A major task of every system administrator is to protect and secure resources and data of their organization on their devices. This task is called Device Management. Users receive and send emails from personal accounts, surf websites from home and restaurants and install apps and games. These users are also employees and students. On their devices, they want to access school and work resources, such as email and OneNote, and access them as quickly as possible. As administrators, your goal is to protect these resources, and provide easy access to users on all their many devices, all at once.
Device Management allows organizations to protect and secure their resources and data from different devices.
What is Microsoft Intune?
Using a Device Management Provider, the organization can ensure that only authorized people and devices gain access to proprietary information. Similarly, users can feel comfortable accessing work data from their phone, knowing their device meets their organization’s security requirements. As an organization, you may ask – what shall we use to protect our resources?
The answer is – Microsoft Intune. Intune offers mobile device management (MDM) and mobile application management (MAM). Some key tasks of any MDM or MAM solution are:
- Support for a diverse mobile environment and manage iOS/iPadOS, Android, Windows and MacOS devices securely.
- Acknowledgment that the devices and applications comply with your organization’s security requirements.
- Create policies that help keep your organization’s data secure on organization-owned and personal devices.
- Using one unified solution for mobile devices to enforce this policy, and help manage devices, apps, users, and groups.
- Protecting your company’s information by helping you control how your workforce accesses and shares their data.
- Intune is included with Microsoft Azure, Microsoft 365, and integrates with Azure Active Directory – it helps control and manage who has access and what they have access to
Microsoft Intune Functionality
Microsoft Intune is the MDM and MAM provider for the devices in your organization:
Microsoft Intune is a cloud-based service focused on mobile device management (MDM) and mobile application management (MAM). With it you can control how your organization’s devices are used, including: mobile phones, tablets, and laptops. You can also set specific policies to control applications. For example, you can prevent emails from being sent to people outside your organization. Intune also lets people in your organization use their personal devices for school or work. On personal devices, Intune helps make sure your organization’s data stays protected and can isolate organization data from personal data.
In Intune, you manage devices using an approach that works for you. For enterprise-owned devices, you may want full control over the devices, including settings, features, and security. In this approach, devices and users of these devices “enroll” in Intune (Enroll). After enrolling, they receive your rules and settings using policies defined in Intune. For example, you can set password and PIN requirements, create a VPN connection, configure threat protection, and more.
For personal devices, or BYOD devices, users may not want their organization’s administrators to have full control. In this approach, give users options. For example, users register their devices if they want full access to your organization’s resources. Alternatively, if these users only want access to email or Microsoft Teams, they can use an app protection policy that requires multi-factor authentication (MFA) to use these apps.
Once a device is enrolled in Intune, administrators can:
See the registered devices and get an inventory of the devices accessing the organization’s resources.
Configure devices to meet your security and health standards. For example, you probably want to block devices that are jailbroken.
“Push” security credentials to devices so users can easily access your corporate WIFI or VPN connection on your network.
See reports and logs about compliance of devices and users.
Remove organization data in case a device is lost, stolen or not in use.
Compliance and conditional access
Mobile application management (MAM) in Intune is designed to protect enterprise data at the application level, including custom apps and “store apps”. Application management can be used on enterprise-owned and personal devices.
When apps are managed in Intune, administrators can: Add and assign mobile apps to specific users, groups, or devices, including users in specific groups, devices in specific groups, etc.
Configure apps so that they come up with specific settings or update apps that already exist on the device.
See reports on the apps and their usage.
Performing a “selective deletion” of the organizational information only.
Compliance and conditional access
Intune interfaces with Azure AD enable a wide variety of access control scenarios. For example, it’s possible to require that mobile devices comply with the organization’s policy defined in Intune before they access network resources such as email or SharePoint. Also, services can be locked so that they will be available only to a certain group of applications, for example – Exchange online can be locked so that it will only be available through Outlook or Outlook for mobile.
YouCC Technologies has many years of experience in the worlds of Microsoft’s information security, as a Gold Partner of Microsoft we have experience and knowledge that will help you
Implement MDM in your organization, we will accompany, advise, and provide troubleshooting throughout the Intune purchase and implementation process and guide how to configure the corporate applications and users until the project is successful.
אז איך YouCC טכנולוגיות יכולה לעזור לך?
Interested in your cloud security?
Looking for A company that will accompany you personally, professionally and without compromise? Let's talk!
Leave us your details so that we can get to know you, understand your needs and match you with the best service.