Microsoft Intune (formerly Windows Intune) is a Microsoft cloud-based management solution which was introduced in July 2011 at CeBIT.
Contents
About Microsoft Intune
Microsoft Intune is a cloud service that provides mobile device management, mobile application management, and PC management capabilities. Intune’s mobile productivity management capabilities help organizations provide their employees access to corporate data, applications, and resources, while helping to protect their corporate information.
Intune supports Windows, Windows Mobile, iOS, Android, and Mac OS X devices and provides several options for protecting corporate data on these devices. Intune has two deployment modes: "standalone", as a fully cloud-based service which requires no on-premises infrastructure, and “hybrid”, working with on-premises System Center Configuration Manager. The Intune primary subscription includes usage rights to Configuration Manager, which allows organizations to manage PCs and mobile devices through the same management console.
Core features and functionality
Mobile Device Management (MDM):
Intune can manage both company-owned devices as well as end users’ personal devices, popularly known as "bring your own device" (BYOD). MDM allows corporate IT to control the following aspects of a device through the Intune web-based administration console: management, inventory, app deployment, provisioning, and retirement. With MDM scenarios, end users can enroll and remove their devices, install company apps, get quick access to company resources via email, WiFi, and VPN profiles, and contact their IT department or helpdesk by using an app called Intune Company Portal.
Mobile Application Management (MAM):
Intune has the ability to set app restriction policies at the app level for use with or without MDM device enrollment. Intune’s MAM capabilities enable IT to help protect corporate data with the policies that restrict data leakage such as “Cut/Copy/Paste/Save As”, provide encryption at rest, enforce application access and compliance, and remove corporate data at the application level.
Conditional access:
Intune allows IT to manage access to corporate data with its conditional access capabilities which ensure that only managed and compliant devices are able to access corporate email and files – all without requiring on-premises infrastructure. If the device is not managed by Intune or compliant with IT policies (such as password strength, encryption, OS version), the access is blocked. Additional checks such as group membership, location, and risk profile can be done at the user level with Azure AD Identity Protection that can further ensure that only authorized users can access work email, files, and SaaS apps.
Management of Office 365 and Office mobile apps:
Intune has unique capabilities to manage Office mobile apps on iOS and Android devices, including app-level authentication, copy/paste control, save as control, and enforce conditional access policies to Exchange Online, Exchange on-premises, SharePoint Online, and Skype for Business. Intune also enables multi-identity scenarios, which allows users use both personal and company accounts within the same Office mobile app.
PC Management:
In addition to managing mobile devices, Intune also manages computers running supported operating systems using the Intune agent or via MDM. The hardware and software requirements to run the computer client are minimal—any system capable of running Windows Vista or later is supported. The client software can also be easily installed on either domain-joined computers (in any domain) or non-domain-joined computers. In addition, Intune works with System Center Configuration Manager to support more advanced PC and server management scenarios.
Distribution
Microsoft Intune is a user-based subscription service. It is licensed per user per month allowing up to 5 devices per user. Intune can be purchased as a stand-alone subscription or as part of Microsoft’s Enterprise Mobility Suite (EMS), which acts as a single license to use Microsoft Intune, Microsoft Azure Active Directory Premium, Microsoft Azure Rights Management Services, and Microsoft Advanced Threat Analytics. A free 30-day trial of EMS, which includes Intune is available.