Hey everyone! I'm new to this community and honestly feeling a bit overwhelmed with my new role. I just got hired as a BIM Manager at a small AEC company with around 30-40 employees, but I'm also responsible for handling their IT needs, which is quite the challenge since there's no existing IT staff. The company currently lacks basic IT infrastructure; for example, every computer has the same password (cringe, I know!). I've got some experience with endpoint management and IT tasks from my previous job, but taking on this responsibility for the whole company is daunting. My first thought is to implement Microsoft 365 Business Premium and use Microsoft Intune to manage our devices and improve our cybersecurity practices. I'm also preparing to eventually pursue CMMC Level 2 compliance, but I want to make sure I'm setting the right foundations first. Honestly, I'm wondering about any essentials I should prioritize or if there are any tools that might be better than Intune for some of the tasks. Any advice is appreciated!
5 Answers
Since you're building from scratch, look into Azure AD along with Intune. Going for an on-prem AD these days isn't necessary. You’ll still get GPOs and policies through Azure AD, and they provide a security evaluation tool to guide you. Also, check NIST 800-53 and 800-171 controls and implement them when necessary.
Definitely get Microsoft 365 Business Premium. It has Intune, Autopilot, Defender EDR, Office, Teams, and a lot more. It’s all integrated and will streamline your management a lot. Looking ahead, you can even set up your VoIP through Teams, getting rid of traditional phone setups.
Just a heads-up about Fortinet; be prepared for some serious patching work if you go that route!
Also, don’t forget to ensure your network hardware complies with FIPS for future CMMC requirements!
First off, have you checked what your budget is? That's key. If Business Premium fits in, it's a solid start because it’ll give you a lot of the tools you'll need. Start there and see how they react to any increased costs. You'll want to ensure the team is on board with those changes before diving deeper.
It sounds like transitioning to a fully cloud-based solution would be beneficial. Move your local files to SharePoint and consider getting rid of your VPN. Revit files are better in BIM Collaborate, and you can manage access effectively with Azure/Entra ID. It's all about getting modern and efficient!
But why are you suggesting retiring the VPN? Isn’t it still useful?
As you kick off, make sure to document everything! Tools like BookStack app are easy to set up and help keep things organized. It’ll save you tons of headaches later on. Plus, keep track of what needs backing up and do some hardware checks.
Totally agree with this! Starting with Azure AD makes so much sense.