3. Business anywhere
The explosion of devices is
eroding the standards-based
approach to corporate IT
Devices
Deploying and managing
applications across
platforms is difficult
Apps
Today’s challenges
Data
Users need to be productive
while maintaining
compliance and reducing
risk
Users expect to be able to
work in any location and
have access to all their
work resources
Users
4. Business anywhere
Devices AppsUsers
Empowering People-Centric IT
Enable users
Allow users to work on the
devices of their choice and
provide consistent access to
corporate resources
Protect your data
Help protect corporate
information and manage riskManagement. Access. Protection.
Data
Unify your environment
Deliver a unified application and
device management on
premises and in the cloud
5. Business anywhere
Selecting the management platform
Unified Device Management: System
Center 2012 R2 Configuration Manager
with Microsoft Intune
Build on existing Configuration Manager
deployment
– Full PC management (OS Deployment, Endpoint
Protection, application delivery control, rich
Cloud-based management: Standalone
Microsoft Intune
No existing Configuration Manager deployment
Simplified policy control
Simple web-based administration console
Microsoft Intune
6. Business anywhere
Microsoft Intune standalone service
Windows PCs
(x86/64, Intel SoC)
Windows RT,
Windows Phone 8.x
iOS, Android
Microsoft Intune
7. Business anywhere
Manage and secure devices anywhere
Simple web-based administration console
and a richer experience for information
workers
Help protect PCs from malware
Manage updates
Proactive monitoring and alerts
Provide remote assistance
Inventory hardware and software
Monitor and track licenses
Increase insight with reporting
Set security policies
Distribute software
Richer mobile device management
8. Business anywhere
End user experience
Consistent self-service experience for end users across mobile platforms
Available in the
Windows Store
Windows Phone iOS
Side-loaded
during enrollment
Available in the
Apple App store
Windows Android
Available in the
Google Play Store
9. Business anywhere
Mobile device inventory
Hardware properties for mobile
devices are collected through the
Device Management Authority, as
well as Exchange ActiveSync
No software inventory for mobile
devices to respect the information
workers’ privacy on their own
device
IT pros can track storage on
mobile devices, which helps
them anticipate and
troubleshoot issues
10. Business anywhere
Settings management
• Security policy on devices by direct management and EAS
• New expanded policy set
Reporting available on
each setting, whether it
is applicable,
conformant, or has an
error
The same security
policy template is
used for both direct
management and
EAS to help admins
Older Android and
Windows Phone 7
devices can be
managed through
EAS
11. Business anywhere
Mobile device settings in Microsoft Intune
Category Windows 8.1 PC
and RT
Windows
Phone 8.1
iOS Android
Password
Encryption
Malware
System settings
Cloud
Windows Server Work Folders
Browser
Applications and gaming
Device restrictions
Store access
Roaming
* Subset of settings Note: Table applicable to direct MDM and not EAS
12. Business anywhere
Software distribution summary
Platform
Desktop apps
(.msi, .exe)*
Modern app types
Side loading Deep
links
Web
apps.appx .xap .ipa .apk
Windows 8 Pro and
Enterprise
Windows RT
iOS
Android
Windows Phone 8
Windows 7 and below
13. Business anywhere
Personal Apps
and Data
Lost or Stolen
Company Apps
and Data
Remote App
Protect your data
Help protect corporate information and manage risk
Centralized
Data
EnrollmentRetired
Company Apps
and Data
Remote App
Policies
Policies
Lost or Stolen
Company Apps
and Data
Remote App
Policies
Personal Apps
and Data
Retired
Personal
Apps and
Data
IT can provide a secure and
familiar solution for users to
access sensitive corporate data
from anywhere with VDI and
RemoteApp technologies.
Users can access
corporate data regardless
of device or location with
Work Folders for data
sync and desktop
virtualization for
centralized applications
• Selective wipe removes
corporate applications,
data, and policies based as
supported by each
platform
• Full wipe if supported by
each platform
• Can be executed by IT or
by user via Company Portal
• Sensitive data or
14. Business anywhere
New device actions in Microsoft Intune
Remote Lock
• If a device is lost or stolen, a Microsoft Intune admin can remotely lock the device to its lock
screen.
• Supported on iOS, Android, Windows, and Windows RT
Passcode Reset
• If users forget the passcode to unlock their device, a Microsoft Intune admin can remotely reset
the passcode
• iOS – Clears passcode from device
• Android – Temporary passcode is created
• Not supported on Windows or Windows RT