Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Device Management options in Office 365 and beyond

Published byKristopher Porter Modified over 6 years ago

Similar presentations

Presentation on theme: "Mobile Device Management options in Office 365 and beyond"— Presentation transcript:

1 Mobile Device Management options in Office 365 and beyond
Chris Goosen Office Servers and Services MVP Insight

2 Who am I? Senior Architect at Insight Based in Dallas, TX
Office Servers and Services MVP Microsoft Certified Master – Exchange Blog: LinkedIn: Podcast: thearchitects.cloud

3 In this session.. Introduction Industry trends driving mobility
The need for mobile device management Secret decoder ring – making sense of all the TLAs Mobile device management options in Office 365 Deployment advice and considerations

4 Industry trends driving mobility

5 Industry trends driving mobility
Cloud-first, mobile-first – Microsoft’s credo! Mobility is the new normal 54% of is now opened on a mobile device1 61% of workers mix personal and work tasks in their devices2 The work-at-home population has grown by 103% since 20053 IDC forecasts that the U.S. mobile worker population will surpass 105 million by 20204 Notes: 1.Litmus ”State of ” (March 2017) 2. Forrester Research: “BT Futures Report: Info workers will erase boundary between enterprise & consumer technologies,” 3. 4. IDC -

6 The need for mobile device management

7 The need for mobile device management
Managing BYOD scenarios can be challenging Device vs application management Providing choice while retaining control Delivering secure “on the go” collaboration Consumerization of devices Shadow IT – Where there’s a will there’s a way!

8 making sense of all the TLAs

9 making sense of all the TLAs
MDM – Mobile device management MAM – Mobile application management BYOD – Bring your own device CYOD – Choose your own device COPE – Corporate owned, personally enabled COSU – Corporate owned, single use MFA – Multi-factor authentication CYOD – Choose your own device: employees are offered a suite of choices that the company has approved for security, reliability, and durability. Devices work within the company IT environment, but the employees own their phone COPE – Corporate owned, personally enabled: Employees are supplied a phone chosen and paid for by the company, but they can also use it for personal activities COSU – Corporate owned, single use

10 Mobile device management options in Office 365

11 Mobile device management options in Office 365
Exchange ActiveSync MDM for Office 365 Intune Device Config Inventory mobile devices Remote factory reset (device wipe) Mobile device configuration (PIN requirement, PIN length, lock time, etc.) Office 365 Reports of devices that do not meet IT Policy Group-based policies & reporting Rooted and jailbreak detection Remove corporate app data from device while leaving personal data in place Prevent access to data until device in managed Advanced MDM & MAM Self service company portal for corporate apps Provision certificates, VPN profiles and Wi-Fi profiles Prevent cut/copy/save between corporate and private apps Secure content viewers and browsers Remote device lock PC Management

12 Mobile device management options in Office 365
Exchange ActiveSync (EAS) Simplest form of device management Included with Exchange server since Exchange 2003 SP2 Only manages access Managed via Exchange Admin Center PIN and Encryption requirements ABQ and simple device access rules

13 Demo Exchange ActiveSync (EAS)

14 Mobile device management options in Office 365
Office 365 MDM Included with Office 365 business and enterprise subscriptions Self service enrollment via Company Portal app Manages access to and Office apps Managed via Security & Compliance Center PIN and Encryption requirements Rooted and jailbreak detection profile on iOS

15 Mobile device management options in Office 365
Various system and device settings based on device type Supports the following devices: iOS 7.1+ Windows Phone 8.1+ Windows 8.1 & 8.1 RT ( only) Windows 10 & 10 Mobile (requires Azure AD Join) Android 4.0+

16 Demo Office 365 MDM

17 Mobile device management options in Office 365
Microsoft Intune Microsoft’s advanced MDM & MAM platform Included with Enterprise Mobility + Security (EMS) license Also available as a standalone option Managed via the Azure portal (AKA new console) Deploy certificates, Wi-Fi, VPN and profiles Comprehensive management of device settings

