Microsoft Managed Desktop (MMD) is an innovative approach designed for today’s workplace, delighting users and freeing up IT to focus on more important work. It is a complete cloud-based desktop management service that delivers and manages a modern device experience.

The service combines the best user experience of Microsoft 365 Enterprise, Windows 10 Enterprise, and Office 365 Enterprise. Windows 11 will be added to the service beginning in January 2023.

MMD allows security and devices to be managed 24/7 by dedicated experts and provides automated protection against today’s cyberthreats. The service provides the following main features:

  • User device deployment
  • IT service management and operations
  • Security monitoring and response

Solving modern work challenges

The transition to the agile world of software and desktop as a service is daunting for most organisations. Users want an empowered, connected work experience that is untethered from the physical office. But here’s the problem – numerous current IT management and security processes are outdated, time-intensive, and expensive. That leaves IT departments searching for ways to re-envision their desktop management strategy. Naturally, businesses would rather focus on what makes them uniquely successful, rather than keeping digital infrastructure up and running. That’s why MMD is so important.

How does Microsoft Managed Desktop work?

MMD takes on the burden of managing registered devices and the Microsoft software they use. The service is optimised for user experience, device security, and automatic updates and includes:

  • Monthly service reporting
  • Dedicated engineer’s consultation and advice
  • Cloud-based device management
  • Intelligent security monitoring
  • Automatic security updates
  • Fast, agentless, battery-preserving user experience

Device management and monitoring

Hardware management

Microsoft supplies hardware and software requirements, tools, and processes to streamline selection and allow your organisation to choose devices that fit the service.

Update management

MMD sets up and manages all aspects of deployment groups for Windows 10 quality and feature updates, drivers, firmware, antivirus definitions, and Microsoft 365 Apps for enterprise updates. This includes extensive testing and verification of all updates, to assure that registered devices are always up to date while minimising disruptions. This provides an additional benefit of freeing the IT department from that ongoing task.


As part of Microsoft 365 Enterprise, Microsoft supplies and manages several key Microsoft apps. Two Microsoft programs are especially useful.

  • Microsoft helps with onboarding other apps you need for your business through the FastTrack program.
  • Microsoft’s App Assure program helps remediate app compatibility issues that arise when migrating to the latest versions.


Microsoft helps maintain the security of your devices through a dedicated security operations centre that monitors devices and uses data from the unique threats that Microsoft analyses each month. These security features are built-in instead of added on later. They also check device health and provide you with insights about device performance.

Requirements and prerequisites for Microsoft Managed Desktop

Before you get started with MMD, make sure your site is ready. Here’s what you need to know.


MMD needs the Microsoft 365 E3 license with Microsoft Defender for Endpoint (or equivalents) assigned to your users.


All MMD devices require connectivity to numerous Microsoft service endpoints from the corporate network.

Azure Active Directory

Azure Active Directory (Azure AD) must either be the source of authority for all user accounts, or user accounts must be synchronised from on-premises Active Directory, using the latest supported version of Azure AD Connect.


If Azure AD is not the source of primary authentication for user accounts, you must configure one of the following authentication methods in Azure AD Connect:

  • Password hash synchronization
  • Pass-through authentication
  • An external identity provider (including Windows Server ADFS and non-Microsoft IDPs) configured to meet Azure AD integration requirements.

Microsoft 365

OneDrive for Business must be enabled for MMD users. Though it is not required to enrol with MMD, Microsoft highly recommends the following services are migrated to the cloud:

  • Email: Migrate to cloud-based mailboxes or Exchange online, or configure with Exchange Online Hybrid with Exchange 2013 or higher, on-premises.
  • Files and folders: Migrate to OneDrive for Business or SharePoint Online.
  • Online collaboration tools: Migrate to Teams.

Device management

MMD devices require management using Microsoft Intune. Intune must be set as the Mobile Device Management authority.

Data backup and recovery

MMD requires files to be synchronised to OneDrive for Business for protection. Any files not synchronised to OneDrive for Business are not guaranteed by MMD. The files might be lost during device exchanges or support calls, requiring a device reset.

How Zetta can help

Zetta has the Microsoft Gold Competencies for Cloud Platform, Windows and Devices and Enterprise Mobility Management. Our team has experience and proven success designing, architecting, implementing, and managing MMD Solutions and has successfully aided Perth customers with their endpoint management solutions.

Zetta can help your organisation get ready for Microsoft Managed Desktop by showing you how to navigate the requirements and prerequisites to adopt this critical service for modern working.

If you’d like to discuss Microsoft Managed Desktop or explore what it might look like for your organisation, please reach out to the team at Zetta.