Thanks to covid-19 shaping how (and, most pressingly, where) we do business, 66% of employees (data from April, 2020) are working from home due to the coronavirus pandemic. While some of us are now filtering back to the office, many are still working from home. This is actually set to be the norm for many businesses into the future, with workers calling on more permanent flexible working options. The question we keep hearing is how can business owners assure security compliance from employees who are signing in from home?


Today, we want to tell you about Microsoft Intune, which is our answer to countless work-from-home security concerns. For readers who haven’t used Intune before, Microsoft created it for the purpose of mobile-device and operating-system management. If you issue company-owned mobile devices, or have a BYOD policy in place, it’s likely you have used—or at least heard of—Microsoft Intune. But what about small-to-medium businesses who have never had these options for employees, yet are now finding staff working from home where their work computers are right in the firing line of curious kids’ fingers or have networks with little-to-none firewall protection? This is why Intune plays a fundamental role in your working from home business strategy.


Nathalie, who works as a part of Microsoft’s Core Services Engineering and Operations, helps to build and operate the systems that run Microsoft. She says that ‘every company is at a different stage of their journey to the Cloud.’ This bleeds into one of the main benefits of Intune: it is flexible enough to suit businesses of every stage and size… from start ups to enterprises. Without further ado, let’s dig into how Intune is shaping working from home device security.

intune work from home

Conditional access lets you create a set of rules tailored to your security needs


Have you been concerned about how you’re meant to manage your employees’ use of technology when they’re working remotely? We’ve found that Intune is the way to pave security in the working from home environment that not only keeps company data from getting in the wrong hands, but also that of employees, stakeholders, and clients or customers.
Conditional access lets you protect data as soon as someone is using a device where they could potentially access it from. Ultimately, it insures that data can only be accessed by the right people under the right circumstances. If your employee is working at home from a shared desktop or laptop, or maybe checks their work email on the family iPad, it makes sure that data is protected by how Office apps can be used. These polices are based on conditions and specifications such as: user, location, device state, app sensitivity, and real-time risk. For example, organisation data can be isolated from personal data, so only your employee can access it—even on a shared device.

Manage devices and apps from the Cloud


Intune is a mobile application management (MAM) and mobile device management (MDM) provider for devices used in (and, importantly, taken outside of) the workplace. The flexibility of Microsoft Intune doesn’t end here, with the choice of being 100% cloud-based or co-managed with Configuration Manager and Intune completely up to you, the business owner. For MAM, you can deploy and authenticate apps on your employee’s BYOD (plus devices they solely use at home during this period) as well as on-premises devices. So, if employees are working from home some days and are in the office on others, you don’t need to worry about security gaps forming between different locations — they can even safely do work on the train or bus!


Not all devices have to be enrolled to use the security benefits of Intune when employees are working from home. What they need to access informs this decision. If users need full access to business resources, they can enrol their devices (this is mobile device management) and receive an MDM certificate. This is then used to communicate with the Intune service and the device receives the rules and settings you have created (such as password requirements, create a VPN connection, or set up threat protection).


During the working from home period, many people will be wanting to access work data on their own devices, but won’t want administrators to have full control of their personal phones, tablets, etc. You can use MAM to give users options, where app protection policies will secure company applications (like MFA), but keep the rest of the phone easily accessible for personal use (so you can’t accidentally wipe the video of their kid’s first steps or the cutting of their wedding cake). At the same time, your toddler won’t be able to accidentally wipe your files!

WFH

Security across iOs and Windows


So, your office is fit out with Windows gear and now half your staff want to work from home from their MacBooks, iPads, and iPhones. Is this secure? You’re not across Windows, so how do you ensure security compliance? It’s OK, Intune has you covered. Formally Windows Intune, Microsoft Intune now doesn’t discriminate against operating systems—app security, compliance, and conditional access are across all the devices your employees want to use. Intune can also be deployed across Android devices.

Teamwork & productivity when working from home


Having secure, streamlined access across devices to apps like Teams means employees can replicate the collaborative environment they’re used to in the office. As mentioned above, no matter what device the team are accessing their apps from, they will be able to safely access company data and work alongside others — alongside them digitally, that is! Even post covid-19, virtual teamwork will be the way of the future and Intune certainly empowers mobility. Intune, especially combined with your current cloud storage like OneDrive, delivers amazing productivity opportunities to employees working from home or — when we can travel and visit clients on-site again — on the move. Separating work and play, even on BYOD mobiles, tablets, and iPads, keeps your employee’s focussed even when they’re working from home.

Today, all 4,000 mobile devices are registered and managed in Intune,” says Mahdavi. “Having this level of access to their business productivity tools through a mobile device simplifies employees’ lives—no more carrying laptops and using the VPN solution to connect to the corporate network.

Mahdavi, Cadence
microsoft intune device enrollment

Use with the Microsoft 365 Suite


The seamless way Intune works with the Office 365 suite means it’s not hard to rollout during isolation and devices can be remotely set up. Intune means that, even with employees working out-of-office, they have secure access to the Office 365 suite whether they’re collaborating with their teammates in a shared document or writing up a file alone. With feelings of isolation being at the forefront of emotions during this time in the world’s history, Intune helps employees safely use Office 365 apps and therefore stay connected and retain a level of normalcy in their day-to-day.

Another great feature of Intune is that it comes with Microsoft’s Enterprise Mobility + Security (EMS) suite and integrates with Azure Active Directory (Azure AD) to control who has access and what they can access. Bringing it all back to cyber security, it also integrates Azure Information Protection for data security. This means that, even though you may feel like you don’t have the same level of security control that you have in the office, you’ll be taken care of by the partnership of Intune and Azure.

On the back of reading about just how crucial Microsoft Intune can be in the fabric of your business’s working from home strategy, how does it compare to your own business’s strategy? Can you see Intune improving your security. Let us know!