In today’s technology world, let’s face it- employees and students are no longer just working in an office, it’s becoming a hybrid work-from-anywhere mindset. These employees and students need to access their resources and more importantly need to do so in a safe and efficient manner. IT Admins all over the world are adjusting in a post-pandemic era to a whole new set of requirements and challenges to maintain the needs of a hybrid workforce. I distinctly remember right in the beginning of the COVID-19 pandemic and the sheer panic to source equipment and adjust workflows to get everyone ready for working remotely and I wished at that point I had a better method to push apps/policies and know I maintained that level of administration on my companies’ devices. Lots of late nights/long days, phone calls to vendors, and piecing together some new workflows to access those resources resulted in a remote workforce for the unforeseeable future. I learned a lot in that brief time period, but I also learned that I wanted a better way to manage my devices and be able to easily push out an application without using more tools than my browser tabs could fit.
As I went on that quest to start consolidating portals and other RMM solutions, I started seeing several articles coming up about Microsoft’s Intune product and it got me interested in learning more about what it could do for my organization. In the last 2-3 years, Microsoft’s Intune product has come a long way and continues to grow at a rapid pace. While there have been a few name changes along the way, one thing that continues to be promising is the new features that are coming out every few months and the pipeline is rich with new capabilities.
From a high-level overview, Intune is a mobile device management (MDM) or mobile application management (MAM) platform that simplifies your application and device management across your network. There are other companies out there that are providing similar solutions, but one big difference is you may already have licensing for this solution, and you don’t even know it. Microsoft Intune already comes with:
- Microsoft 365 E5
- Microsoft 365 E3
- Enterprise Mobility + Security E5
- Enterprise Mobility + Security E3
- Microsoft 365 Business Premium
- Microsoft 365 F1
- Microsoft 365 F3
- Microsoft 365 Government G5
- Microsoft 365 Government G3
- Intune for Education
- Microsoft 365 Education A5
- Microsoft 365 Education A3
When you start to look at the capabilities of what Intune can do for your environment, I think the best way to break down capabilities it to look at Apps, Identities, Security/Compliance, and Devices.
You can simplify your application management by either pushing out applications to specific users/groups or even having a self-service portal (Company Portal) that allows end users to download applications that are made available to them in any platform whether it’s Windows, Mac, or Mobile.
With applications that are uploaded and distributed through Intune, you can deploy, update, and remove applications along with having policies to control the access and the critical data behind those apps.
What’s nice about Intune is its integration with Azure AD. Whether you have an on-premise environment synchronizing users to Azure AD or you have no on-premise Active Directory environment at all, all of those users and groups within Azure AD allow you fully control your Intune environment on who should get apps/policies to different security settings per group. That also means that you can bring in those conditional access policies for what devices and apps are privileged and not privileged to do in your organization.
Keeping that security mindset, Microsoft Intune has integrations and 100s of policy settings/configurations to safeguard your users, applications, and devices. From turning device features on/off to safely deploying out encryption protection and VPN to end-user devices, there are pages and pages of settings to harden your devices and maintain that level of compliance required for your environment. With the constant quest for Zero Trust models, Microsoft Intune helps achieve that concept through centralizing your configuration and administration of Endpoint Detection, updating, access/conditional access, and protecting data and your identities. There is a lot to uncover once you start looking into implementing Intune but starting to grasp the full capabilities goes a long way to know how powerful Microsoft Intune can be for your organization.
It was mentioned in previous sections, but Microsoft Intune isn’t just for Windows devices. Intune supports devices running the following operating systems (OS):
- Chrome OS
Intune simplifies the enrollment for these various operating systems with countless methods to enroll devices depending on the OS and then once the devices get enrolled there are hundreds of settings to properly set the configuration of those devices. Once a device gets enrolled, there is a full device inventory that gets created and that also gives you the ability to run remote operations on the device such as Wipe/Resets, Locating Devices (iOS/Windows 10), Diagnostic Collection, Endpoint Analytics, Syncing and several other options depending on the OS version.
For Windows devices, one final huge benefit is Microsoft Intune’s Autopilot feature. Autopilot truly simplifies the Windows device lifecycle for the IT admins who are deploying out these devices to the end users who need to get their device setup. You can either take an existing device or even drop ship a device from a hardware vendor to an end user to get that device ready for business use. This could eliminate the need to re-image devices and rapidly deploy Windows devices for end users. A graphic of that process is below:
As you can see the Microsoft Intune platform is powerful, and agile and could tremendously benefit your business. If you are a cloud-only or fully on-premises environment that has some resources in the Office 365 ecosystem, Intune could be a great fit for your organization. Here at Winslow Technology Group, we have successfully implemented Microsoft Intune for numerous organizations and whether we streamlined enrollment processes, consolidated several third-party systems, or standardized security practices for end-user devices, they all resulted in one thing: Giving IT Admins and end users a better workplace experience.
If you are interested in learning about Microsoft Intune and how it could benefit your environment, reach out to your WTG Account Executive today!