18 Mobile device management options in Office 365
Self service enrollment and app deployment via Company Portal Required apps installed automatically after enrollment Protect access to corporate data by restricting copy/cut/paste/save Securely view content on devices within managed apps Enable selective wipe scenarios Apply conditional access policies to cloud apps Apply conditional access policies to cloud apps Based on sign-in risk, platform, location or client app conditions Block or grant access with additional controls, e.g MFA

19 Mobile device management options in Office 365
Intune supported devices: iOS 8.0+ OS X 10.9 (Mavericks)+ Windows Phone 8.1+ Windows 8.1 & 8.1 RT, 10, 10 Mobile, 10 IoT Windows Android 4.0+ (including Samsung KNOX Standard 4.0+), Android for Work  Full list:

20 Deployment advice and considerations

21 Deployment advice and considerations
Don’t forget about modern authentication – Important for MFA Carefully configure your trusted network IP ranges Outlook for iOS/Android profiles not available (yet!) When comparing MDM solutions, resist the urge to only compare the spec sheets. Also consider: Rate of innovation Ecosystem Platform integration

22 Deployment advice and considerations
Know your Android – all Androids are not created equally Android No silent app installs Cannot configure profile Android for work Not supported on all devices & requires 5.0 Lollipop+ Creates separate “work profile” for corporate apps

23 Deployment advice and considerations
Android for work Silent app and certificate installs profile configuration Private app store Samsung KNOX Available on specific Samsung devices Certified by 29 governments

24 Deployment advice and considerations
Samsung KNOX Provides multilayer containerization Certain Android policies in Intune only apply to KNOX devices, e.g: Allow screen capture Require encryption on storage cards Allowed or blocked app lists Full list:

25 THANK YOU! QUESTIONS?

Download ppt "Mobile Device Management options in Office 365 and beyond"

Similar presentations

People Centric IT Unified Device Management with SCCM + Windows Intune

People Centric IT Unified Device Management with SCCM + Windows Intune
Mobile Device Management Intune-Configmanager CHANDAN BHARTI PREMIER FIELD ENGINEER-MICROSOFT.

Mobile Device Management Intune-Configmanager CHANDAN BHARTI PREMIER FIELD ENGINEER-MICROSOFT.
2 Agenda Introductions – Kathleen Wetherell Introduction of the Enterprise Mobility Suite– Kathleen Wetherell Overview of Microsoft’s Intune with Product.

2 Agenda Introductions – Kathleen Wetherell Introduction of the Enterprise Mobility Suite– Kathleen Wetherell Overview of Microsoft’s Intune with Product.
Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.

Windows 8.1 Device Management With Windows Intune Mark O’Shea MVP Windows Expert – IT Pro 30 June 2014.
Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.

Sophos Mobile Control. Tablets on the rise 2 Trends 3 75% of 157 polled companies encourage employee owned smart phones and tablets to access corporate.
Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.

Enterprise Mobility Platform Microsoft Differentiation Managed Mobile Productivity Layered Protection Hybrid Solutions Office 365DynamicsWorkday.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.

SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Microsoft Ignite /16/2017 3:59 PM

Microsoft Ignite /16/2017 3:59 PM
Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.

Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.
Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.

Protect your data Enable your users Unify Your Environment DevicesAppsData Help organizations enable their users to be productive on the devices they.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.

Desktop virtualization Access & information protection Mobile device & application management Hybrid identity Simplified device enrollment and.
4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.

4/17/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:

Windows Server 2012 R2 Capabilities for BYOD Scenario Yuri Diogenes Senior Knowledge Engineer Data Center, Devices & Enterprise Client – CSI Team’s Page:
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Howard A. Carter III Senior Consultant Microsoft Consulting Services

Howard A. Carter III Senior Consultant Microsoft Consulting Services
Harris Schneiderman Account Manager Kloud Solutions.

Harris Schneiderman Account Manager Kloud Solutions.
Enabling users to be productive, responsibly Finding the right balance Devices & Experiences Users Want Applications and data across devices, anywhere.

Enabling users to be productive, responsibly Finding the right balance Devices & Experiences Users Want Applications and data across devices, anywhere.

Similar presentations

Ads by Google