Devices Enable your users Apps Unify Your Environment
Devices Enable your users Apps Unify Your Environment Data Protect your data Help organizations enable their users to be productive on the devices they love while helping ensure corporate assets are secure
Secure Android Devices and Applications with Microsoft Intune Conditional Access Secure access to email, Share. Point Online services using conditional access policy Data Protection Prevent data leakage from mobile apps using Intune data protection SDK Resource Access Deploy VPN, Wi-Fi, Certificate profiles to easily enable access Data Loss Prevention Selectively wipe corporate data off lost/stolen devices
Emphasis on User Experience Wide range of support Support for all Android devices 4. 0+ UX consistency Consistent management and user experience across all device OEMs Best productivity suite Productivity with Microsoft Office Separation of business and personal data Identity-aware apps let IT control corporate data while leaving personal data untouched
Device & compliance policy • PIN • Encryption • Root detection Deploy MAM policy with apps Publish managed apps • Office • Intune viewer apps • Copy/paste protection • Sharing restrictions • Cloud backup restrictions • Screenshot restricting
Intune MDM Agent App Code Company Portal UI MAM Internal MAM External
Google Cloud Messaging Service Intune
Play Store Apps Side loading (APK) Web links Required installation (mandatory) Yes Yes Available installation (in catalog) Yes Yes Uninstall No Yes Remove on Retire No Yes (KNOX only) Yes
Prompt after enrollment failure On the “Welcome” Page On the Contact IT tab
Kieran Gupta
Remote commands LOB apps App Store apps Inventory Enrollment Policies Config Profiles Retire check-in Apple MDM Agent i. OS Device Microsoft Intune Company Portal
Remote commands LOB apps App Store apps Inventory Enrollment Policies Config Profiles Retire check-in Apple MDM Agent i. OS Device Microsoft Intune Company Portal
BYOD Corporate Company Portal App User-based enrollment Install from the App Store Apple ID required Example: BYOD Users brings device Install Comp. Portal + Enroll Apply policy + configuration + jailbreak detection + AAD device registration (conditional access / compliance) + SSO and selective wipe (managed Office apps) Apple Configurator / DEP User-less bulk enrollment via Service Account User-based enrollment Pre-enroll / out-of-box enrollment Examples: kiosk, retail, corporate-owned CYOD Out-of-box enrollment Apply policy + configuration Install Comp. Portal (user) + lock MDM profile to device + enable Supervised mode Configuring Corporate-Owned Mobile Devices with Intune | Fri 9 AM
Supervised mode Supervise your corporate devices Kiosk mode Activation Lock bypass (Find My i. Phone) Silent app installation + prevent app uninstallation Custom background, lock screen message, device name Global HTTP proxy + always-on VPN Prevent device factory reset Prevent USB tethering more… Configuring Corporate-Owned Mobile Devices with Intune | Fri 9 AM
Jailbreak detection Symptoms Look for symptoms of jailbroken device § changes in OS behavior § binaries, config files § presence of certain apps/libraries Future Proof Detection logic not tied to any specific jailbreak kit or version Testing Regularly verify against latest jailbreak kits
i. OS Custom Policy Configure Define any i. OS setting or config payload available in [ Config Profile Reference] 2 methods § Apple Configurator § Custom-written XML <key>Payload. Type<key> <string>com. apple. appaccess<string> <key>allow. Camera</key> <false/> … Deploy § Custom i. OS Policy § Import. mobileconfig § Deploy to users
Forward-thinking: i. OS 9 Day 0 support Your users can upgrade worry-free at GA How we do it § Compatibility testing against beta drops § Proactive & regular communication with Apple New Features Prioritized and delivered based on customer demand.
Configuration Manager 2012 R 2 / Hybrid Config Manager Agent push settings to device via plist or script defaults write /Library/Preferences/ com. apple. screensaver ask. For. Password -integer 1 push wrapped app packages
Intune MDM-managed Windows Phone Android i. OS Mac OS X
Mac Support – v 1 Secure Web-based enrollment Passcode policies Disk encryption Configure Push Wi. Fi/VPN profiles Push custom policies Audit Hardware inventory Software inventory Device reports
2010 10. 6 2013 10. 7 10. 8 10. 9 MDM support 10. 10
Mac Management: Our Philosophy Level 1 Level 2 Level 3 MDM Agent Self-Service Portal
http: //aka. ms/nbtbvs http: //aka. ms/nbtbevents
http: //myignite. microsoft. com
- Slides: 35