There are undeniable benefits of employees being about to log into their company accounts while they’re out of the office. Productivity and collaboration are just two of these. However, the increased risk of company information getting jeopardised is also undeniable. Insecure remote access is a huge reasons companies may resist the push to go mobile. But, with mobile device management for Office 365, you don’t need to worry about the risk outweighing the gain.
You may be looking for a MDM solution and trying to decide between Microsoft Intune and the built-in mobile device management for Office 365. Yes, there’s a difference! Microsoft Intune is more of a stand-alone or bolt- on mobile device management system. This is opposed to the built-in mobile device management for Office 365. This is a simplified MDM feature that comes included with your Office 365 subscription.
The mobile device management for Office 365 has several capabilities that may serve your needs as a modern business. This allows you to secure and manage mobile devices within your organisation. Microsoft Intune is a dedicated mobile device management system. So, you’ll need to evaluate what your needs are in terms of mobile device management and what features you require for your business.
If you’re looking to understand more about mobile device management for Office 365, then read on.
Capabilities of Mobile Device Management for Office 365
Even without Intune, mobile device management for Office 365 is built in to manage all your devices via the Office 365 admin centre. It doesn’t have the same capabilities as Intune, but it may have enough―even just for now―to protect your business as you make the transition from work-desktops-only to work-issued mobile devices or even BYOD in the office. From Office 365, you can expect the following:
Supports multiple devices
Mobile device management for Office 365 supports many devices. This includes iPhone, iPads (iOS 7.1 or later), Android phones or tablets (Android 4 or later), laptops and PCs (Windows 8.1, and Windows 10), and Windows mobile.
Apply settings and restrictions on users’ mobile devices using security policies.
You can create and deploy security policies with mobile device management for Office 365. This will help secure your data from threats. For example, you can set a policy so that a device will lock after a set time of inactivity, or after multiple sign-in failures. This ensures that, if the device gets in the wrong hands (it may have been lost or stolen), the phone remains secure and data loss is prevented.
Control mobile access to your organisation’s information based on a device’s status.
Users must complete an enrolment process before they can have access to Office 365 on their mobile device. Depending on how you set up policies, devices that are non-compliant can be blocked from accessing Office 365. You can check the status of user devices that have a particular policy applied and manage the state of devices.
Remotely wipe corporate data from mobile devices.
You can remotely wipe corporate data from a BYOD device. This is a huge timer saver as you don’t need to physically hand the device over to the IT team to secure any data on it. This action, however, will wipe everything on the device. Thankfully, if you have Intune, personal apps, messages, files etc, can remain untouched while corporate data is wiped.
Block/unblock unsupported devices from accessing Exchange email.
Block app access to Office 365 email for mobile devices that aren’t supported by mobile device management for Office 365. This will help to secure your organisation’s data. There is more information on how to do this on the Microsoft website.
Set up device policies like password requirements, MFA, and security settings.
Secure employees’ Office 365 sign-in by using MFA―multi factor authentication. This secures the sign in process by requiring a second form of authentication. After putting in their password correctly, users are required to acknowledge a phone call, text message, or app notification on their mobile device their work account password. Once this second form of authentication is completed, they will be able to enroll their device. Once they have enrolled their devices in mobile device management for Office 365, employee’s use their work account alone to view resources and collaborate in Office 365.
Review list of enrolled devices
You’re able to ensure information security by quickly and easily viewing which devices are enrolled, blocked, or compliant with security policies.
Remove devices so they are no longer managed by mobile device management for Office 365
If devices aren’t compliant with security policies, you can easily remove their access to Office 365. You can also do this if an employee is leaving the business but has been using their own phone for work purposes, or if there is a data breach, etc.
Additional capabilities of Mobile Device Management for Office 365 with Intune
Support your diverse mobile ecosystem
Intune offers a single endpoint management solution for securely managing iOS, Android, Windows, and macOS devices. Deployment can be streamlined and automated, as can other features like provisioning, policy management, app delivery, and device updates.
Achieve IT efficiencies in the Cloud
You can stay up to date with highly scalable cloud service architecture that is distributed across the globe. Make the most out of the Cloud’s intelligent insights, as well as security-policy and configuration-setting baselines. These are easy and simple to deploy!
