Microsoft has continued to improve their Office 365 offering, and the latest update came with the inclusion of many of their MDM features being rolled into the monthly subscription. While advanced features are still limited to the Microsoft Intune offering, many companies will be able to adopt the features that come with Office 365, and determine if the advanced features of Intune align with the company’s strategy. Zohaib Haider Ali on the Microsoft Office 365 team has written a blog on the different features included within Office 365 and Intune offerings, for companies to determine their best strategy for tackling MDM.
“As more and more businesses adopt a bring your own device (BYOD) approach to phones and tablets, keeping corporate data secure on mobile devices is becoming a top challenge. As part of our commitment to making Office 365 the business productivity service suite with the most advanced security and compliance capabilities, we’re excited to announce new mobile device management (MDM) features built in to Office 365 that will help you meet this challenge.
These new MDM capabilities, set to roll out in the first quarter of 2015, will help you manage access to Office 365 data across a diverse range of phones and tablets, including iOS, Android and Windows Phone devices, so you can:
- Help secure and manage corporate resources—Apply security policies on devices that connect to Office 365 to ensure that Office 365 corporate email and documents are synchronized only on phones and tablets that are managed by your company.
- Apply mobile device settings—Set and manage security policies such as device level pin lock and jailbreak detection on devices to help prevent unauthorized users from accessing corporate email and data when a device is lost or stolen.
- Perform a selective wipe of Office 365 data—Remove Office 365 corporate data from a device when an employee leaves your organization, while leaving their personal data, photos and apps intact.
- Preserve Office 365 productivity experience—Unlike third-party MDM solutions that have replaced productivity apps with restrictive all-in-one apps for corporate email, calendars and documents, MDM for Office 365 is built directly into the productivity apps your employees know and love. You can set access policies to help secure company data while keeping employees productive.
- Manage policies with ease—Administer mobile device policies directly from within the Office 365 administration portal, through an easy to use interface with wizard-based set up. View reports on which devices are connected to Office 365 and identify devices that have been blocked due to non-compliance.
These capabilities will be included with all Office 365 commercial subscriptions, including Business, Enterprise, EDU and Government plans.
Advanced mobile device and application management with Microsoft Intune
These MDM capabilities built in to Office 365 are powered by Microsoft Intune, our comprehensive device management and app management solution for phones, tablets and PCs. Organizations that need protection beyond what’s included in Office 365 can subscribe to Intune and get additional device and app management capabilities, including:
- Mobile application management—Enable your workforce to securely access corporate information using Office mobile apps while protecting your company’s data by restricting actions such as copy/cut/paste/save in your managed app ecosystem. Intune also extends these capabilities to existing line-of-business apps with the Intune app wrapper and enables secure viewing of content using the Managed Browser, PDF Viewer, AV Player and Image Viewer apps.
- Manage devices from the cloud, or integrate with existing System Center Configuration Manager on-premises—Intune can manage devices from the cloud, with no infrastructure required, or Intune can be connected to System Center 2012 Configuration Manager to manage all of your devices including PCs, Macs, Unix/Linux Servers and mobile devices from a single management console.
- Comprehensive mobile device management—Deploy certificates, Wi-Fi, VPN and email profiles automatically once a device is enrolled, enabling users to access corporate resources with the appropriate security configurations. You also have the ability to bulk enroll corporate devices to set policies and deploy applications on a large scale and can provide your users with a self-service Company Portal where they can enroll their own devices and install corporate apps.
The built-in MDM for Office 365 service we announced today, the advanced protection available with Microsoft Intune, or a combination of the two may be right for your organization depending on your needs.
Mobile computing is changing the world we live in. Microsoft is committed to delivering the best and most secure mobile productivity experiences on the planet. This includes creating great Office experiences across today’s mobile platforms and providing you with the tools to help keep your corporate data and apps secure.”
If you would like to see the article in full with comments, please visit https://www.microsoft.com/en-in/microsoft-365/blog/2014/10/28/introducing-built-mobile-device-management-office-365/. If you would like to discuss MDM deeper and receive assistance, please send an email to firstname.lastname@example.org and we will get in touch with you shortly.
Martin Feehan, PEI