What Managed IT Looks Like When the Office is Everywhere
Workforce support has moved past help desk calls and hardware maintenance. Here's what it covers now, and where we see it heading.
From Gregg DePratt, Former Solutions Architect II at Xerox IT Solutions
The term “managed workstation” has always undersold what’s actually happening around helping end-users. That term conjures an image of someone keeping laptops patched and answering the phone when Outlook stops working. And ten years ago, that was basically it.
Today though, the scope of what it means to support a workforce is different. Employees are in offices, at home, in hotel rooms, at client sites, and just about everywhere else. Their devices are laptops, tablets, phones and conference room hardware. The software stack is mostly cloud-based now (but not entirely).
Some companies still have servers sitting next to the water heater while others are fully on Azure. Most are somewhere in between, running a hybrid setup they didn’t entirely plan, with tools they’ve accumulated over time rather than chosen.
I’m responsible for service delivery across Xerox IT Solutions, including everything from our NOC operations through our managed services and support functions. My teams handle onboarding, tools configuration, and getting clients plugged into our platforms and services.
I want to quickly walk through what modern workforce support actually involves, because most of the descriptions I see out there, including our own in some cases, don’t go deep enough to be useful.
What the job of workforce support actually is now
We call it Modern Workforce Solutions, and that name is better because it captures the real scope:
Device lifecycle
Endpoint security
Help desk
Collaboration tooling
Mobile device management
Cloud platform management
Proactive monitoring
Compliance
That’s a big surface area, and most MSPs cover a slice of it. Some cover a few slices. What we’re building is a model where one partner handles all of it, from procurement to retirement, with one platform underneath.
If you’re running IT for a growing business, the practical question isn’t “who manages my laptops.” It’s “who manages the environment my people work in.” Those are different questions with different answers.
The tower model for endpoint security
At Xerox, we’ve restructured how our support teams are organized. We’re moving to a tower model where support is divided into three verticals: end-user compute (laptops, desktops, mobile devices), data center and server infrastructure (DCO tower), and networking.
Each tower has tiered support within it. When a user calls in with a laptop issue, the help/service desk handles the initial assessment. If the problem goes deeper than a 15-minute resolution, it routes to the end-user compute tower. If the problem turns out to be a broader system issue, it routes to the DCO or networking tower as an incident.
The reason this matters from the client’s perspective is routing accuracy.
In a traditional help desk, every call goes to the same queue. The person answering doesn’t always have the context to distinguish between a user’s laptop problem and a system-wide application failure.
In our new model, the system will classify and route, so the right specialist gets the right problem.
Pete Prosen, who runs our enterprise service desk operations, put it well: when a user calls in and says “I can’t use this application,” and it turns out nobody on the site can use it, that’s not a help desk ticket. That’s an incident. The tower model handles the reclassification without the user having to know the difference.
What “proactive” actually means for workforce support
The word “proactive” gets used a lot in managed services and really deserves to be defined and challenged. Here’s what it means in ours:
We just finished migrating to Datto RMM as our remote monitoring and management platform. What we’re doing with it draws on the same operational thinking behind our Xerox INOC Platform 3.0 on the NOC side: use the data the tooling generates to identify and resolve problems before the user has to call in.
A simple example: Datto RMM monitors disk space on every endpoint. When a machine drops below a threshold, instead of generating a ticket and waiting for an engineer, the platform runs a script that cleans up temp files, empties the recycle bin, and reclaims space.
The user never notices. No call, no ticket, no disruption. We log it, report it, and present it back to the client later as evidence of proactive value.
That same approach applies to CPU utilization, memory, backup status, software update failures, certificate expirations. The RMM gives us the data points. The question we’re working through is which of those data points can trigger an automated remediation versus which ones need a person.
This is the same logic that drives our NOC’s high auto-resolution rate on infrastructure incidents. We’re applying it to the endpoint layer.
End-user onboarding never stops!
On the NOC side, onboarding is an actual event. A new client comes in, we integrate their environment, and the concept of onboarding fades into the background. On the managed services side, onboarding is continuous.
A small business with 50 users adds 10 new hires over the course of a year. Each one needs a laptop, configured to spec, with the RMM agent deployed, the EDR solution installed, Microsoft 365 provisioned, security baselines applied, and everything enrolled in monitoring. If that process is painful for the client (calling us, filling out forms, waiting days), they’ll leave. The friction alone isn’t worth the headache.
What we’re building is automatic detection of new machines entering the environment. A device shows up on the network, we detect it, deploy the RMM agent, install the EDR, apply the security baseline, and enroll it in monitoring. The client told us they have a new user. We take care of the rest behind the scenes. Nobody had to touch anything.
For clients who want more control, we’re working on a self-service model through ServiceNow where they can log into a portal and say “monitor this device,” “push this software,” or “take this out of monitoring.” It puts them in control without requiring them to call us or wait for a ticket to be processed.
That second model works well for companies that have some internal IT capability and want to co-manage the environment. The first model (full automation) works for companies where we are their entire IT department. Both are legitimate, and the service needs to accommodate both.
Workforce security
Human factors are still the biggest risk at the workstation level. You can deploy every tool in the world, and someone will still click the wrong link in an email.
Our approach to security now is layered rather than a single tool. Here’s what that looks like:
Patching and antivirus used to be the whole strategy. Now we’re deploying EDR (endpoint detection and response), MDR (managed detection and response), DNS filtering, encrypted backups, and mobile device management as standard components of the stack. Each layer addresses a different vector.
