Case Study: Uncovering the Hidden Threats in a Corporate Mobile Environment

Featured, Torch SERVICE

Adriana Oberholzer

The Illusion of Security

From the outside, it looked like everything was under control. A well-known enterprise in a highly regulated industry had rolled out Microsoft Intune across nearly 1,000 devices. They had policies in place, teams managing the environment, and a general confidence that mobile risk was low. After all, they had the software—so surely, they had security.

But what they didn’t have was visibility. And that’s where Torch came in.
What They Didn’t Know Could Hurt Them
Torch was brought in to conduct what was expected to be a routine Intune assessment. What we found was eye-opening:
  • Over 30 devices were non-compliant and accessing company data unchecked.
  • 98% of mobile devices were personally owned, with little to no control over their configurations.
  • Outdated and unsupported Android enrollment methods were still in use.
  • Critical Wi-Fi and VPN profiles were misconfigured—or missing altogether.
  • App protection policies were present but not properly assigned or enforced.
This wasn’t a failure of effort. It was a case of complexity outpacing oversight. Despite best intentions, the organization’s mobile environment had become a patchwork of half-implemented policies and unchecked access points.
Going Deeper Than the Dashboard

What makes Torch different is our approach. We don’t just run a scan and deliver a report. We investigate. We question. We connect the dots between policy, platform, and people.

In this case, our team uncovered misaligned roles between internal IT teams, missing scope tags that crippled visibility, and policy inheritance that conflicted across device groups. Even basic compliance settings like minimum OS versions and screen lock timers hadn’t been enforced.

This wasn’t just a gap—it was a liability waiting to be exploited.

From Exposure to Control

We didn’t just identify the issues—we mapped out a transformation plan:

  • Migrated all Android devices from deprecated modes to secure, enterprise-grade profiles.
  • Rationalized and consolidated six overlapping compliance policies.
  • Fixed broken certificate deployments that had blocked secure access.
  • Implemented clear, documented assignment for VPN, Wi-Fi, and app configurations.
  • Created dynamic groups and dashboards to make compliance visible and actionable.

The client walked away not just with a report, but with a blueprint for mobile security that scales.

It’s Not Just You

This story isn’t unique. We see it every week: smart companies with the right tools but the wrong assumptions. Endpoint security isn’t a set-and-forget solution. It’s a living environment that needs active oversight and expert alignment.

Torch exists to help companies see what they can’t—and fix what they don’t even know is broken.

What Torch Brings

We bring clarity to complexity. Whether you’re running 500 or 5,000 mobile endpoints, we help you turn a blind spot into a strength. With our Microsoft Intune Best Practice Assessment, you get more than a checklist—you get peace of mind.

Ready to find out what’s really going on in your mobile environment? Let’s talk.

SHARE THIS ARTICLE

Latest Posts