Frontline Workers: 3-Wk Implementation

Frontline workers are employees whose primary function is to work directly with customers or the general public providing services, support, and selling products, or employees directly involved in the manufacturing and distribution of products or services. Frontline workers—the face of your organization Frontline workers provide the first human connection with an organization—they’re the public face of a company and its brand or mission. Even small businesses and may have the majority of their workforce on the frontline.

We will use the below portals to manage Frontline plans. Microsoft 365 Admin Center and Other Admin Centers. Microsoft Intra ID (formerly Azure Active Directory) for identity and access control. Intune to manage the Cloud PCs.

Microsoft 365 offers a range of services tailored for frontline workers to enhance productivity and collaboration.

1. Microsoft Teams: Facilitates communication and collaboration through chat, video calls, and file sharing. Frontline workers can use Teams for real-time communication and to stay connected with their team.
2. Microsoft SharePoint: Enables efficient document management, sharing, and collaboration. It allows frontline workers to access important documents and information securely.
3. Microsoft Power Platform: Frontline workers can use Power Apps to create custom apps without extensive coding skills. Power Automate helps automate workflows, and Power BI provides insights through data visualization.
4. Microsoft Kaizala: Specifically designed for frontline workers, Kaizala enables communication, task management, and collaboration in a secure environment.
5. Microsoft 365 Apps: Familiar applications like Word, Excel, and PowerPoint are available for creating and editing documents on the go.
6. Microsoft OneDrive: Offers secure cloud storage for documents, ensuring that frontline workers can access important files from any location.
7. Microsoft Endpoint Manager: Helps manage and secure devices used by frontline workers, ensuring compliance and security.
8. Microsoft Intune: Facilitates mobile device management, allowing organizations to control access to company resources on mobile devices

Scope: Setup Microsoft 365 tenant: • User Identity: Setting up Hybrid users (AD + AAD) or AAD users. • Verify Active Directory Identities Synchronize with Office 365 • License: Checking to see if users have the right licenses and assignment of licenses.

Exchange: • Verify the Exchange Online mailboxes. • General Settings • Quarantine Notifications Policy • Anti-phishing protection • Microsoft Exchange Online Protection Anti-spam • Set inbound anti-spam. • Set outbound spam notifications. • Microsoft Exchange Online Protection Anti-Malware • End User Phishing and Junk email reporting • Email authentication records: DKIM, DMARC & SPF • Turn on mailbox auditing for all users. • Do not allow mail forwarding rules to external domains. • Do not allow anonymous calendar sharing. • Enable Modern Authentication on your Office 365 tenant. • Add header for external email with warning steps.

SharePoint:

• Setting up DNS. • Configuring firewall ports. • Provisioning users and licenses. • Enabling site creation for your SharePoint Online admin. • Planning site collections. • Creating Document libraries. • Add Document Libraries to Microsoft teams. • Securing content and managing permissions. • Configuring SharePoint Online features. • Configuring SharePoint hybrid features, like hybrid search, hybrid sites, hybrid taxonomy, content types, hybrid self-service site creation (SharePoint Server 2013 only), extended app launcher, hybrid OneDrive for Business, and extranet sites.

Microsoft 365 APPs • Assigning end-user and device-based licenses using the Microsoft 365 admin center and Windows PowerShell. • Installing Microsoft 365 Apps from the Office 365 portal using Click-to-Run. • Installing Office Mobile apps (like Outlook Mobile, Word Mobile, Excel Mobile, and PowerPoint Mobile) on iOS or Android devices. • Configuring update settings using the Office 365 Deployment Tool. • Creation of the Office Deployment Tool configuration XML with the Office Customization Tool or native XML to configure the deployment package. • Deployment using Microsoft Endpoint Configuration Manager, including assistance with the creation of Microsoft Endpoint Configuration Manager packaging. • Additionally, provide guidance to remediate the compatibility. • Addressing deployment issues

AADP: • Analyze customer requirements. • Verify Azure Active Directory Premium licenses. • Setup Azure Active Directory self-service password reset: o Enable self-service password reset for a group of Azure AD users. o Set up authentication methods and registration options. o Test the SSPR process as a user.

• Configure MFA & Conditional Access policies: o Create a Conditional Access policy to enable Azure AD Multi-Factor Authentication for a group of users. o Configure the policy conditions that prompt for MF