Skip to content

    Modern Workplace

    New devices that simply work on day one

    We set up your Windows devices, laptops and phones so people can unbox them, sign in and start working right away, no IT appointment needed. Everything is managed centrally through Microsoft Intune and secured to Swiss data protection. Honestly: the technology is only half the job, the rest is a clean rollout.

    The challenge

    Devices cost time before they create value

    Every new laptop means hours of manual setup, every lost phone is a data risk, and nobody quite knows which device is on which state. In an SME without a large IT team, this lands on a few individuals, or it simply doesn't get done. Updates slip, and old devices leave the building without proper offboarding.

    How it helps

    What changes in your day to day.

    1

    Unbox instead of set up

    With Windows Autopilot a new device configures itself on first boot. People sign in with their account and find apps, settings and printers already in place, with no one needing to visit.

    2

    Updates run in the background

    Windows and app updates are rolled out and monitored automatically via Autopatch. Security gaps close without anyone having to remember or interrupt their work.

    3

    Only secure devices get in

    Compliance policies continuously check whether a device is encrypted, up to date and protected. If it falls short, Conditional Access blocks access to company data until it is compliant again.

    4

    Bring personal devices in without intruding

    On private phones (BYOD) we protect only the company area via app management (MAM). On exit we selectively wipe business data, while the employee's photos and private content stay untouched.

    5

    Loss is no longer an emergency

    If a device goes missing, we lock or wipe it remotely, fully or just the company container. Data is gone before it becomes a problem.

    What's included

    What we deliver.

    Zero-touch provisioning

    Setup via Microsoft Intune and Windows Autopilot so devices are ready without manual installation, including predefined apps and settings.

    Security baseline

    Enabled by default: BitLocker encryption, Secure Boot, firewall, antivirus and a password requirement of at least 14 characters, tuned to SME reality.

    Compliance and Conditional Access

    Policies check every device (validity typically 30 days) and govern access: notify, lock or reset, depending on status.

    Defender for Business

    Threat detection and response directly on the device, integrated into the central view, with no separate console for day-to-day work.

    Mobile and BYOD management

    Management of company and personal devices via MDM and MAM, with a clear separation between full device management and protecting only the company container.

    Lifecycle to retirement

    A clean process from first boot through Windows 11 to offboarding, including selective or full wipe on device return or departure.

    Outcomes

    Day 1
    productive from first sign-in
    No server
    cloud-native, lower running costs
    Minutes
    remote lock instead of data risk

    FAQ

    Frequently asked questions

    Does our device data stay in Switzerland?

    Management runs on Microsoft 365 with data residency in Switzerland or the EU, aligned with revDSG and GDPR. We configure storage location and policies so your data protection requirements are demonstrably met.

    Do we need our own server for this?

    No. We deliberately favour cloud-native Entra join over hybrid, unless legacy systems genuinely require otherwise. That removes a local server, lowers cost and noticeably simplifies operations.

    Which licence do we need?

    For most SMEs Microsoft 365 Business Premium is the right basis, it includes Intune (Plan 1) and Defender for Business. We tell you upfront and transparently what you actually need, rather than selling more than necessary.

    What happens to a personal phone when someone leaves?

    With BYOD we manage only the company area via app management. On exit we selectively wipe business data, while everything private to the employee stays intact and untouched.

    More building blocks

    The modern workplace, end to end.

    Ready for the next step?

    Let's talk about your workplace.

    Whether it's migrating to Microsoft 365, zero-trust security or a Copilot rollout — together we'll find the right path.

    We use cookies and external services (e.g. Google Maps) to provide you with the best experience on our website. For more information, see our Privacy Policy.