The Scenario
A 200-person SA professional services firm has decided to roll out Microsoft Intune across its mobile fleet (corporate iPhones, BYOD Android, and corporate laptops). The CFO wants security and remote wipe capability; staff are nervous about company access to personal data on BYOD devices.
The Brief
Design the policy, the rollout, and the staff communication for an Intune MDM deployment. Address the corporate-versus-BYOD distinction explicitly and the privacy concerns of BYOD users.
Deliverables
- An MDM policy covering: enrolment requirements (corporate owned, BYOD), allowed device classes, mandatory configuration (passcode, encryption, MFA, app management), and the conditions for selective wipe
- A privacy boundary statement explaining what the company can and cannot see on BYOD devices, supported by Intune's actual data access boundaries
- A 90-day rollout plan with phased onboarding, a champion programme, and the support model for the first month
- A staff-facing FAQ (10 questions) addressing the concerns staff actually raise: "can you read my WhatsApp", "can you wipe my photos", "what happens when I leave"
Submission Guidance
BYOD MDM rollouts fail when staff feel surveilled. The most successful SA rollouts publish the privacy boundaries upfront, demonstrate them in a town hall, and offer an opt-out for staff who can use a corporate device. Lead with trust, not enforcement.
Submit Your Work
Your submission is graded against the rubric on the right. If you pass, you get a public Badge URL you can share on LinkedIn. There is no draft save, so work offline first and paste your finished response here.