When to Use Remote or Campus Device Groups

When to Use Remote or Campus Device Groups in Intune

Remote Device Group

Remote device group is ideal for managing devices that are used outside of UWs physical premises. These devices are typically used by employees who work from home, travel, or devices that come on and off campus frequently.

1. Work-from-Home Employees: Devices used by employees who work from home will get Intune configurations policies to ensure security and productivity outside the corporate network.
2. Traveling Employees: Devices that are frequently on the move require Intune configurations policies that ensure they remain secure and compliant, regardless of their location.
3. Devices that come on and off campus:

Devices that come on and off campus frequently will get Intune configurations policies to ensure security and productivity outside the UWs network.

Campu Device Group

Campus device groups are designed for devices that are used within the UWs physical premises. These devices are typically used by employees/students who work on-campus. These devices will be in AD and Intune, but will inherit UW Group policies.

1. On-Campus Employees: Devices are used by employees who work on-site and will be managed with AD and Group policies.
2. Shared Devices: Devices that are shared among multiple users within our campus, such as conference room equipment or lab computers, can be managed with AD and Group policies.
3. Remote Offices: Devices located in remote offices such as Casper office, Cheyene office, Laramie office, and Sheridan office. These branches are considered on premises and will be managed with AD and Group policies.

Technical Differences

Remote Devices:

• Remote Devices: These devices are not in AD and do not get UW group policies. Will have an Entra and Intune record and will get Intune Configuration polices.  Must use campus VPN to access UW resources such as printers, warehouse etc.....

• Campus Devices: These devices will be in AD and in Entra\Intune. These devices will have direct access to the UWs network and will be managed with AD and Group policies and use Kerberos authentication.