Specifically, the district is seeking proposals from vendors with knowledge and expertise to help district staff implement Microsoft Intune and Data Loss Prevention (DLP) technology stacks provided by Microsoft 365 licensing.
“The district has a Microsoft Enterprise Agreement that includes M365 E3 + E5 Compliance + E5 ID Plan 2 licenses,” the RFP states. “Because the district provides a hybrid work environment for employees, the need to properly and remotely manage end user equipment has increased.”
Specific requirements for the Intune implementation include:
- Creating Intune policies to replace existing group policies, ensuring that remote machines are getting the latest policies regardless of their on-premises status
- Creating multifactor authentication with conditional access security to protect global admin and admin roles in the Microsoft tenant
- Creating device compliance and configuration policies with best practice standards
- Creating app configuration policies for Office and any line-of-business application with an MSI package
- Configuring prerequisites to enable unattended provisioning
- Developing and implementing the use of sensitivity labels for data on-premises and in the cloud
- Enhancing the organization’s security profile by preventing unauthorized access, sharing and leakage of sensitive information
- Configuring to work with Exchange Online, SharePoint, OneDrive, Teams and other Microsoft 365 products and data hosted on-premises on file shares
- Creating baseline policies to detect sensitive information, classify it and secure unauthorized access regardless of its location and tying those policies to the Active Directory security groups
- Developing automated policies to detect and stop the sharing of sensitive information that is not already handled by other policies
