What is Intune? Microsoft Intune is the “management arm” of Microsoft Enterprise Mobility + Security (EMS, formerly known as Enterprise Mobility Suite). Enterprise mobility is about providing a means to all of your employees to be productive on all of their devices but, at the same time, keeping your organization’s information protected.
EMS as such is a complete, integrated suite for enterprise mobility inclusive of productivity, identity, access control, management, and data protection. It gives you an effective way to deploy and operate a mobility solution in your organization.
With Intune it allows and helps you to manage mobile devices and mobile apps. It integrates closely with Azure Active Directory (Azure AD) for identity and access control, and Azure Rights Management (Azure RMS) for data protection.
Ubiquitous business problems that Microsoft Intune helps to solve :
- Securing your on-premises email and collaboration infrastructure so that it can be accessed by mobile devices and apps on the Internet.
- Securing your Office 365 infrastructure so that it can be safely accessed by mobile devices and apps on the Internet.
- Allowing your organization to issue mobile phones to its employees.
- Allowing your organization to provide limited-use “shared devices” for task workers.
- Allowing your organization to implement a secure “bring your own device (BYOD)” or personal device strategy.
- Allowing your organization to support employees accessing Office 365 from devices and apps that you don’t control, such as a kiosk in the lobby of a trade show.
The fundamental tools that Intune offers include:
- Mobile device management (MDM): The ability to enroll devices in Microsoft Intune so that you can provision, configure, monitor, and take actions on those devices, such as wiping them.
- Mobile application management (MAM): The ability to publish, push, configure, secure, monitor, and update mobile apps for your users.
- Mobile application security: As a part of managing mobile apps, the ability to help secure mobile data by isolating personal data from corporate data and allowing the corporate data to be selectively wiped.
These tools are used in various combinations to enable the common business scenarios above. For example, shared device scenarios make heavy use of MDM. BYOD scenarios typically rely on MAM. And the corporate phone scenarios build upon both. Almost all of the scenarios make use of mobile application security. The technology itself is flexible and can be adapted to all sorts of scenarios beyond the ones that we describe here.