According to a study by Kensington, 52% of devices are stolen or lost from the workplace. With a large shift to remote work, Mobile Device Management (MDM) is no longer a luxury, but rather a necessity. While there are many different mobile device management solutions, Microsoft's integrated solution, Microsoft Intune, ranks as one of the best solutions on the market. Continue reading to see if Intune is right for your organization.
Microsoft Intune is a mobile device management (MDM) and mobile application management (MAM) cloud-based service. Through Microsoft Intune, you can control how your organization's devices are used, including tablets, laptops, and mobile phones.
Prevent emails from being sent to people outside your organization
Allow employees to use personal devices for school or work
Isolate personal data from organizational data
Deploy Microsoft Office 365 apps easily to devices within your organization
What can you do with Microsoft Intune?
1. Manage Devices with Microsoft Intune
Whether your organization issues corporate devices or incorporates a BYOD policy, Microsoft Intune will allow you to enroll and control all employee devices. Depending on how your organization issues devices, you can adjust the settings in Intune to allow you to have control on all settings, features, and security.
Remove organization data if the device is stolen, lost, or not in use
2. Manage Applications with Microsoft Intune
Microsoft Intune is designed to protect organizational data at the application level through app protection policies. These app policies:
Secure access to personal devices by restricting certain actions
Use Azure AD identity to isolate organization data from personal data
Can be created and deployed on devices enrolled in Intune
3. Increase Security and Compliance with Microsoft Intune
To enable a broad set of access control scenarios, Microsoft Intune can integrate with Azure Active Directory. In this scenario, your organization will require mobile devices to be compliant with your organization's standards - defined in Intune prior to allowing access to network resources.
Depending on your organization's security and compliance standards, you can define your set of rules within Intune to lock down certain services for a specific set of users and devices.
Intune is part of Microsoft's Enterprise Mobility + Security (EMS) suite. Intune coordinates with Azure Active Directory (Azure AD) to identify who has access to this application and what they can access. In addition, it integrates with Azure Information Protection for data protection. It can be used with the Microsoft 365 suite of products.
For example, you can deploy Microsoft Teams, OneNote, and Endpoint to your mobile devices. This allows the employees in your organization to be productive on all of their devices, while keeping your organization’s information protected.
Microsoft Intune Features
Compliance and Conditional Access
Solve Common Business Problems Intune Solves
Define Your Own App Protection Policies
Remotely Managed Devices
Reports and System Logs
Task Creation and Management
Microsoft Intune Benefits
Microsoft Intune provides your organization with the flexibility it needs to control your critical data, regardless of the device. Due to its cloud-based feature, Intune can work to secure iOS, Windows, and Android devices from one single mobile solution.
Microsoft Intune benefits:
Mobile Device Tracking
Remote Data Wiping and App Distribution
Microsoft Intune Extension Management
Microsoft Intune Management was added on to the Intune application as an extension to upload PowerShell scripts. The management extension enhances Windows device management (MDM), and makes it easier to move to modern management. You can run these scripts on Windows 10 devices. This feature applies to Windows 10 and later (excluding Windows 10 Home).
MDM for Office 365 vs. Microsoft Intune
Microsoft currently offers two mobile device management solutions: MDM for Office 365 and Microsoft Intune. While these products are similar, there are key differences between them that can sway your decision.
MDM for Office 365
MDM for Office 365 is included in many Office 365 subscriptions and offers integrated tools for your organization to manage your user’s mobile devices. While MDM for Office 365 offers a limited feature set, it can still be used to enforce policies and settings to help control access of Office 365 data on mobile devices. These capabilities are divided into 4 settings categories: requirement of password settings, encryption settings, non-jailbroken devices, and a managed email profile. MDM for Office 365 is a great mobile device management solution if there is no requirement for mobile application management.
Alternatively, Intune provides both mobile device management and mobile application management solutions. This ensures that your corporate data is not only protected in Office 365, but in all applications where this data exists. Using Azure Active Directory and the Intune portal, you can deploy, configure, and manage applications, as well as wipe devices or specific applications in case your employee loses their device. Intune is included with a variety of Microsoft 365 licenses as well as a standalone license, and includes more policy settings than MDM for Office 365, such as policies to configure settings, updates, applications, and more.
Move to Modern Management
User computing is undergoing a digital transformation. Traditional IT focuses on a single device, manual platform. In comparison, the modern workplace uses a variety of platforms that are user and business-owned. Users can now work from anywhere with Intune.
Intune has a variety of system and administrative requirements. First, all users that are required to have their devices managed must have an Intune subscription via a standalone license or another license that includes Intune. Additionally, the person in charge of deploying and managing Intune must have a global administrator or Intune service administrator role assigned to them. Having Azure Active Directory set up is not necessarily a requirement, however it is highly recommended, as it will automate the process of adding users and groups within Intune.
Finally, based on the manufacturer of the devices that you’d like to be managed, here are the following operating system requirements:
Apple iOS 12.0 or later
Apple iPadOS 13.0 or later
MacOS 10.13 or later
Android 6.0 and later
Windows 10 (Home, S, Pro, Education, and Enterprise versions)
Windows 10 Enterprise 2018 LTSC
Windows 10 IoT Enterprise
Windows Holographic for Business
Windows 10 Teams
Windows 10 1709 or later
PCs running Windows 8.1 or later
Microsoft Intune Pricing
As previously mentioned, Intune is included in a variety of Microsoft 365 licenses and as a standalone license. View our list below to see what Microsoft licenses include Intune.
Note: Costs listed above are at market rate, but Microsoft Gold Partners, like Datalink Networks, are able to provide these licenses at a discounted rate. Contact us today to see how Datalink Networks can save your organization money on Intune licensing!
How to get started with Microsoft Intune
To get started, you first need to ensure that you have purchased the appropriate licenses and have complied with the requirements above.
After the requirements are met, you’ll need to configure your company’s domain name with Intune. You can then use Azure Active Directory to sync existing users and groups with Intune. Once your users are added to Intune, you can assign them licenses, giving users permission to use Intune. From here, you can begin adding applications, configuring and enrolling devices as needed.
For help getting your organization set up on Microsoft Intune, contact Datalink Networks today for a free consultation!