate IT.
This prevents the whole “buy a device for home off of ebay” scenario.
Other companies might be more accommodating. They want their end users to get whatever they want. They might even provide a budget or allowance for end users to pick and choose whatever devices best fit them.
Many customers are in the middle. They want to have some compliance and conditions for the shared / in-office spaces. Where thing like shared MTR devices are registered and only come from a short-list of approved vendors for ease of scale and support.
But, for their work at home workforce, they want to provide flexibility. You can totally do that. And this is a very common conversation when it comes to device deployment for your customers.
Being able to help customers think through their scenarios of device selection and how those devices will be used is key. Above, you can see a couple screen shots here where we can allow or block personal devices per groups of users. Additionally, as mentioned, you can identify those corporate owned (and registered) devices by serial number for example to ensure the hygiene of devices in the environment. This key corporate identifiers link provides some more information and talking points that might be top-of-mind for your customer on this topic.
4. Network Location
Finally, let’s talk briefly about networking.
If you recall our previous conversation around device ownership, we described a “middle of the road” customer. They want to have some compliance and conditions for the shared / in-office spaces. Where thing like shared MTR devices are registered and only come from a short-list of approved vendors for ease of scale and support.
We could create network locations to identify those offices in Louisville, or Seattle or Singapore or whatever. And then ensure specific conditions are met for those locations. Then, for all other locations – like work at home – we can provide a different set of conditions.
For example, we may only want Poly shared devices like MTRW or MTRA in our offices and trusted locations. But, for work-at-home – they can use any vendor they choose – Logi, Poly, AudioCodes, whatever. Network locations provide this flexibility within the conditional access policies utilized for device deployment.
The concept of network locations should be top of mind for you already for things like Call Quality or Emergency Services. Just continue that same conversation for things like device deployment considerations. This key resource is a great spot to go to learn more about Network Locations.
Alrighty, that’s that. Those are not the only things to discuss when it comes to Device Deployment, but, those are some of the most top-of-mind and frequent topics that arise when working with our customers and partners on successful deployment of Teams Devices.
Here’s a list (with links) of some useful device deployment resources.
General IT Pro Knowledge
Accounts / Identity
Device Licensing
Room Device // Common Area Phone Device
Device Ownership
Network Location Considerations
I hope that’s helpful for you today!
1 thought on “Teams Devices: Top Device Deployment Accelerators”
Comments are closed.