Introduction
In early 2023, the National Bank of Kenya—a bustling financial institution of 1,500 employees based in Nairobi—recognized that its Microsoft E5 security bundle was going largely unused. They struggled to deploy critical protections like disk encryption, wrestled with managing Windows, macOS, iOS and Android devices from disparate tools, and faced frequent data‑leakage incidents on unmanaged laptops and phones.
Seeking a unified, cloud‑native solution, NBK turned to Microsoft Intune. Its agentless architecture and superior device inventory instantly gave their IT team visibility across every endpoint. Deep Secure Score integration enabled them to track and continuously improve their security posture. By bringing Defender for Endpoint insights, automated remediation, and risk‑based Conditional Access into one console, NBK could finally enforce corporate enrollment policies and app‑level controls for BYOD scenarios without friction.
“With CRAG’s Intune implementation, we achieved a 37% increase in Secure Score—from 51.80% in 2023 to 71.15% in 2025—bringing us real confidence in our device security.”
– Michael Abuli Juma, ICT Security Manager, National Bank of Kenya
Results
Within two years, NBK’s Secure Score jumped 37%—from 51.80% in 2023 to 71.15% in 2025—driven by broad enrollment of both corporate‑owned and personal devices under Intune MDM and MAM. Compliance levels soared, data‑leakage incidents plummeted, and the IT team reclaimed countless hours previously spent on manual device audits.
