Digital Workspace

Agencies Embrace Modern Workspace Management for Distributed Workforces

State and local IT administrators manage devices that give employees everything they need to do their jobs.

Twitter

Brad is a contributor to StateTech. He’s covered technology since 1991, when he first got his start in the industry.

In Massachusetts, a new comprehensive workspace management program has streamlined the deployment of computing devices to state employees, removing IT staff from the process entirely. It has been key in supporting the commonwealth’s move to remote and hybrid work.

“We’ve been operating in this environment since March 2020,” says Jason Snyder, state CIO and secretary of the Executive Office of Technology Services and Security. “The pandemic changed work habits, and our PC as a Service model will be critical to offering flexibility, productivity and efficiency to the commonwealth’s workforce.”

Each employee, remote or onsite, is assigned a computing device, most often, a laptop. The employee sets up and enrolls the device alone via Microsoft Autopilot, then downloads EOTSS-approved software and applications from a Microsoft Intune portal.

“It’s five minutes from the time the device is opened to being able to conduct business,” Snyder says. “This no-touch deployment methodology has made it possible to ship a device right from the warehouse to the user without any preconfiguration labor.”

With a workspace management solution built around Microsoft Endpoint Management and Azure Active Directory, EOTSS can fix issues and restore service in a day, freeing up IT staff to focus on other initiatives. Today, the PC as a Service (PCaaS) model has been adopted throughout the executive branch and supports about 45,000 users.

“Now, the focus has shifted to cost optimization, logistics, warehousing, asset tracking, inventory management and shipping, financial management, and lifecycle planning,” Snyder says.

Click the banner below to discover digital workspace solutions for your organization.

Remote and Hybrid Work Is Here to Stay

In its 2022 State CIO Survey, the National Association of State Chief Information Officers found one of the biggest challenges facing IT departments was a need for more remote work options.

“States must embrace remote work and flexible work schedules in part to improve recruitment and retention,” says Eric Sweden, NASCIO’s program director for enterprise architecture and governance. Modern workspace management — centralized and/or cloud-based solutions for deploying and supporting desktop environments, applications, communications and security — enables that.

In many instances, agencies achieve modern workspace management by storing entire office resources and user identities in the cloud. For Massachusetts, not everyone gets a computer, including contractors accessing commonwealth systems. In that case, EOTSS uses Amazon Web Services WorkSpaces to augment its PCaaS model.

DIVE DEEPER: The four pillars of modern workspace management.

“Where a cloud-based computer platform is required, AWS WorkSpaces provides greater flexibility and a shorter provisioning time frame to create and wipe the workspace,” Snyder says. “It provides greater control and isolation to protect against threats, malware, misconfiguration or misuse than can be provided by a device not issued or managed by the commonwealth.”

Having been reluctant at first to migrate to the cloud, states were well on their way when the pandemic struck, which helped accelerate plans for remote work, Sweden says. The focus now becomes ensuring a good remote work experience.

“The question is, how do we make this succeed?” he says. “Can employees connect reliably and do their jobs effectively? How do we protect workers and their devices?”

It’s an average duration of approximately five minutes from the time the device is opened to being able to conduct business.”

Jason Snyder State CIO and Secretary, Executive Office of Technology Services and Security

How Everett Is Implementing a ‘Permanent Hybrid Strategy’

Everett, Wash., has arrived at a “permanent hybrid strategy,” says Steven Hellyer, Everett’s IT director. That’s meant developing a unified, secure way of giving employees the computing resources they need, whether they’re in a government office or working from home.

“We were in a good position overall because we were already a cloud-first city,” Hellyer says. “Many of our assets were in Microsoft Azure, and we were already Teams users.”

The goal then was to enable anywhere computing while simplifying application deployment. When the city first sent employees home, they were able to continue working by using Azure’s always-on VPN and an Azure reverse proxy for accessing on-premises resources and cloud-based systems.

“At the time, we didn’t have enough laptops for everyone, but the fact that we were so cloud-centric meant we could let people use personal computers to connect,” Hellyer says.

LEARN MORE: 3 big benefits of VDI for remote work.

The city added capacity to better load-balance VPN connections and improve resilience. Then it took workspace management a step further.

“As we’ve matured, we’ve moved away from an application proxy to leverage Azure Virtual Desktops,” Hellyer says. “It allows us to create pooled desktops, dedicated desktops or even an entire application environment in the cloud.”

The Everett IT department manages which applications are available to each employee based on roles defined in Azure Active Directory. “It makes us more efficient and provides a single pane of glass for the employee,” Hellyer says.

This efficiency allows staff to focus on other tasks, like securing and managing Everett’s growing cloud presence. “They’re spending more time spinning up storage and virtual servers in Azure,” Hellyer says. “Or they’re working with me to optimize Azure spends, because that’s an art in itself.”

73%

The percentage of state CIOs who say expanding flexible and remote work is part of their strategy to attract and retain a qualified workforce

Source: nascio.org, 2022 State CIO Survey: The People Imperative, October 2022

How to Support Smartphones as Workspace

For many state agencies, modern workspace management extends to the most mobile of workspaces: employees’ smartphones.

Before the pandemic, the Indiana Office of Technology was running Ivanti MobileIron on its own servers for mobile device management. But as more workers relied on smartphones to work remotely, it sought better ways of ensuring they could remain secure and productive, including migrating to MobileIron in the cloud.

“There was definitely an increase in requests for mobile devices,” says Patrick Evans, the IOT’s deputy director of identity and access management. “The basis for going to the cloud is really to allow us more flexibility when it comes to securing and managing our Android and iOS devices and to provide for a better end-user experience.”

When users load the MobileIron app, they get a suite of other approved apps. “This allows us to have a bit more control over what users can download,” Evans says. Plus, the state has started integrating Azure’s multifactor authentication capabilities with its cloud-based MobileIron solution to streamline secure access.

“By keeping users’ identity and work separate from the actual physical devices, if they need to be wiped or moved to another device, it can happen quickly,” Evans says. “Going to cloud management will help workers stay connected.”

DISCOVER: 3 best practices for safely returning government devices used at home.

New Insights to Better Navigate the Modern Workspace

Workspace solutions can present a thorny issue for IT to navigate. They offer unprecedented visibility into the performance and security compliance of distributed endpoints, thanks to the data they can collect. They also offer insight into worker productivity.

The former supports a nascent move in IT circles to augment service-level agreements with experience-level agreements (XLAs), which go beyond gauging system uptime to include whether performance, accessibility, utilization and other aspects support an optimal user experience.

“Telemetry data can give insight about the employee experience,” says James Collins, former CIO of Delaware and now general manager for state and local government at Microsoft. “It can also help employees work better.”

Endpoint management software such as Microsoft Intune or Lakeside SysTrack collect telemetry data from users’ workspaces — CPU and graphics processing unit usage, disk and memory utilization, application performance, etc. — to help understand experience. Intel, AMD, Nvidia and others make telemetry data available through their platforms, as do solutions like VMware Workspace ONE.

pidjoe (office); lechatnoir (person)/Getty Images