Success with Intune Suite streamlines Krones AG global operations

As a global powerhouse in beverage and liquid food packaging technology, Krones AG had the monumental task of managing more than 25,000 Windows devices and 11,000 iOS devices. As its global footprint grew, so did the challenges. Its dependence on third-party vendors for device management became a maze of complexity, inefficiency, and security vulnerabilities. Steering a worldwide fleet of devices through a patchwork of third-party tools proved to be a painstaking endeavor. This piecemeal approach resulted in sluggish security patch rollouts, erratic software updates, and an overwhelming IT workload bogged down by mundane tasks.

Intune for global endpoint management

Krones revolutionized its operations by adopting Microsoft Intune. This decision streamlined endpoint management, bolstered hybrid workforce security, and improved employee user experiences. Starting in 2017, Krones began its journey with the unified, cloud-native management offered by Intune. “We realized early on that achieving our goals required fully embracing Intune. We transitioned everything to Intune, phasing out third-party tools,” recalls Roman Kleyn, Head of Workplace Design at Krones AG. With Intune, Krones gained real-time oversight of its global device fleet, automating essential tasks such as software updates, patch management, and security protocols. This automation makes it possible to laser-focus on more strategic initiatives.

Remote Help and Windows Autopilot

Two key features of Intune are Windows Autopilot, a cloud-based solution to provision or recover devices—even remotely—and Remote Help, which is part of the advanced managed tools offered by Microsoft Intune Suite. Both have been particularly beneficial for Krones, empowering IT teams to provide support without needing to be physically present. Remote Help not only improved the efficiency of IT support but also reduced downtime for employees and boosted productivity. “Remote Help closed the gap that we had for remote management. Now we have an enterprise-compatible solution with audit logs, allowing us to see what’s happened, who is connected to whom, etc. These are true benefits from an enterprise solution,” says Michael Meier, Senior System Administrator at Krones AG.

Streamlined precision

Krones upped its IT game by rolling out Enterprise Application Management from Intune Suite, vastly augmenting its support and deployment workflows. It can now manage and deploy apps effortlessly across its entire fleet of devices. By adopting Intune Suite, Krones has been able to eliminate various tools and achieve vendor consolidation, simplifying operations and slashing complexity. For example, with Endpoint Privilege Management, it was able to remove third-party solutions that gave standard users the ability to run specific apps and processes as administrative users. Using this Intune add-on, Krones has decluttered its desktop environment by eliminating agents. It has also boosted security by making sure only authorized personnel can access administrative apps and services, without giving full administrator rights to the desktop.

Endpoint analytics is another robust tool within Intune that Krones uses to enhance its device management practices. Offering valuable insights into device performance and health, Endpoint analytics empowers IT teams to tackle potential issues before they affect users. This proactive approach has resulted in superior device functioning and improved the overall Krones user experience. By harnessing the near real-time data and insightful analysis offered by Device query, a feature within Advanced Analytics in Intune Suite, Krones is now able to steer its IT strategy and operation with greater precision. This transformation has led to optimized resource usage, strengthened security, and better adherence to industry standards.

Scalability and Zero Trust security

With the workforce becoming more geographically distributed, protecting devices across multiple locations became vital. Before Krones adopted Intune, VPN connections were required to grant network access, but the process created security gaps. “With the old model, once a device connected, it was trusted, leaving us open to risks,” says Meier. To mitigate these risks, Krones implemented the Zero Trust security model in Intune, which requires every device to continuously meet security and compliance standards before accessing the network. This innovative approach helped ensure that devices were always monitored and verified, regardless of their physical location. Andreas Eichelhardt, System Engineer at Krones AG, explains, “Windows 11 automatically blocks vulnerable drivers right away and enforces a newer set of devices with TPM 2.0 as mandatory.”

An employee experience overhaul and team efficiency

Krones also needed a scalable solution flexible enough to grow with its expanding operations but without adding layers of complexity. “Intune makes managing 10,000 or 40,000 devices effortless through automation and unification,” explains Kleyn. “The capacity to scale effortlessly while simplifying processes has led to more efficient updates and quicker incorporation of new assets.”

In addition to streamlined global operations, the overall employee experience has been greatly enhanced. Using Intune, employees now enjoy self-service capabilities, which empower them to manage their devices independently without relying on IT for everyday tasks like software installations and updates. Says Meier, “Patch management in itself is a success story. Previously, someone had to test each patch manually. Now, by day five, every client receives the updates automatically. While we still monitor patches, we don’t invest time in testing anymore. It’s a game-changer.”

“The self-service capabilities of Intune have been dramatic,” Kleyn says. “Employees can manage their own devices, and we’ve seen a reduction in daily IT support requests. This has had a tremendous impact on employee satisfaction.” Meier drives home the point: “Our infrastructure has grown massively, but our team size has stayed the same. We’ve gone from managing around 16,000 devices to 25,000 without an increase in staff, gaining substantial time and efficiency with Intune.”

All-new innovation as the path ahead

Intune and Intune Suite have revolutionized Krones’s IT infrastructure, so it can now simplify endpoint management, better protect its hybrid workforce, and improve employee experience. By eliminating third-party tools, automating routine tasks, and adopting a Zero Trust security model, the company has achieved significant cost savings and strengthened its security posture. “Switching to Intune has saved us a six-figure sum annually,” Kleyn adds, emphasizing the financial benefits of eliminating third-party vendors.

These operational efficiencies translate into innovation funds, accelerating the ability to introduce cutting-edge technologies that increase production and operational efficiency. In addition, by empowering employees through self-service and automation, Krones has fostered a more satisfied and productive workforce. With a highly secure, streamlined IT environment and motivated employees, Krones continues to drive forward momentum and remains at the forefront of digital innovation.

Discover more about Krones AG on Facebook, Instagram, LinkedIn, X/Twitter, and YouTube.