Device and Application Management

In the first quarter of 2021, IT Services began its transition to a cloud-managed device management model through the adoption of Microsoft Intune. This marked a strategic shift away from traditional, on-premise device management toward a more secure, scalable, and resilient cloud-based approach for managing the University’s Windows device estate. The primary objective was to establish a consistent and centrally managed platform capable of supporting our user base, while reducing reliance on campus-bound infrastructure and manual configuration. In line with the University’s Digital Strategy, Microsoft Intune enables the consistent enforcement of security, configuration, and compliance policies across all managed devices, regardless of location. This capability has been fundamental in supporting flexible and remote working models, ensuring that devices remain secure, patched and compliant whether they are used on-campus or at home. Importantly, this approach underpins the University’s Cyber Essentials compliance by enforcing required standards, strengthening the overall security posture, and supporting eligibility for research funding, tenders, and project bids where Cyber Essentials certification is a prerequisite, whilst also reducing institutional risk. Since the initial implementation, many of the anticipated benefits have been realised, including improved visibility of the device estate, greater standardisation, and reduced operational overheads associated with device provisioning and support. Building on this foundation, USW now aims to progress to the next phase of endpoint evolution by adopting cloud-native capabilities delivered through cloud-based management. This includes the adoption of advanced virtualisation delivery models such as Desktop as a Service (DaaS). IT Services must shift focus from reactive, day-to-day support toward higher-value strategic activity. Currently, much of the team’s effort is reactive; however, with sufficient capacity in place, Intune analytics, telemetry, and proactive remediation capabilities can be used more effectively to identify and resolve issues before they impact users. Expanding this model will also broaden skills coverage in specialist areas and enable faster, more reliable device provisioning, including efficiencies gained in zero-touch deployment. We require an operating model that provides flexible capacity to scale in response to fluctuating demand-such as term time, major projects that require Cyber Essentials, and new service rollouts-while modernising the operation of Intune to securely scale the endpoint estate, meet compliance requirements, reduce operational risk, and maintain strategic control without overburdening internal teams. This approach will enable the delivery of key benefits across our strategic programme over the next three years. The Supplier will provide a shared Windows endpoint management and application delivery service that augments USW’s internal capability and accelerates our cloud first approach. Operating within USW’s Microsoft Intune-centred ecosystem, the service will augment day to day operations, streamline application enablement (including streamed delivery where appropriate), support Cyber Essentials compliance at scale, and expand application streaming and virtualisation capacity. USW retains strategic design approval and governance; the Supplier leads operational execution, service reporting, and continuous improvement. Please find a link to the portal below for access to the tender documentation. https://etenderwales.ukp.app.jaggaer.com/go/07096176019D25BB1073