Overview of Microsoft Intune
In this tutorial, we will get a detailed overview of Microsoft Intune.
Microsoft Intune is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). You control how your organization’s devices are used, including mobile phones, tablets, and laptops. Moreover, you can also configure specific policies to control applications.
Intune also allows people in your organization to use their personal devices for school or work. On personal devices, Intune helps make sure your organization data stays protected, and can isolate organization data from personal data.
However, with Intune, you can:
- Firstly, choose to be 100% cloud with Intune, or be co-managed with Configuration Manager and Intune.
- Secondly, set rules and configure settings on personal and organization-owned devices to access data and networks.
- Thirdly, deploy and authenticate apps on devices — on-premises and mobile.
- Lastly, protect your company information by controlling the way users access and share information.
Manage devices
In Intune, you manage devices using an approach that’s right for you. For organization-owned devices, you may want full control over the devices, including settings, features, and security. However, in this approach, devices, and users of these devices “enroll” in Intune. Once enrolled, they receive your rules and settings through policies configured in Intune.
Further, for personal devices, or bring-your-own devices (BYOD), users may not want their organization administrators to have full control. In this approach, give users options. For example, users enroll their devices if they want full access to your organization’s resources. However, when devices enroll and managed in Intune, administrators can:
- Firstly, see the devices enrolled, and get an inventory of devices accessing organization resources.
- Secondly, configure devices so they meet your security and health standards.
- Thirdly, push certificates to devices so users can easily access your Wi-Fi network, or use a VPN to connect to your network.
- Then, see reports on users and devices that are compliant, and not compliant.
- Lastly, remove organization data if a
- device lost
- stolen
- not in use anymore
Manage apps
Mobile application management (MAM) in Intune is designed to protect organization data at the application level, including custom apps and store apps. You can use App management on organization-owned devices and personal devices. However, when apps manage in Intune, administrators can:
- Firstly, add and assign mobile apps to user groups and devices, including users in specific groups, devices in specific groups, and more.
- Secondly, configure apps to start or run with specific settings enabled, and update existing apps already on the device.
- Thirdly, see reports on which apps are used, and track their usage.
- Lastly, do a selective wipe by removing only organization data from apps.
Compliance and conditional access
Intune integrates with Azure AD to enable a broad set of access control scenarios. For example, require mobile devices be compliant with defining organization standards in Intune before accessing network resources, such as email or SharePoint. Likewise, you can lock down services so they’re only available to a specific set of mobile apps. For example, for making it accessible only by Outlook or Outlook Mobile, you can lock down Exchange Online.
Reference: Microsoft Documentation