Device management has become an increasing priority for many organisations. This is driven by the rise of device numbers and a shift to laptops and hybrid working. It is important for organisations to manage their devices and secure their data across their full infrastructure suite. In this article we discuss how you can do that with Microsoft Intune.

Introducing Microsoft Intune

Microsoft Intune is a cloud-based service that focuses on what is called Mobile Device Management (MDM) and Mobile Application Management (MAM). Effectively it is a tool for managing your organisations devices, data and applications. These devices can include phones, tablets and laptops.

One of the great things about Intune is it allows your employees to use their own personal devices in a work setting, while giving you full control over your data. Intune can isolate your organisation’s data from personal data.

Intune allows you to configure specific policies around a wide range of things. For example, when someone leaves the organisation you can delete all of the data held on these devices. Or you could prevent emails from being sent to people outside your organisation.

Microsoft Intune and Microsoft 365

Microsoft Intune is part of Microsoft’s Enterprise Mobility and Security suite and now sits within the Microsoft Endpoint Management product family.

Intune is fully integrated with the wider Microsoft 365 suite allowing you to deploy the various Microsoft 365 apps to devices including Microsoft Teams, Outlook and OneNote. Intune also integrates with Azure Active Directory and uses the pre-existing controls and access rules there but for your devices.

Intune comes included in some Microsoft 365 bundles as standard and can be added to the rest for a monthly subscription.

Managing Devices in Intune

Intune allows organisations to define their own policies when it comes to device management. For example, with organisation-owned devices you may want higher levels of control. These can include settings, features and security. For example, you can set password and PIN requirements, create a VPN connection, set up threat protection, and more.

For personal devices generally a softer approach is applied. These can be application-level policies such as, if these users only want access to email or Microsoft Teams, then use app protection policies that require multi-factor authentication (MFA) to use these apps.

When devices are enrolled and managed in Intune, administrators can:

  • See the devices enrolled and get an inventory of devices accessing organisation resources.
  • Configure devices, so they meet your security and health standards. For example, you probably want to block jailbroken devices.
  • Push certificates to devices so users can easily access your Wi-Fi network or use a VPN to connect to your network.
  • See reports on users and devices compliance.
  • Remove organisation data if a device is lost, stolen, or not used anymore.

Intune is an extremely useful and relevant solution to improve security across your organisation. It is one of the many quick wins you can achieve with the wider Microsoft 365 suite. To learn more, discover our full range of cyber security services or download our Microsoft 365 guide today.