Mobile Device Management or MDM is a headache for all IT departments who allow mobile devices to connect and sync company information. The issues of protecting company data and information become even worse in today's "bring your own device" world, employees want the ability to use their own personal devices for both business and personal use. How does IT manage the balance between company security and end user efficiency? Many find the balance by utilizing an MDM tool.
Microsoft has moved into MDM space these past several years; early on with Exchange ActiveSync, later with the development of the InTune solution, and now with Office 365.
There are some key differences between how each service manages your mobile devices. They are outlined in the provided chart above, but we will also give more specifics below.
Exchange ActiveSync is a client protocol that lets you synchronize a mobile device with your Exchange mailbox. Exchange ActiveSync is enabled by default when you install Microsoft Exchange 2013. Basically, this technology only contains the most rudimentary of MDM policies. As shown above, IT has limited things that it can do including basic inventory, device lock, full device wipe, basic on/ off provisioning, and security pin requirements.
MDM for Office 365:
With Office 365, administrators will get the tools necessary to manage the corporate items, email and documents, across multiple platforms i.e. iOS and Android, for no additional cost!
- Conditional Access:
- Set up security policies to ensure that Office 365 corporate email and documents can be accessed only on phones and tablets that are managed by your company and that are compliant with your IT policies.
- Device Management:
- Set up and manage security policies, such as jailbreak detection, to help impede unauthorized users from accessing corporate email and data on a device if it is lost or stolen.
- Selective Wipe:
- Remove any Office 365 company data remotely from an employee’s device while leaving their personal data untouched.
For a quick video overview of MDM for Office 365, check out this.
Companies can provide employees with access to corporate applications, data, and resources from virtually anywhere on almost any device, while helping to keep corporate information secure. Includes all of the following + all of the MDM for Office 365 capabilities.
- Advanced mobile device management:
- Provision and manage certificates, Wi-Fi, VPN (device and app-specific), and email profiles automatically for devices that enroll, enabling users to access corporate resources with the appropriate security configurations.
- Enroll and manage collections of devices, simplifying policy and app deployment.
- Mobile application management:
- Deploy your internal line-of-business apps and apps in public app stores to users.
- Enable your workforce to securely access corporate information using the Office mobile apps they know and love, while preventing leakage of company data by restricting actions like copy, cut, paste, and save as, to only those apps managed by Intune.
- Extend protection for company data to existing line-of-business apps by using the Intune App Wrapping Tool.
- Enable secure viewing of content using the Intune Managed Browser, PDF Viewer, AV Player, and Image Viewer apps.
- PC management:
- Manage devices from the cloud with no infrastructure required using Intune, or connect Intune to System Center 2012 Configuration Manager to manage all of your devices including PCs, Macs, Linux and UNIX servers, and mobile devices from a single management console.
For a quick video demo of MDM for Microsoft Intune, check out this.
Confused on your options? Interlink is available to talk you through the options and determine what is best for your organization. Contact us here or at 800-900-1150!