Arraya Insights | September 9, 2021
As a cloud-based service that focuses on mobile device management (MDM), Intune allows the user to control how their organization’s phones, tablets, and laptops are used, as well as the ability to configure specific policies to control applications.
This MDM solution has several different use cases and features that have become a staple in most configurations and application management strategies over the years. You’re likely aware of the ability to create a unique application experience, however, the device management principles also carry over from the capabilities driven by Windows 365 and on-premises management practices.
Here are a few more reasons to get to know Intune:
- You May Already Own It: Consider Consolidating Third-Party Licenses
As an MDM platform, Intune is a leader in the space. The ability to integrate Microsoft 365 licensing bundled with Intune licensing makes it a great opportunity to consolidate.
- Windows 10: Enjoy the Direct Benefit of Intune’s Management Capabilities
Today, it’s all about working smarter, not harder. These management capabilities will help your organization stay agile in a rapidly changing environment.
Windows Autopilot is used to set up and pre-configure new devices in your organization by using the processes developed by the Microsoft Deployment Toolkit and Configuration Manager Operating System Deployment practices. These practices have evolved into a cloud enabled provisioning model that can help reduce your on-premises dependencies for tools and IT support staff.
As a fast track to getting the cloud configurations ready to support AutoPilot and Windows 10, try this guided scenario, which can be used in production once configured for your individual needs.
- Virtual Desktop Infrastructure/Azure Virtual Desktop
For those using a Virtual Desktop Infrastructure, this can be managed by Intune to provide a secure and uniform desktop experience that would be similar to corporate issued laptops while working in a cloud-based desktop.
- Integration with Active Directory Domain Services
Active Directory Domain Services (AD DS) is a valuable tool to move the Windows 10 Management capabilities to the cloud. The hybrid functionality of AD DS that’s been introduced when using Configuration Manager provides a fast lane to get to the cloud using your existing systems.
- Security at the Forefront: Windows 365’s Security Configurations
Security remains a top priority in most management tools and capabilities for devices. With Windows 365, Microsoft’s latest service that puts the Windows operating system in the cloud, most security configurations may already exist in a device and user centric approach.
The tools you’re familiar with and rely on will still be available but in a more robust capacity, including:
This tool can be applied to a device without additional infrastructure, such as AD FS, when applying to Hybrid devices and is native to cloud-first Azure AD joined devices. Intune adds an additional layer of capabilities by managing the configurations across the device and user experience. Various triggers, also known as signals, can define the device usage and authorization across other secured resources.
Traditionally used Group Policy settings have been making their way into the cloud for years. Now you can take advantage of most of the settings you traditionally managed with Group Policy while using Intune instead.
There are supported GPO-like configurations that can be moved to Intune while still allowing the capability to choose which platform would take priority when using a Hybrid configuration.
Bitlocker Configurations can be applied in several ways; however, these methods do not support an accurate way to ensure the configuration is in place and re-apply this configuration if/when disabled (like Intune does).
With Intune, users can:
- Apply configurations to a fully decrypted drive by using a configuration profile or compliance policy.
- Review real-time reporting and feedback in encryption reports.
- Apply this configuration using Endpoint Manager and MBAM-based capabilities in a Hybrid approach when co-managed.
Access recovery keys, which can be written to Azure AD, from anywhere by an Intune Administrator and from the user’s 365 profile (which eliminates the need to provide a web-based unlock utility).
d) Windows as a Service (WaaS)
This feature can alleviate the update infrastructure dependency for Windows 10 by providing quality updates and feature updates through configurations that can be applied using Intune. These configurations ensure a consistently patched Windows 10 environment and reduce the need to upgrade and refresh systems on-premises.
- Apple & Android Users: Enjoy Direct Integration Capabilities
Apple and Android device configurations have direct integration capabilities with Apple Business Manager, Samsung Knox, Google Administrator, TeamViewer, and more.
With these capabilities, users can:
- Create an immutable configuration that keeps your device managed by associating the hardware to your Intune tenant.
- Apply configurations and application settings that allow varying stages of application visibility and unique configurations to authorize the application to work with your organization.
- Subscribe to applications through third-party vendor stores, reduce the ability to subscribe to malicious applications, and provide core applications through an Intune Portal app.
- Apply conditions and compliance levels to ensure the types of devices and security mechanisms are in place before a device is added to the management platform, in addition to monitoring and remediating devices that fall out of compliance.
- BYOD: Intune Makes Bring-Your-Own-Device Safer for Use
The BYOD method can be made much safer by isolating data and applying security configurations to the devices. When applying security configurations with Intune, users would be required to secure the device. In addition, the device configurations can be remotely removed on demand by IT administration without affecting the device owner’s personal data and settings.
Next Steps: Take Advantage of Microsoft’s Latest Offerings
Want to learn more about taking advantage of Intune at your organization? Our team can help. Trials for Intune can be activated through an existing Azure or Windows 365 subscription and we’ll work with you to see what best fits the needs of your organization. Reach out to us today to start a dialogue or with any questions.
Visit https://www.arrayasolutions.com/contact-us/ to connect with our team now.
Follow us to stay up-to-date on our industry insights and unique IT learning opportunities.