Skip to content

Mobile Device Management (MDM)

What is Mobile Device Management (MDM)

Mobile Device Management (MDM) is a solution that allows IT departments to set policies that secure, monitor, and control end-user mobile devices. This includes mobile phones, tablets, and laptops.

Using an MDM solution, organisations can make sure that only authorised people and devices get access to proprietary information. Similarly, device users can feel at ease accessing work data from their mobile devices, because they know their device meets their organisation’s security requirements. 

Microsoft Intune is a cloud-based service that focuses on MDM and mobile application management (MAM). You control how your organisation’s devices are used. You can also configure specific policies to control applications. For example, you can prevent emails from being sent to people outside your organisation. Intune also allows people in your organisation to use their personal devices for school or work. On personal devices, Intune helps make sure your organisation’s data stays protected and can isolate organisation data from personal data.

Intune is included with Microsoft 365, and integrates with Azure Active Directory (Azure AD). Azure AD helps control who has access, and what they have access to.

6 Most common business scenarios for Intune

Protecting your on-premises email and data so it can be safely accessed by mobile devices.

Most enterprise mobility strategies begin with a plan to enable secure access to email for employees with mobile devices that connect to the Internet. Many organisations still have on-premises data and application servers, such as Microsoft Exchange, that are hosted on their corporate network. Intune provides a uniquely integrated Conditional Access solution for Exchange Server, which ensures that no mobile app can access email until that device is enrolled with Intune.

Protecting your Microsoft 365 email and data for safe access by mobile devices. 

Intune provides a uniquely integrated Conditional Access solution that ensures no users, apps, or devices can access Microsoft 365 data unless they meet your organisation’s compliance requirements (performed multi-factor authentication, enrolled with Intune, using managed app, supported OS version, device pin, low user risk profile, etc.).

Offer a bring your own device (BYOD) program to all employees

BYOD continues to grow in popularity among organisations as a means to reduce hardware expenditures or increase mobile productivity choices for employees. Intune protects the corporate data even if the app in question accesses both corporate and personal data, as is the case for Office mobile apps.

Issue corporate-owned phones to your employees

Many employees are mobile these days, making productivity on mobile devices an imperative to be competitive. Your employees need seamless access to all corporate apps and data, at any time, wherever they are. You need to ensure that corporate data is secure and administrative costs are low. Intune offers bulk provisioning and management solutions that are integrated with the major corporate device management platforms on the market today, including the Apple Device Enrollment Program and the Samsung Knox mobile security platform.

Issue limited-use shared tablets to your employees

Employees are increasingly making use of mobile technologies. For example, shared tablets are now commonly used by retail store employees. Whether they are used to process a sale or instantly check inventory, tablets help create great customer interactions. Intune enables you to bulk provision, secure, and centrally manage these shared iOS and Android devices that can be configured to run in this limited-use mode.

Enable your employees to securely access Microsoft 365 from an unmanaged public kiosk

Sometimes your employees need to use devices, apps, or browsers that you can’t manage, such as the public computers at trade shows and in hotel lobbies. Should you allow your employees to access corporate email from these devices? With Intune and Microsoft Enterprise Mobility + Security, the answer can simply be “no”, by limiting email access to devices that are managed by your organisation. This ensures that your strongly authenticated employee doesn’t accidentally leave corporate data on the untrusted computer.

Safeguard your organisation today