EDR watches for behavioral threats on the endpoint.
DNS filtering blocks known-bad domains before the connection happens.
MDR provides the human analysis layer on top of the automated detection.
Backups are the last resort when everything else fails.
What makes this work as a managed service is that the client doesn’t have to source, configure, and maintain five separate security tools anymore. The whole stack comes as part of the service, deployed consistently across every device, updated automatically, and monitored centrally.
For compliance-heavy clients (healthcare, financial services, education), the monitoring and reporting data feeds directly into audit documentation. That alone saves significant time during compliance cycles.
Microsoft 365 and the cloud layer
This is a bigger part of modern workforce support than most people realize. Xerox is a Tier 1 Microsoft CSP (Cloud Solution Provider) partner, which means we handle Microsoft 365 licensing, Azure management, and tenant administration directly.
In practice, that means a client’s Microsoft licensing, mailbox management, Teams configuration, SharePoint administration, OneDrive policies, Intune (mobile device management), and Azure Active Directory all get managed through us. When something breaks in their M365 environment, they call the same number they call for a laptop issue. One team, one ticket, one platform.
The alternative, which is how most companies do it today, is managing Microsoft licensing through one partner, getting help desk support from a second, and running security through a third. Then spending internal IT hours integrating the three.
Where AI fits on the endpoint side
On the NOC side, there’s commonality in workflows, but each incident has individual character. A circuit goes down, and it might be the same carrier, but it’s not the same phone number or the same root cause every time.
On the help desk side, the tickets are more repetitive. If you read 1,500 help desk tickets and 1,000 of them are the same password reset problem, AI can identify that pattern and generate the knowledge article to prevent it from being a ticket next time.
The gap right now is ticket data quality. Closing a ticket without documentation into what was done makes it hard for any system (AI or human) to learn from the resolution. We’re addressing this in the new platform by automating time tracking (you click “work ticket,” work the ticket, click save, and the system calculates your time) and by building in categorization guidance (the system suggests the correct category based on the ticket content, so engineers aren’t filing password resets under “server” because they happened to log into the AD server to do the reset).
That data quality work is boring but foundational. AI can’t learn from bad data.
What “one provider” actually gets you
I’ve been in and around managed services long enough to know that most clients aren’t looking for magic. They’re looking for less coordination.
When you buy workstation support from one vendor, security from another, cloud management from a third, procurement from a fourth, and telecom from a fifth, you end up spending a meaningful chunk of your IT budget on integrating those providers. Not in a formal sense. In the sense that your internal people become the glue between five different companies that don’t talk to each other.
I’ve started using a different label internally for what Xerox is becoming. We’re really a technology services provider. Managed services is one part of that. But when you can procure hardware across every category (traditional, non-traditional, network, server, endpoint), manage Microsoft licensing as a Tier 1 CSP, provide help desk and NOC support through one platform, do provisioning and deployment through our integration centers, and offer optimization and vCIO advisory on top of all of it, you’ve moved past the MSP model.
A small business shouldn’t need to find five vendors and Frankenstein them together with Zapier and hope it works. They should be able to start with one partner and grow into whatever they need as their business grows. That’s the model. And I realize we’re not fully there yet for every service area. But the structure is in place, and the direction is clear.
What to look for if you’re evaluating this
If you’re shopping for modern workforce support, either because your MSP isn’t keeping up or because you’re building this function for the first time, a few things are worth asking:
Does the provider manage just the device, or the full environment? Device-only support creates gaps between the endpoint and the infrastructure. You want a provider who sees the laptop, the network it connects to, the cloud platform it authenticates to, and the security tools that protect it as one system.
Is the pricing per-device with proactive alignment? A provider who gets paid per incident has no incentive to prevent incidents. Per-device pricing puts the incentive where it belongs: fewer problems, better experience, better margin for both sides.
Is onboarding a one-time project or an ongoing capability? If adding 10 machines to your environment is a two-week project every time, the provider is costing you agility. Automatic enrollment and provisioning is where this has to go.
Does the help desk have data about your device when you call? If the first five minutes of every call is the agent asking what machine you’re on and what’s installed, the underlying system isn’t doing its job. CMDB-enriched support should be the baseline.
Can you grow into more? If you need networking support next year, or security operations the year after that, or procurement services as you scale, can this provider deliver it? Or will you be back in market again?
The companies that build IT support on a platform rather than a collection of point tools will spend less time coordinating and more time working. That's the shift we're in the middle of. I'll keep writing about it as we get further along.
Learn more about our modern workforce solutions and get in touch to start the conversation.
About INOC, a service of Xerox IT Solutions
INOC is an ISO 27001:2022 certified 24×7 NOC and an award-winning global provider of NOC Lifecycle Solutions®, including NOC support, optimization, design, and build services for enterprises, communications service providers, and OEMs. INOC solutions significantly improve the support provided to partners’ and clients’ customers and end users.
INOC assesses internal NOC operations to improve efficiency and shorten response times, and provides best practices consulting to optimize, design, and build NOC operations, frameworks, and procedures. Proactive 24×7 NOC support is provided with several options, including North America, EU, or APAC only or global integrated NOCs. INOC’s 24×7 staff provides a hands-on approach to incident resolution for technology infrastructure support.
Learn more about our NOC support and NOC operations consulting services. Get in touch to start the conversation. We’d love to talk NOC.


