EMS (Enterprise Mobility Suite) by Microsoft – Episode 21
EMS Part 3 of 3 Part Series – Microsoft Intune
In episode 21 Frank and Alfred take a deep dive into EMS Microsoft Intune. One of three things that comes with the Microsoft Enterprise Mobility Suite. In the next episode The Device Pros will cover the final component of EMS Microsoft Intune.
EMS includes Microsoft Intune which enables:
- Mobile application management across devices
- Broad device support for Windows, Windows Phone, Apple iOS, and Android devices
- Selective wipe of apps and data for greater security
What is Microsoft Intune?
Microsoft Intune simplifies how your business can manage and secure PCs and mobile devices so your computers and users can operate at peak performance, from virtually anywhere, on any device. With Intune, whether your employees are in the office or on the road, you can give them a rich, productive Windows experience without compromising the essentials—costs, control, security and compliance.
Device Management Capabilities
As a standalone service, Microsoft Intune offers the features in the following tables for supported mobile devices like iOS, Android, and Windows devices. You can manage Windows 8.1 devices using the Windows Intune client or enroll them as mobile devices. The following information for Windows 8.1 applies to Windows 8.1 devices that are enrolled as mobile devices.
Device security and configuration
- Security policies
- Remote Wipe, Remote Lock, and Passcode Reset
- Kiosk Mode
- App deployment and management
- Deploy software to mobile devices in Microsoft Intune
- Compliant and noncompliant apps
- Manage devices using configuration policies with Microsoft Intune
Company resource access
- Certificate profiles
- Wi-Fi profiles
- Email profiles
- VPN profiles
- Conditional Access policies
Inventory and reporting
- Manage reports in Microsoft Intune
You can integrate Microsoft Intune with Configuration Manager to enable deeper mobile device management to let users access company resources in a secure, managed way. By using device management, you protect company data while letting users enroll their personal or company-owned mobile devices and giving them access to company data. When you use Configuration Manager with Intune, you have the following management capabilities:
- You can retire and wipe devices
- You can configure compliance settings on devices. These include settings for passwords, security, roaming, encryption, and wireless communication
- You can deploy line of business apps to devices
- You can deploy apps from the store that the device connects to, Windows Store, Windows Phone Store, App Store, or Google Play
- You can collect hardware inventory
- You can collect software inventory by using built-in reports
Why Deploy Windows Intune
Supporting enterprise mobility in the workplace requires a simple way for users to register their personal or corporate owned devices for use and ways for IT to take the device registration into account as part of the authorization for access to corporate resources. Workplace Join in Windows Server 2012 R2 enables users to register their devices in Active Directory, and IT can require multi- factor authentication as part of this registration process. Additionally, users can enroll their devices for management, which connects the devices to Microsoft Intune and allows the installation of the company portal. This enables users to access their applications and data, and to self-manage their enrolled devices.