I was recently helping out a customer who wanted to manage Android mobile devices using Endpoint Manager for users in China. What is different from managing Android mobile devices for users in China and out of China? There is a significant difference and it is due to the services available on an Android mobile device that is required for managing the devices using Microsoft Intune. Microsoft Endpoint Manager provides 2 ways of protecting the mobile devices which are MAM-WE (Application management without enrollment) and Device enrollment (MDM). Following are some of the major differences between MDM vs MAM (app protection policies): MDM (Mobile Device Management) MAM(Mobile Application Management) Enroll devices Publish Apps Provision settings, certs, profiles Configure and update apps Auto install apps Secure corporate data within mobile apps Report and messure device compliance Report app inventory and usage Remove corporate data Remove corporate data Reset device Remote wipe (Corporate … Read More
Top 5 No-Brainers Security Features in Microsoft Intune
By 2019, when you plan to deploy modern device management solutions in your company, the security must be a priority. The cloud is accessible from anywhere on the planet and mobility allows users to connect from anywhere. Also, our society is changing and our lifestyle habits as well. Users that have access to corporate data without being forced to connect to the corporate network, is much more convenient. Before you start registering devices in Microsoft Intune, it’s important to set up the Intune portal safely. Moreover, the different operating system platforms, and the types of devices that connect to your network or cloud applications is important as well. Microsoft Intune is a leader in MDM solution and it contains strong security capabilities that you can’t miss like role-based administrative control (RBAC), enrollment restrictions, compliance policy and a couple more. On several occasions, we have noticed that companies do not use … Read More
Block Apple Facetime Built-in App with Microsoft Intune
A new bug was discovered with Apple’s Facetime app that gives the caller the ability to listen to the other device and even watch the video without approving the call. This vulnerability is not giving access to corporate data or personal information, but have more consequences on personal level. Even though Apple temporarily kill the switch of the service and seems to have solved the problem via a future software update, there are some actions that can be made if you want to avoid trouble. You can manually turn off the Facetime app with iOS and MacOS. But, can we block this kind of app in an enterprise environment? Yes, you can block the facetime app on all devices by deploying a device configuration with Microsoft Intune. This post will show you how to block Apple facetime built-in app with Microsoft Intune. Device Configuration Note that you can deploy this … Read More
Step-by-Step SCCM 1806 Upgrade Guide
It is now time to plan the migration of your SCCM Current Branch environment since Microsoft releases a new version of SCCM Current Branch. If you want to receive the latest updates, this post is a complete step-by-step SCCM 1806 upgrade guide. If you’re looking for a comprehensive SCCM installation guide, see our blog series which covers it all. You won’t be able to install 1806 if you are running SCCM 2012, the baseline version is 1802. To install SCCM 1806 as an update, you must have installed at least SCCM 1706, SCCM 1710 or SCCM 1802. Keeping your infrastructure up to date is essential. You can benefit from the new features and fixes issues, which some of them can be related to your SCCM. It’s also easier to upgrade to the latest version since Microsoft has implemented the new model of update servicing which is the in-console upgrade. SCCM 1806 New … Read More
Enterprise Mobility Suite available in Open Licensing
Since its release last year, Microsoft Enterprise Mobility Suite (EMS) was only available via the Enterprise agreement. Since March 1st, Enterprise Mobility Suite is available for sale through distribution via Microsoft’s Open License Program. Open Licensing offers flexibility and potential cost savings making it possible for distributors and re sellers to sell additional cloud services to small and medium-sized enterprises. What is Enterprise Mobility Suite? EMS is a product suite which include 3 products : Windows Intune Cloud-based enterprise mobility management that helps you control employee access to corporate applications and data on virtually any device Mobile application management across devices Broad device support for iOS, Android, Windows and Windows Phone devices Selective wipe of apps and data for greater security Use of System Center Configuration Manager and Endpoint Protection See a full product demo here Azure Rights Management Services (RMS) Comprehensive encryption, identity, and authorization policies designed to secure corporate files … Read More