Page

About

About

Anand Kumar

Senior EUC Engineer & Microsoft Security Architect  ·  15+ years  ·  India

AK
I’m a full-time EUC and Microsoft Security engineer with 15+ years designing, deploying, and securing enterprise endpoint environments. I’ve worked across large-scale Intune rollouts, Entra ID hardening, Zero Trust implementations, and Microsoft 365 E5 deployments — not in a lab, but in production environments where things break and stakes are real.

This site is where I write about what I learn, what I’ve seen fail, and what actually works. No vendor fluff — just practitioner-grade thinking from someone who’s still in the trenches every day.

My story

I started out managing on-prem endpoints with SCCM back when MDM was barely a concept. Over the years I watched the landscape shift — cloud-native management, identity-first security, Zero Trust — and I moved with it. Today my work sits at the intersection of endpoint management, identity, and threat protection.

I’ve led migrations from on-prem AD to Entra ID, built Conditional Access policies from scratch for organisations with no MFA baseline, deployed Autopilot for hybrid and cloud-native device estates, and tuned Defender XDR detections in environments where alert fatigue was the real threat.

My platform coverage has never stayed narrow. Beyond Windows, I’ve managed macOS fleets with JAMF, mobile device policies across iOS and Android, and VDI/Citrix environments where the endpoint isn’t even physical hardware — it’s a session. Each platform breaks in its own way, and you only really learn that by running all of them in production at once.

I also come from a full-stack and mobile development background, which shapes how I approach this work — I don’t just configure policies through a GUI, I understand what’s happening underneath: the Graph API calls, the OMA-URI payloads, the actual logic a script or automation is running. That’s usually why I end up in KQL and PowerShell more than most admins.

Outside of the day job, I run modernworkplacesecurity.com to document my thinking and share practical guidance. The YouTube channel at @UpSkillBotics is where I break things down visually for the community.


How I got here

Early career
On-prem endpoint management
Started deep in SCCM — imaging, packaging, patch cycles, Group Policy. Learned endpoint management the hard way, one broken deployment at a time.
Mid career
Co-management & the cloud shift
Bridged SCCM with Intune during the co-management era, while picking up macOS (JAMF), mobile platforms, and eventually VDI/Citrix environments across the same estate.
Recent years
Cloud-native & identity-first security
Moved fully into cloud-native Intune, Entra ID, Conditional Access, and the Microsoft security stack — Defender, Sentinel, Purview. This is where Zero Trust stopped being a slide and became the actual architecture.
Today
Field work by day, teaching by night
Full-time EUC/Security engineer, and outside of that, building out modernworkplacesecurity.com and @UpSkillBotics — documenting lab testing and real production lessons for the next person hitting the same wall I did.

What I work with

Endpoint management
  • Microsoft Intune & Autopilot
  • SCCM / Co-management
  • JAMF (macOS)
  • Windows, macOS, iOS, Android
  • VDI / Citrix
  • Tanium
Security platforms
  • Microsoft Defender for Endpoint
  • Microsoft Defender XDR
  • Microsoft Purview & Sentinel
  • CrowdStrike & Zscaler
  • Palo Alto Networks
Identity & cloud
  • Entra ID & Conditional Access
  • Zero Trust architecture
  • PIM & Identity Protection
  • Microsoft 365 E3 / E5
  • Hybrid identity & Entra Connect
Development & automation
  • Full-stack web development
  • Mobile app development
  • PowerShell & Graph API scripting
  • KQL hunting & automation

Microsoft certifications

MS-500

Microsoft 365 Security Administrator

SC-200

Security Operations Analyst

SC-300

Identity & Access Administrator

MD-102

365 Endpoint Administrator

AZ-900

Azure Fundamentals

MS-900

Microsoft 365 Fundamentals


How I think about this work

01

Security has to work in the real world. Policies that break productivity get bypassed. I design controls that are enforceable, explainable, and actually deployed.

02

Identity is the new perimeter. If your Conditional Access isn’t doing the heavy lifting, your firewall is the last line of defence — and that’s a problem.

03

Document what you learn. I’ve fixed the same Autopilot issues three times at different orgs. Writing it down once helps everyone — including future me.

04

Complexity is a smell. If an Intune policy requires a 20-slide deck to explain, it’s probably wrong. Simple, layered, well-named configurations win long-term.


Beyond the day job

Most of what I write here comes out of late evenings and weekends — I’m doing this alongside a full-time role, not instead of one. If a post reads like it came from someone still elbow-deep in a live tenant, that’s because it did, usually a few hours before I wrote it up.

When I’m not in a lab or on camera, I run — it’s become one of the few things that clears my head after a day of troubleshooting RBAC permissions or chasing down why a Conditional Access policy isn’t applying the way it should. I’ve also got a growing interest in Indian formal fashion, which has nothing to do with Intune but keeps me human outside of a terminal window.

If you’re reading this site, there’s a good chance you’re doing something similar — a full-time job, learning on the side, trying to actually understand the “why” instead of just following a checklist. That’s exactly who I’m writing for.

Based in India Running Indian formal fashion Lifelong learner

Want to connect or collaborate? I’m always up for a conversation about Microsoft 365, endpoint architecture, or modern workplace security. Reach out I usually respond within a day or two.
Get in touch →

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.