Microsoft
Thanks for your continued care and feeding of this thread. There's a TON of useful information here that I havent been able to find anywhere else.
In my case, the biggest hurdle is that in this increasingly remote-worker world, group policy is no longer a viable method of managing anything. Because of things like Teams, Sharepoint, and OneDrive, the only people that connect to the VPN anymore are those of us who've been around long enough where it's just ingrained. Even before COVID, the phrase "What's the VPN" was commonly heard around the office. Now that the majority of the workforce is remote, 90% of people are getting by just fine without access to corporate networks, which makes reliance on GPO that much more difficult.
One thing that might help is if we could manage some of these policy settings through the Office deployment tool. I can't get group policy to many of my endpoints, but I am able to push software to them, even if they're off network. COVID has definitely escalated all of the remote worker timelines, but I feel like the writing has been on the wall for network-based group policy for some time now. A cloud-based solution is really what's required. I'm not sure to what extent azure addresses this.
