DaaS IT! How Desktop-as-a-Service Can complement endpoint management  

How Intune and Azure Virtual Desktop (AVD), can be used in tandem...

DaaS IT! How Desktop-as-a-Service Can complement endpoint management  

According to Gartner research, desktop as a service (DaaS) market spending grew by 22% in 2022 and will grow a further 19% in 2023. The cloud computing offering, whereby a service provider delivers virtual desktops to end users over the internet, is becoming more popular as degrees of hybrid and remote work continue to be implemented. Many IT teams are turning to DaaS to lower costs and make their IT operations easier to manage,

Recently, the industry has also been getting excited about developments made to Microsoft Intune – a separate cloud-based endpoint management solution. Intune manages user access and simplifies app and device management, helping IT departments to manage their entire fleet of physical and virtual endpoints through a single console.

In this piece, I’ll explore how these two types of solutions – endpoint management, such as Intune, and DaaS, like Azure Virtual Desktop (AVD), can be used in tandem to streamline cost-savings and efficiencies across the IT department, writes Joseph Landes, CRO and co-founder, Nerdio.

Physical Devices and Virtual Desktops: Not Apples to Apples

Contrary to popular belief, DaaS and Intune are not mutually exclusive. IT professionals often implement DaaS to bring legacy applications and storage to the cloud for security and remote accessibility. That said, users would still need a physical endpoint to access the virtual desktop, and this is where Intune is adopted: to help manage these devices.

On some occasions, DaaS solutions may be considered redundant because the organisation may have implemented solutions like OneDrive, SharePoint, or other software-as-a-service. However, in these scenarios, cloud device management in conjunction with Intune will become even more important – and I’ll explain why.

The slow demise of the VPN: 5 lessons from DoD’s Zero Trust framework

Firstly, it’s important to caveat that some businesses might look to physical device management rather than DaaS because of internet access. If an end-user has poor internet access, it will impact their experience. This is primarily the case for those frequently travelling or in a line of work involving enormously large files.

For example, dental offices that have huge 3D x-ray files being captured by medical equipment could experience issues in moving the data from the equipment on-premises to the cloud quickly (while the patient is in front of them) due to their internet upload speed. In this case, physical endpoints managed via Intune might be preferred, but this scenario (these days) is the exception, not the rule.

Desktop-as-a-Service and endpoint management with Intune

Many cloud-based solutions offer remote access capabilities, but AVD has been a go-to for leader because of its better security, control over users’ data, infrastructure facilities, and reduced technology expenses. Microsoft’s AVD offering is industry-leading and is now said to be part of nearly every discussion it is having with enterprise customers.

Given the cloud-based nature of DaaS solutions such as AVD, IT admins can set up virtual desktops in a matter of minutes during onboarding. This bypasses the cycle of waiting for a physical device, being dependent on vendors, keeping unused stock, retiring older devices when they age, and repurposing devices when employees leave the organisation.

The setup effort is less with DaaS compared to physical devices. With DaaS, many tools are available such as desktop images, FSLogix AppMasking, RemoteApps and MSIX AppAttach to control how a user’s desktop is set up and which applications they have access to. These are integral in providing more consistent onboarding and user experiences for businesses and their employees.

Although some say older DaaS solutions have costs that add up, these are eliminated with AVD as it includes all gateways, brokers, and licensing fees. This is primarily due to Microsoft off-loading costs to large, powerful data centres – which are better equipped to absorb or spread out increasing costs over vast numbers of customers.

Once initially set up, the cost savings and efficiency benefits of combining DaaS solutions with endpoint management begin to quickly become apparent.

Maintenance Costs

For example, IT teams using DaaS can provide employees access to everything they need regardless of working location.

The operational burden of maintaining physical devices is also reduced, as admins can mimic users’ virtual desktop setups, which simplifies the testing processes for upgrades and new applications. In other words, DaaS OS and applications can be easily updated without upgrading the underlying hardware.

An example is Windows 11 requiring TPM v2.0, a cryptographic processing chip. In this instance, IT admins providing DaaS desktops could incorporate TPM 2.0 by adopting the new virtual machine series from Azure that supports TPM 2.0. In comparison, physical devices would require a complete hardware refresh.

The US Army is letting staff Bring Your Own Device. First up, the CIO

The net result is that IT departments can extend the lifecycle of existing hardware and roll out thin clients (devices which run on the central server) across the organisation. By doing this via DaaS, all these costs are rolled into the solution itself while minimizing overall human intervention for the business.

Additionally, businesses can save money by becoming legally compliant (Azure has more certifications than any other data centre in the world), reducing downtime, lower power costs in their offices, real estate needs, and risk for data breaches if done correctly.

Operational Efficiency

With user profiles, apps, and data living on the cloud, IT support is easier and less expensive through DaaS, rather than via physical devices, as everything can be managed centrally and virtually. Depending on their job demands, employees can also request more computational power and cloud resources if needed for a certain project, which can be downsized after the task is completed.

Again, the operational efficiencies offered by DaaS are enhanced further when the technology is combined with Microsoft Intune, which allows IT teams to take more granular control of endpoints (both physical and virtual desktops and laptops) across the corporate network.

Intune also allows the creation of various security policies and features, including DLP policies, making this easier to manage across the organisation’s endpoints. It can also manage application deployment to devices, and Windows quality and feature updates can be managed from the console. Combining DaaS technology with Intune makes it far easier for IT teams to keep all employee devices running smoothly and efficiently.

Conclusion

Overall, it’s clear that endpoint management should be a central focus of any enterprise IT department as it helps to ensure compliance, offer good user experiences, and maintain a sound security posture.

But as IT admins responsible for endpoint management continue to see the adoption of virtualised solutions, such as AVD, there is an increased need to consolidate management of the two to best serve the entire workforce, regardless of the way in which they connect to corporate assets – be it via a physical device or through DaaS.

This will continue to be crucial as companies evaluate their hybrid and remote work policies while trying to remain efficient. Adopting DaaS will enable businesses to stay agile whilst complementing existing investments or strategies made in an endpoint or mobile device management. In today’s highly competitive business landscape, businesses need to embrace this combination of both DaaS and cloud-based endpoint management to stay ahead of the competition.

Join peers following The Stack on LinkedIn