If you plan to use biometrics for authentication, be sure your devices support biometrics. Biometrics, such as face recognition and fingerprints, can also be used. Or, use MFA to authenticate apps on personal devices. Use multi-factor authentication (MFA) for an extra layer of authentication on organization-owned devices. If you're planning to use certificates, use a supported public key infrastructure (PKI) infrastructure to create and deploy certificate profiles. Password-less is considered more secure than requiring users to enter their organization username and password. These certificates allow for a "password-less" user experience. Use certificates on devices to authenticate features and apps, such as connecting to a virtual private network (VPN), opening Outlook, and more. The following software updates planning guides can help you determine your update strategy:ĭetermine how users will authenticate to organization resources from their many devices. There are policies in Intune that help you manage updates, including updates to store apps. Create a plan on how and when updates are installed. Update the device, the OS, and apps to help keep your data secure. Conditional Access can automatically block organization access on this device, including email.Ĭonditional Access helps protect your network and resources from devices, even devices that aren't enrolled in Intune. If a device is compromised, you want to limit malicious impact using Conditional Access.įor example, Microsoft Defender for Endpoint scans a device, and determines it's compromised. Microsoft Defender for Endpoint includes security features and a portal to help monitor, and react to threats. Intune integrates with Microsoft Defender for Endpoint and different Mobile Threat Defense (MTD) partners to help protect your managed devices, personal devices, and apps. You also want to minimize the impact of malicious activity.Īntivirus (AV) and malware protection are a must. ✔️ Task: Determine how you want to secure your devicesĪntivirus, malware scanning, responding to threats, and keep devices up-to-date are all important considerations. When data is stored on mobile devices, it must be protected from malicious activity. These apps are supported partner apps and Microsoft apps that are commonly used with Microsoft Intune. Review the protected apps designed to work with Intune. These settings can be configured using Intune app configuration policies. If you plan to migrate to Microsoft Outlook, note the email configurations you currently use. Organization-owned devices (in this article). So, determine if you want to give users access to organization apps, such as email and meetings.įor more information and considerations, go to Personal devices vs. On personal devices, you might not have this control. On organization-owned devices, you can deploy Outlook and Teams, and manage and control all device settings and all app settings, including PIN and password requirements. Users expect to read and reply to email and join meetings on all devices, including personal devices. On mobile devices, you can deploy only these apps, instead of deploying the entire Microsoft 365 product family. On smaller devices, such as mobile phones, individual apps might be installed, depending on the user requirements.įor example, the sales team may require Teams, Excel, and SharePoint. Many organizations deploy Microsoft 365 apps to PCs and tablets, such as Word, Excel, OneNote, PowerPoint, and Teams. These apps are the apps you want on their devices. ✔️ Task: Make a list of the apps your users regularly use In Intune, you can deploy different types of apps, including: Users expect to work on devices using organization apps, including reading and responding to email, updating and sharing data, and more. Objective: Access organizational apps and email In this section, we discuss common objectives or scenarios when using Intune. When evaluating an MDM/MAM solution, such as Microsoft Intune, look at what the goal is, and what you want to achieve. Organizations use mobile device management (MDM) and mobile application management (MAM) to control organization data securely, and with minimal disruption to users. So, be sure to add or update existing tips and guidance you've found helpful. Want to print or save this guide as a PDF? In your web browser, use the Print option, Save as PDF.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |