SIA 929 - Autopilot and Configuration Service
This sits below the typical range for Software & IT Systems contracts — a smaller, more accessible award. Based on 30,286 valued Software & IT Systems tenders in our corpus.
We require professional services to deliver a Microsoft Autopilot user driven implementation within our tenancy to an agreed specification which has been outlined within the following section Autopilot Implementation Customer Requirements The solution must utilise Windows Autopilot for Microsoft Entra joined devices for provisioning and enrolment of new Windows devices to Microsoft Intune.
The solution must align Windows 11 device security to the National Cyber Security Center (NCSC) Device Security framework where applicable.
The solution must use Win32 application deployment for EXE and MSI installs.
Existing line-of-business application deployment must be reviewed and aligned with recommendations for application deployment, managing a list of applications centrally using the Microsoft Company Portal app.
The solution must support Windows Autopilot devices connecting to the existing Azure User Tunnel.
The solution must centrally manage Windows Defender Antivirus and Firewall settings.
The solution must automatically assign a primary user to devices when enrolling to Microsoft Intune.
The solution must use Compliance policies to evaluate device health for key security settings such as device encryption, operating system version, and antivirus protection.
The solution should remove reliance on PowerShell scripts for security settings and application management.
The solution must allow access to on-premises network shares and network printers Microsoft Entra joined devices when connect to the Azure VPN.
The solution should provide a means to deploy printer drivers and print queues to Microsoft Entra joined devices.
The existing BitLocker Encryption policies should be reviewed and migrated to Endpoint security-backed policies.
Autopilot Implementation Technical Requirements The solution must configure Windows Autopilot profiles to use User-Driven mode for Microsoft Entra joined devices.
The solution must enable and configure Windows LAPS in Microsoft Entra ID to support managing and rotating local administrator passwords on devices.
The solution must use BitLocker settings in Microsoft Intune to silently encrypt Windows Autopilot devices and escrow keys to Microsoft Entra ID.
The solution must configure Compliance policies and actions for non-compliance rules based upon agreed configuration and requirements for access.
The solution must enable Windows Hello for Business (WHfB) for Windows Autopilot devices to replace username and passwords with Biometrics or a PIN.
The solution must introduce Cloud Kerberos trust to support WHfB credentials being used to access on-premises services e.g., file shares.
The solution must provide users with the ability to select a wireless network at the login screen.
The solution must deploy a set of core applications via Microsoft Intune prior to users being able to access the desktop.
Windows devices could receive CIS benchmark configuration, for areas not covered by NCSC Device Security.
What the supplier must deliver
We require professional services to deliver
We require professional services to deliver a Microsoft Autopilot user driven implementation within our tenancy to an agreed specification which has been outlined within the following section.
The solution must utilise Windows Autopilot
The solution must utilise Windows Autopilot for Microsoft Entra joined devices for provisioning and enrolment of new Windows devices to Microsoft Intune.
The solution must align Windows 11 device
The solution must align Windows 11 device security to the National Cyber Security Center (NCSC) Device Security framework where applicable.
The solution must use Win32 application deployment
The solution must use Win32 application deployment for EXE and MSI installs.
Existing line-of-business application deployment must be reviewed
Existing line-of-business application deployment must be reviewed and aligned with recommendations for application deployment, managing a list of applications centrally using the Microsoft Company Portal app.
Derived from the notice text — always confirm against the original documents.
Skills, tools & certifications
Detected from the notice — the capabilities and credentials this bid calls for. Click one to see who wins that work.
Make the case to bid
Reveal who to approach at Security Industry Authority, and generate a go-to-market strategy from their news, accounts and people.
- OCID
- 4e404298-ac5f-4d75-9e78-824f23425c3d
- Stage
- contract · Contract
- Source
- Contracts Finder
- Buyer ref
- SIA 929 - Autopilot and Configuration Service
Contains public sector information licensed under the Open Government Licence v3.0. Source data © Crown copyright.
Who wins this kind of work
The suppliers and buyers around this opportunity — drawn from official award data. Drag to orbit; click a node to explore.
Top suppliers & buyers in Software & IT Systems
Assembling the market network…
Security Industry Authority’s tender network
Assembling the network…
Similar open tenders
Provision of Mobile Voice & Data Services- BCH
The Police and Crime Commissioner for Bedfordshire Police, Cambridgeshire Constabulary, and Hertfordshire Constabulary (BCH)
Provision of a Resilient Secondary Internet Connectivity Service
Northern Ireland Assembly Commission