Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) & mobile application management (MAM). Intune is included in Microsoft’s Enterprise Mobility + Security (EMS) suite, & enables users to be productive while keeping your organization data protected. It integrates with other services, including Microsoft Office 365 & Azure Active Directory (Azure AD) to control who has access & what they have access to, & Azure information protection for data protection.
With Intune, we can:
- Choose to be 100% cloud with Intune, or be co-managed with configuration Manager & Intune.
- Set rules & configure settings on personal & organization-owned devices to access data & network.
- Deploy & authenticate apps on devices on-premises & mobile.
- Protect your company information by controlling the way user access & share information.
- Be sure device & apps are compliant with your security requirements.
“Intune helps IT pros manage apps in heterogenous enterprise space while keeping corporate data secure.”
In Intune, you can manage devices using an approach that’s right for you. For organization-owned devices, you may want full control on the device, including settings, features and security. In approach, devices and users of these devices “Enroll” in Intune. Once enrolled, they receive your rules & setting through policies configured in Intune.
When apps are managed in Intune, administrators can:
- Add & assign mobile apps to user groups and devices, including users in specific groups, device in specific groups & more.
- Configure apps to start or run with specific setting enabled, & update existing apps already on the device.
- See reports on which apps are used and track their usage.
- Do a selective wipe by removing only organization data from apps.
“Intune’s app-layer protection enables MAM policy support for IOS & Android managed application.”
What Intune does?
Microsoft has identified a number of business issues that Intune can address. Those include the ability to protect on-premises email and data including Microsoft Office 365 mail & data so mobile device can safely access them. The company said the Intune app also helps organizations issue corporate-owned phones, offer a “BYOD” or personal device program and provide limited use shared tablet PCs to task-oriented workers.
How it works?
In Microsoft’s approach to managing mobile devices. Intune uses protocols or API’s available in mobile operating system to execute tasks, such as controlling devices. Enrollment let IT personnel maintain an inventory of devices able to access enterprise services. Other tasks include configuring mobile devices, providing certificate, Wi-Fi, virtual private network profiles, & compliance reporting with regards to corporate standard. Intune integrates with Azure AD to provide “access control” capabilities.
Microsoft’s Intune app management approach, meanwhile, covers areas such as assigning mobile apps to the workforce, configuring those apps with standard setting & removing enterprise data from mobile apps. Intune, when used in conjunction with other EMS suite services, lets an organization provide apps that can access additional mobile app & data security features, such as single sign-on & multifactor authentication.
Microsoft Intune subscriptions are licensed on a per-user, per-month basis. The product may be purchased as a stand-alone offering.
- As a stand-alone Azure service.
- Included with Microsoft 365 and Microsoft 365 government.
- As Mobile Device Management in Office 365 which consist of some limited Intune features.
One way that provides mobile app security is through “App protection policies”. App protection policies are:
- Use Azure AD identity to isolate organization data from personal data. So personal information is isolated from organizational IT awareness. Data accessed using organization credentials are given additional security protection.
- Help secure access on personal devices by restricting actions user can take, such as copy-and-paste, save & view.
- Can be created & deployed on devices that are enrolled in Intune, enrolled in another MDM service, or not enrolled in any MDM service. On enrolled devices app protection policies can add an extra layer of protection.
Benefits of Microsoft Intune
- With Microsoft Intune you can provide employees with the ability to register, enroll, and manage their devices as well as install corporate applications from the self-service Company Portal – all from the devices of their choice.
- With Microsoft Intune you can increase the Mobile productivity for your employees with access to corporate resources on Office mobile apps they know and love.
- Secure corporate data, including Exchange email, Outlook email, and OneDrive for Business documents, based on the enrollment status of the device and the compliance policies set by the administrator.
- Eliminate the need to plan, purchase, and maintain hardware and infrastructure by managing mobile devices from the cloud with Intune.
- Extend your existing System Center Configuration Manager infrastructure through integration with Intune to provide a consistent management experience across devices on-premises and in the cloud.
- Spend less time counting devices with per-user licensing for Intune. Intune is also included as part of the Enterprise Mobility Suite, the most cost-effective way to acquire Intune, Azure Active Directory Premium, and Azure Rights Management.
- Get answers to your questions with Microsoft support available online and by phone worldwide which is included with every Intune subscription.