BLS connects – Under this slogan, BLS transports around 63 million passengers by train, bus, or ship, connecting people, regions, and places. The extended core business also includes freight transport. This makes BLS one of the largest transport companies in Switzerland.
For the company, customer orientation is a priority. At the same time, the company wants to be an attractive employer for its over 3,700 employees. A modern and secure workplace is a basic requirement for this.
Initial Situation
For the optimization of work processes, BLS decided on digitalization years ago. The now approximately 2000 mobile devices are indispensable in the work areas of the driver’s cab, mobile maintenance, maintenance, and shipping. Depending on the field, tablets or smartphones are used. The wide range of business devices is also complemented by 2800 private devices of BLS employees. By migrating the basic IT services to Microsoft 365, all employees can work independently of location and device. BLS thus offers its employees a modern and mobile workplace.
Microsoft Intune has been in use at the company for a long time. Before the project, all devices were set up as “personal device with work profile” in combination with the Knox Configure Tool. This setup worked wonderfully, but with the release of the latest Android versions, more and more features for administrators were removed to increase user privacy. For example, since Android 12, serial numbers can no longer be read with this approach, which means that company and private devices can no longer be distinguished. BLS connects – Under this slogan, BLS transports around 63 million passengers by train, bus, or ship, connecting people, regions, and places. The extended core business also includes freight transport. This makes BLS one of the largest transport companies in Switzerland.
For the company, customer orientation is a priority. At the same time, the company wants to be an attractive employer for its over 3,700 employees. A modern and secure workplace is a basic requirement for this.
The Vision
In 2022, all BLS business devices were replaced as part of the device lifecycle. At the beginning of the year, baseVISION AG took a closer look at the current mobile setup in a workshop. A proposal was developed on how the mobile setup of BLS can be renewed. The focus was on the following points:
- Simplification of the Enrollment Process: The process should be designed to be as simple as possible for the end user. As soon as a device is unpacked, it should automatically connect to the BLS systems.
- Security: The solution should be secure and thus meet all BLS security requirements.
- Long-term: The solution should provide BLS with a reliable basis for their mobile device setup in the future.
- Update Management: KNOX E-FOTA should be part of the new approach so that BLS is able to manage and deploy updates for their devices granularly.
«Die BLS AG ist überzeugt, dass die Zusammenarbeit mit der baseVISION AG vor vier Jahren bei den ersten Schritten in Richtung Microsoft Intune eine richtige Entscheidung war. Die Arbeit war sorgfältig und nachhaltig, was ein festes Vertrauensverhältnis aufgebaut hat. Viele Ideen der baseVISION AG haben bereits positiven Einfluss auf die aktuelle MDM-Konfiguration genommen. Auch in Zukunft wird die BLS AG weiterhin auf das umfassende Wissen und das technische Geschick der Mitarbeitenden der baseVISION setzen.»
The Transformation
Preparation
The purchased Samsung devices are registered by the partner in the Samsung Knox environment of BLS. There, the devices are assigned their respective configurations.
Enrollment
BLS employees unpack the device and turn it on. After starting, the device is automatically enrolled in the BLS Microsoft Intune environment using “KNOX Mobile Enrollment.” Users are prompted to authenticate with their Azure AD credentials during setup.
Update Management
After completing the Out-of-the-Box Experience, the device is automatically registered in the KNOX E-FOTA solution. The device is then assigned the respective update campaign. This subsequently determines when and under what conditions Android updates are installed.
Finalization & Setup
Now employees receive free access to the device. The user experience is designed to be as simple as possible: Many app settings are pre-configured, and end users do not have to worry about setting up the apps. This was realized thanks to the KNOX Service Plugin and various app configuration settings. What needs to be specially configured is described in a detailed guide that supports users throughout the entire process.
«Die langfristige Zusammenarbeit mit ihren Kunden zeigt auf, dass die baseVISION die Philosophie von Microsoft verstanden hat und ihre Services optimal mit den Microsoft Technologien abstimmt. Die Services können so angepasst und langfristig sinnvoll bei Kunden eingesetzt werden können.»
Leading companies rely on us.
