- Azure Purview: Data governance for on-premises, multicloud, and SaaS data - Wed, Feb 17 2021
- The risk of fake OAuth apps in Microsoft 365 and Azure - Fri, Nov 27 2020
- Azure Sentinel: Microsoft's SIEM for the cloud and on-premises - Fri, Oct 30 2020
Bring Your Own Device? No problem – we have Intune ^
The biggest headline feature for version 3 is undoubtedly the included support for iOS 4.0+, Windows Phone 7+ and Android 2.1+ devices through Exchange Active Sync (EAS). Devices can be automatically discovered as users configure them to receive Exchange emails and administrators can control through policy which devices can connect. Once discovered you can have different policies for different types of devices, number of digits in pins for instance, you can even request encryption of the device (provided the device supports it).
Setting up good policies in Intune is now easier with recommended settings already enabled.
Best of all you can use Intune to deliver iOS and Android in-house Line of Business applications to user’s devices. Note that you can’t do this for Windows Phone 7 devices due to its security model – this is a promised addition to the forthcoming Windows Phone 8 platform. Yes I know – a Microsoft product that does Apples and Androids but not its own platform – pigs are flying past my Windows.
But for iOS and Android you can either push out applications to select devices or you can make the apps available and let the users decide if they’d like to install them. For Android apps you need the .apk file and for iOS your developers will need to give you the .ipa binary and the XML manifest (a plist file that’s used to find, download and install any iOS application outside the Apple store). You can control application availability depending on device form factor – only available on tablets but not smartphones for example.
Administrators can also initiate remote wipes where a device has been lost or stolen; this can also be delegated for users to do themselves. Users can browse to a mobile version of the company portal which provides a minimal but touch friendly interface. Read more about Intune mobile device application support here.
The little sister of the Company Portal provides access to the Intune things you’d need to do on a mobile device.
For businesses with in-house Exchange, Intune policies can be used to control what devices can be used to access those servers. Looking towards the future it’s also clear that Intune will be the platform of choice to manage Windows RT tablets when these become available and will be able to deploy custom software to these devices in much the same way as is possible today for iOS and Android. Overall storage available for Windows applications as well as mobile applications (but not MS updates /patches) is 2 GB.
In the next part in this four part review of Windows Intune we’ll look at the new authentication options as well as the improvement to policy management.