Protect data with or without device enrollment
If you’re not managing devices used by employees or other stakeholders, and these devices contain work files, don’t worry! You can still ensure data will be safeguarded. This is done via Intune app protection policies, which provides control over Office 365 data.
Access our team of deployment experts and get support anytime
Global deployment support is included with your subscription―all day, every day. This includes helping you get Intune up and running, as well as addressing maintenance queries.
Modernize Windows 10 management without compromising control
Get the most integrated and complete Window 10 device management, app-lifecycle management, and user provisioning capabilities with Intune for mobile device management. With Intune, you can lower your total cost of ownership and gain intelligent cloud-based management using co-management integration between the system centre configuration manager and Intune. This means that your employees can enjoy all of the perks of sitting behind a modern interface, while giving you the peace of mind you need.
Manage your diverse mobile ecosystem from the Cloud
Grant your employees the satisfaction and convenience of choosing the mobile devices and apps for work they’d like to use, while simultaneously protecting your data. You can enjoy integrated data protection and compliance capabilities that let you be precise about what data different users can access. You also have control over what they can do with the data they can access via Office and other mobile apps.
Cutting-edge information protection in Office 365
Provide a collaborative, personalised Office experience for your employees without compromising their productivity. This collaborative environment can remain safe and secure with granular data controls within Office mobile apps. Conditional access policies for Exchange, SharePoint, and Teams should also be utilised. One big benefit of Intune is that you can keep work and personal data separate! This is done by using in multi-identity apps―applying data security policies based on corporate user identities. To always stay current, you can streamline Office 365 ProPlus deployment and updates on Windows 10.
Protect at the front door with conditional access
Define comprehensive policies that only allow the right people under the right conditions to access your company data. You’ll also be ensured the data stays protected by controlling how they use it within Office and other mobile apps. Enforce the policies based on conditions you specify. This can include: user, location, device state, app sensitivity, and real-time risk. Proactively reduce the risk in your environment with AI and machine learning from billions of signals received in the Cloud.
Mobile Device Management for Office 365 vs Microsoft Intune
As mentioned, Mobile Device Management for Office 365 manages devices through the Office 365 admin centre. Microsoft Intune, however, manages devices through the Microsoft Intune Cloud console or the System Centre Configuration Manager console.
MDM for Office 365 comes included in most Office 365 subscriptions, whereas Microsoft Intune requires a separate paid subscription or can be purchased with the Enterprise Mobility Suite.
Microsoft Intune has a dedicated admin console for managing devices whereas mobile device management for Office 365 is managed through the Security and Compliance Centre for Office 365.
MDM for Office 365 allows you to manage iOS, Android and Windows devices whereas Intune can also manage Mac OS X in addition to these.
MDM for Office 365 has the primary function of managing access to corporate email and documents on phones or tablets, including setting and managing security policies for mobile devices. Microsoft Intune can do all this, but performs several additional functions as well, such as deploying business apps to all enrolled users or enable secure web browsing―learn more via the Microsoft website.
Why Choose Mobile Device Management for Office 365?
Trying to determine if the mobile device management for Office 365 addresses the needs within your business, or if you need the greater capacity of Microsoft Intune, can be tricky. If you’re already using Office 365, of course the former option is infinitely more convenient, as it’s already built in to the system.
You will need to evaluate your needs as a business in terms of mobile device management by considering the following:
- How much are you looking to spend?
- If you’re already subscribed to Office 365, are you willing to pay for an additional subscription to Intune?
- How much control do you need across all devices?
- Do users just need to access work documents and email, or will they be performing a greater percentage of work via the mobile device?
- Will users need access to web browsing?
- Will you require users to utilise any internal business apps?
- Do you need to set up mobile app management policies that will be enforced even if devices aren’t enrolled?
- What devices will you need to manage? iPhones, Android phones, tablets, Mac or PCs?
These questions will help you to narrow down where your needs lie in terms of mobile device management and determine if you’ll want to take the next step towards Microsoft Intune, or stick with the built-in mobile device management for Office 365.
Considering which mobile device management solution should be part of your overall cyber security strategy. If are unsure where to start, take a look at our Cyber Security Guide for Small to Medium Business.