Directory & Identity Management (IAM) + GPO
SSO, MFA, RBAC, GPO/Intune: secure and standardise your endpoints.
Directory and IAM deployment (Entra ID/Azure AD, AD DS, Okta, Keycloak), SSO, MFA, RBAC, provisioning (SCIM), GPO/Intune, Windows hardening, GDPR compliance.
Technologies and partners
Identity management stakes
Enhanced security
Strict access control with multi-factor authentication.
User productivity
SSO for simplified access to all business applications.
Compliance assured
GDPR compliance with full access traceability.
Centralised administration
Single management of users, groups and permissions.
IAM solution implementation
Security audit
Analysis of existing setup: users, groups, applications and vulnerabilities
IAM architecture
Directory, policies and application integration design
Progressive deployment
Phased implementation: directory, SSO, MFA, GPO
User migration
Secure account transfer and training on new processes
Monitoring & support
Continuous surveillance and security policy optimisation
IAM solution components
Centralised directory
Single identity and group base
- Active Directory
- Azure AD/Entra ID
- Hybrid sync
- Group management
Secure authentication
SSO and multi-factor authentication
- Single Sign-On
- MFA/2FA
- Conditional Access
- Passwordless
Security policies
GPO and workstation configuration
- Group Policy Objects
- Microsoft Intune
- BitLocker
- Windows Update
IAM and GPO implementation scenarios
Practical solutions adapted to your business needs
New employee: from hire to first day
Automatic provisioning from your HRIS: AD account creation, business group assignment, software deployment via GPO, immediate SSO access to applications.
Contexte métier concret
A salesperson joins the team. Their manager validates required access in the HR system.
Problématiques avant SuqiTech
2-3 day setup time, forgotten business applications, overly broad or insufficient access, new employee frustration.
Résultats mesurables
Technologies utilisées
Office 365 migration: from local AD to hybrid cloud
On-premise AD sync with Entra ID, transparent SSO to M365, preservation of existing GPOs with progressive migration to Intune.
Contexte métier concret
50-employee SME wanting to migrate to M365 without losing workstation control.
Problématiques avant SuqiTech
Risk of losing control, double authentication, cloud-incompatible GPOs, user training required.
Résultats mesurables
Technologies utilisées
Security hardening: from basic Windows 10 to enterprise
Security GPO deployment: automatic BitLocker, controlled Windows Update, USB blocking, centralised antivirus, event audit.
Contexte métier concret
Following a security audit, the company must strengthen workstation protection.
Problématiques avant SuqiTech
Unencrypted workstations, chaotic updates, unrestricted USB drives, heterogeneous antivirus, no traceability.
Résultats mesurables
Technologies utilisées
Compliance audit: traceability and governance
Automated access review setup, centralised logs, compliance reports, and privileged account governance with PIM.
Contexte métier concret
Company subject to regular audits (ISO 27001, GDPR) that must prove access control.
Problématiques avant SuqiTech
Orphan access, undocumented rights, no periodic reviews, uncontrolled privileged accounts.
Résultats mesurables
Technologies utilisées
Hybrid remote work: security without borders
Conditional Access by location, adaptive MFA, automatic VPN, policy sync on all devices (including BYOD).
Contexte métier concret
Post-COVID, the company wants to sustain remote work while maintaining security.
Problématiques avant SuqiTech
Slow VPN, weakened security outside office, uncontrolled BYOD, degraded user experience.
Résultats mesurables
Technologies utilisées
Besoin d'un accompagnement personnalisé ?
Chaque situation est unique. Échangeons sur vos besoins spécifiques pour vous proposer la solution la plus adaptée.
Questions fréquentes
What is the difference between Entra ID and Active Directory DS?
Entra ID (formerly Azure AD) is cloud-native, ideal for modern environments and Microsoft 365. Active Directory DS is on-premises, suited to hybrid or legacy environments.
Can MFA be deployed without migrating everything to the cloud?
Yes, we can deploy MFA in hybrid mode by syncing your on-premises AD with Entra ID via Azure AD Connect, or by deploying a third-party MFA solution.
Zones d'intervention
SuqiTech intervient dans tout le Pays de Gex et la région genevoise pour vous offrir un service de proximité réactif et personnalisé.
Temps de déplacement maximum : 30 minutes • Intervention d'urgence : sous 2h en zone prioritaire
Gérez vos identités et accès
Annuaire Active Directory et stratégies de groupe sécurisées
Gestion centralisée
Administration unique des utilisateurs et droits
Sécurité renforcée
Politiques de sécurité et contrôle d'accès
Automatisation
Gestion automatique des droits et groupes