Required Access
Mobile Mentor requires the following access to Company’s Microsoft 365 .
Mobile Mentor reserves the right to modify required access at any time and Company agrees to always adhere to Mobile Mentor’s requirements during the Term.
Mobile Mentor service staff will be assigned the minimum level of access required to complete their tasks. Privileged Identity Management (PIM) will be leveraged by senior resources to elevate privileges as necessary.
Tier 3 Engineering
- Global Administrator https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#global-administrator--company-administrator
- Global Administrator permissions https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#company-administrator-permissions
Tier 2 Engineering
- Intune Service Admin role https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#intune-service-administrator-permissions
- Global Reader https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#global-administrator--company-administrator
- Global Reader permissions https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#global-reader-permissions
- Conditional Access Admin https://docs.microsoft.com/en-us/microsoft-store/roles-and-permissions-microsoft-store-for-business#assign-roles
Tier1 Engineering
- Intune Helpdesk Administrator https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#helpdesk-administrator
- Reports Reader https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#reports-reader
Service delivery
- Reports Reader https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#reports-reader
Programmatic Access To Azure
- Consent for the Intune PowerShell Application
- Consent for Tenant API Access
Systems Under management
- Microsoft Endpoint Manager
- Microsoft Intune
- Microsoft Azure AD Conditional Access
- Windows Autopilot deployment profiles
- Apple Business Manager
- Samsung KNOX Mobile Enrolment Portal
- Google Zero Touch portal
Published: 25/Aug/2021
Comments
0 comments
Please sign in to leave a comment.