- Our Inside 365 Business Premium offers a deep-dive into each of the features of the Microsoft 365 Business Premium subscription – especially those that may be lesser-known.
- In this edition, we’ll explore Microsoft Intune: a cloud-based service which enables advanced Mobile Device Management (MDM) and Mobile Application Management (MAM).
- In plain English, Intune helps empower your team to use their own devices to access sensitive business data and applications using secure policies that you control. The end result? Higher security, higher compliance, and better productivity.
Building an effective team in your business is all about flexibility.
Gone are the days of employees being metaphorically chained to their desks for every minute of the day. Instead, modern teams are working in entirely different ways – from living rooms to coffee shops. As part of this more flexible approach to working, a natural upshot is an increase in the use of mobile devices for work purposes.
Whether an employee is using a company-owned device or one of their own, it’s essential that business owners maintain the security of your critical data and, where necessary, the devices themselves. Allowing mobile access to sensitive data might be an uncomfortable thought for some business owners, but it’s also a great way to make teams more agile and productive – so how do you keep everything safe and secure?
The answer is Microsoft Intune.
Available as part of Microsoft 365 Business Premium subscription, Intune is one of the best reasons to choose the Premium plan.
Let’s find out why.
What is Microsoft Intune?
Microsoft Intune is a cloud-based service which allows businesses to manage both mobile devices and mobile applications remotely.
It can be used with smartphones, tablets, desktops, and laptops to give remote teams greater access to company data without compromising security.
With Intune, in combination with the Azure Active Directory (Azure AD) Premium P1 or P2 plans, you gain fine-grain control over your sensitive business data in a safe and secure way using trusted policies which you establish. Intune also effortlessly integrates with tools like Conditional Access (available as part of Azure AD) to further refine the who, what, and where of data accessibility.
Microsoft Intune features two distinct components depending on your company’s particular goals or operations.
Let’s look at each of these options in a bit more depth.
Mobile Device Management (MDM)
Intune’s Mobile Device Management component is used to create a fleet of organization-owned mobile devices.
With MDM, you can “enrol” a mobile device into Microsoft Intune. After enrolment, you’ll have almost complete control of the device configuration, including:
- Requiring a password or PIN to be used to access the device.
- Push Wi-Fi certificates or enable VPN connections for secure access to internal company resources.
- Block devices which don’t meet security or device health standards. For example, some devices can be “jailbroken” to enable non-standard features, and it’s unlikely you’d want these connected to your network.
- Enable device-level threat protection where required.
But what if you don’t want to invest in company-owned devices and instead want your team to use their own smartphones, tablets, and so on?
Microsoft Intune can help there, too.
This is known as “Bring Your Own Device”, or BYOD, and it’s an easy way to get your team up and running remotely – but it can be a security risk.
With Intune, the risk is mitigated by using a “walled garden” approach. Essentially, this means that, once the user’s device is enrolled with Intune, the system creates a dedicated area on the device for storage of sensitive business data.
Crucially, only Intune-authorized users can access this encrypted data. In this way, you can enjoy the benefits of a mobile-enabled team without having to purchase a fleet of new hardware.
If you’d rather not enrol employees’ personal devices into Intune, don’t worry – there’s another option you can explore.
Mobile Application Management (MAM)
Mobile Application Management, or MAM, is actually quite similar to MDM – it just operates at a different level.
Rather than implementing your security policies and configuration requirements at the device level, MAM instead does it for individual applications.
By doing things this way, you can allow remote team members to access and make use of sensitive business data – but only within the parameters that you approve centrally. Not only that, but you’ll also retain complete control of your data, even when it’s being accessed on a mobile device which could be anywhere in the world.
With MAM and Intune, administrators are able to:
- Remotely install mobile apps for specific users, devices, or user groups.
- Create rules for specific applications to be launched. For example, you could set a rule so that the app won’t launch until it’s been updated to the latest version.
- Remotely erase company-specific data from mobile devices, while leaving personal data intact.
- View reports of app usage on a per-user, per-device, or per-group level.
Intune also supports App Protection Policies which, in plain English, ensure that – even if a user is operating on an approved Intune-enrolled device – the data within the app cannot be moved or copied outside of that app. Policies like this operate as an extra layer of insurance over and above user- and device-based policies.
How to start using Microsoft Intune today
As you’ve probably noticed, Microsoft Intune isn’t lacking in features – or security.
If you’re running a business with any level of data sensitivity or potential risk, Intune makes perfect sense.
Not only does it protect your and your customers’ data, but it also enables worry-free remote and flexible working for your employees.
So how do you start using Microsoft Intune? It’s simple: all you need is a Microsoft 365 Business Premium subscription.
Starting at just £15.10 per user per month, with annual commitment, Business Premium is one of the best value apps and services packages available to small businesses today.
Not sure where to begin with Microsoft 365?
Intune is just one of the advanced features and cloud services crammed into the Microsoft 365 Business Premium subscription. It’s bursting with other apps and services, including Microsoft Office, Teams, Outlook, SharePoint, OneDrive, and much more.
To learn more about what else you’ll unlock with this plan, the Microsoft 365 experts at Get Support are here to help you anytime.
Call our friendly team today on 01865 59 4000 for the complete lowdown on Microsoft 365, or just fill in the form below and we’ll get back to you.