How Certified CIO cut tenant onboarding time and speeds up policy deployments 

Certified CIO needed to standardize across customers, while simplifying the onboarding and offboarding of customers, apps, and their own technical stack, all without disrupting internal or external operations. If done manually, this would have required an enormous amount of research, planning, testing, and development, as well as a significant amount of deployment time. Microsoft also frequently makes changes, making standardizing a more complicated task.

Certified CIO only has one engineer responsible for policy management, who also has significant helpdesk responsibilities, meaning they needed a solution to help them with standardization and ongoing management. They were already using another policy management tool, but found that it lacked the policy depth they needed, the deployments were too slow, and the ongoing relationship with the vendor was minimal. As a result, they turned to inforcer.  

Using a sandbox tenant, Certified CIO created a standardized policy set that would work for the majority of their customers. Once finalized, they simply used inforcer to pull the policies from their sandbox into a baseline, tag them, and deploy them to the relevant tenants. This saved them a significant amount of time, making it far easier to track and manage policies, and pivot when needed.  

When something changes within Microsoft, it is now easy for the team to make adjustments in the baseline and deploy to all their customers. Policies only need to be changed in one tenant and then they can be deployed across the board. This saves hours of repetitive clerical work.  

They can now manage everything in one place. They use inforcer to push dependency groups for targets or exceptions, allowing them to manage thousands of users passing through a lattice of Zero Trust policies across dozens of tenants quickly, easily, and with no issues.    

Certified CIO also use inforcer to monitor for issues or deviations. They use deviation reports to identify broken Intune and Defender policies in new customers that may have been inherited from their legacy IT management. One particular customer had a series of important policies that were prevented from applying to endpoints and users due to scoping issues, ultimately rendering them useless. inforcer found the deviation in the targets and exceptions of those policies from their baseline and they were able to fix the issues before any incidents could occur.    

inforcer has also allowed Certfied CIO to be more proactive. The policy alerting allows them to notice and remediate issues before the end-users are even aware. Once they have then identified an issue or deviation in one customer tenant, they can review the circumstances and assess whether they may come up elsewhere. They can then quickly make a tweak in the baseline and deploy almost instantly, solving the problem before it even happens. 

Since using inforcer, the time taken to do a customer onboarding has been reduced from multiple days to just one hour. The error rate has also dramatically reduced, as they can automate deployment with inforcer instead of juggling spreadsheets and multiple admin centers. When onboarding a customer now, Certified CIO just review their software and a few key statuses such as countries of operation and BYOD, and they can deploy all the relevant policies with inforcer very quickly.    

inforcer has saved Certified CIO a significant amount of time. They can now deploy a baseline containing dozens of policies to multiple tenants in just a minute. Single policy changes can be made across 60+ tenants in less than a minute, making it far easier to make emergency changes, such as patching a vulnerability or blocking a bad driver. 

With inforcer, one engineer is able to deliver the output of multiple Cloud admins. As a result, the time saved by using inforcer has allowed Certified CIO to dramatically improve profit margins on unlimited contract clients. They have also used tools like remediation scripts in Intune to prevent tickets occurring in the first place.