A little over 5 months ago Australia went into lockdown causing IT departments to re-think their internal communication and management channels. Businesses that heavily relied on on-premises infrastructure to manage their laptop fleet had to quickly rethink how they were going to securely navigate the challenges of a remote workforce.
If you are not already aware, Microsoft Endpoint Manager (aka Intune) is a cloud based mobile device management platform which is part of the Microsoft 365 Enterprise+Mobility suite that allows your organisation to manage mobile devices, be that company owned or BYOD. For the purpose of this article (and to keep it short) I will only be covering two key points, however out of the box Endpoint Manager supports Data Encryption Enforcement, Remote Data Wiping, Application Distribution, Password Enforcement and Device Inventory, to name a few!
Endpoint Manager Benefit 1: Zero Touch Deployment, straight from the factory!
Autopilots the name and it removes the requirement of a technician touching the device before it is assigned to an employee. That’s right. You can ship a device straight to an employee from your supplier and ensure that any settings, polices and applications, such as Word, Excel and Teams are configured as part of an enrolment process which transforms the device into a “business-ready” state.
Once the device has been enrolled into Endpoint Manager, its lifecycle is simplified and can:
- Reduce the time IT spends on deploying, managing, and retiring devices
- Reduces the infrastructure required to maintain devices, and
- Maximises ease of use for all types of end users
With all the uncertainty of lockdowns (especially in Melbourne), being able to distribute a new device to an employee without having to leave your home is a no-brainer with Autopilot.
Endpoint Manager Benefit 2: Secure access to email and data through Office 365
Many organisations have moved to Office 365 for email and collaborative file sharing however, in Office 365s default state an employee can access these services from anywhere on almost any device. In all cases, this is not desirable as it leaves your organisation at risk of a data breach.
Endpoint Manager can leverage Azure Active Directory Conditional Access, which allows organisations to enforce a set of If-then compliancy requirements. For example, you can enforce location-based access (country) and mandate that Multi-Factor authentication is enabled. If those two requirements are not met, the user is prevented from signing in.
This can be taken one step further by enforcing a compliancy policy that dictates settings such as Operating System version, whether a simple password has been used or if the Firewall and Anti-Virus are enabled.
I have only touched the surface with the feature set available in Endpoint Manager. If your team needs to start managing devices remotely and you don’t know where to start, get in contact with our team today!