Download presentation
Presentation is loading. Please wait.
Published byRobyn Mary McKenzie Modified over 7 years ago
1
Microsoft Intune Product Overview Presentation
2
Agenda 1 Business context 4 Experience 2 Why Intune 5 Scale 3 Vision
3
Leveraging the Cloud Platform to Boost Mobile Productivity
Transformation and end user expectation The digital transformation brings new challenges for IT, as they strive to protect data, while enabling employees to stay productive. End user expectations have never been higher, they expect a mobile productivity experience that matches their consumer experiences. There’s a digital transformation under way, as IT makes a move to the cloud --and employee expectation is to be able to be productive on the go, across devices – with an experience that matches their consumer experiences. All this change at once brings new challenges for IT, as they strive to protect data while enabling employees to stay productive, while protecting corporate data in today’s increasingly complex mobile landscape.
4
Consider the data in your email and docs
Think of the volume of information that moves through Outlook– the sensitive data you put into Word, Excel, and PowerPoint. Everyday. Intellectual property Product development Strategic direction Growth plans Competitive plans Board presentations Confidential client information Corporate secrets Internally only licensed content For many companies, their first step into the cloud is with Office 365. Office 365 gives end users the experience they expect across all of their devices, while providing enterprise grade security and compliance for data on our servers – knowing that their data is as safe if not safer than data stored on their on-premises servers in the past. But how to protect the data after it is accessed, as it courses through the mobile devices of your workforce – and how do you ensure that only the right people on healthy devices under approved circumstances access that data?
5
Balancing productivity with protection.
How do IT Pros empower their users to be productive, while protecting the massive amounts of data flowing through their mobile ecosystem? The real question this leads us to is -- how do IT Pros empower their users to be productive, while protecting the massive amounts of data flowing through their mobile ecosystem?
6
Optional --video that explores this challenge from the perspective of real IT Pros and real end users. 2:23 length
7
Empower every person and every organization on the planet to achieve more.
This challenge fits perfectly into Microsoft’s wheelhouse – just consider our mission – to empower every person and every organization on the planet to achieve more.
8
“Digital Transformation is about the mobility of the human experience”
–Satya Nadella And enabling mobility is top of mind for our executive leadership team.
9
Microsoft Intune Manage your diverse mobile environment in a secure and unified way with Microsoft Intune. Intune is part of Microsoft’s vision – for enabling a secure mobile workforce, by delivering a set of tools that let you manage your diverse mobile environment in a secure and unified way. Whether your people are using iOS, MacOS, Android or Windows devices – Intune can hep you deliver productivity to your people across end points while keeping your data secure at every turn. Today we’ll look at how Intune delivers in three important areas: How we deliver on a unified Microsoft vision for a secure and productive enterprise our focus and commitment to experience for both end users and IT Pros And how we’re ready to solve your needs today – and we’re ready for your evolving needs..by offering unparalleled flexibility, choice and scale for how you manage your mobile ecosystem Vision Experience Ready
10
Enterprise mobility management with Intune
Mobile device management Mobile application management PC management User IT Optional slide for customers that are not familiar with Intune’s high level capabilities…. Microsoft Intune Protect your data Enable your users Strategically direct the flow of your mobile ecosystem, giving your end users the experience they expect while ensuring your corporate data is protected at every turn.
11
Vision Experience Ready
MICROSOFT INTUNE Let’s look first at how we deliver on a unified Microsoft vision Vision Experience Ready
12
Delivering on a unified Microsoft vision
Control access to your data Built with EMS, Office and Windows, Intune delivers on a unified Microsoft vision to transform the way enterprise secures mobile productivity. This combined effort enables awesome end-to-end scenarios. Control what happens to your data after it’s been accessed Modern PC management The way Intune works across EMS, Office and Windows – to deliver on Microsoft larger vision for secure productive enterprise - let’s you have awesome end to end scenarios that you can’t get anywhere else: The ability to control access to your data - based on multiple layers of context and risk data. The ability to control what happens to your data after it’s been accessed. And full Modern PC management capabilities.
13
Control access to data based on real-time context
Conditional access allows you to define policies that provide contextual controls at the user, location, device, and app levels. As conditions change, natural user prompts ensure that only the right users on compliant devices can access sensitive data. Let’s take a look at how we help you control access to your data. Conditional access from EMS combines the power of Intune and Azure AD Premium to make sure that only the right people, on approved devices, under the right circumstances can access your data. With conditional access, you can define adaptive policies that limit access to your corporate data based on location, device and user state, and application sensitivity. Plus, our risk detection capabilities, which leverage billions of signals daily, can detect suspicious behavior and apply risk-based conditional access that protects your applications and critical company data in real time.
14
Risk-based conditional access
10/7/2017 5:50 AM Risk-based conditional access Block access Wipe device Conditions Allow Enforce MFA Remediate Actions Location (IP range) Device state User group User MFA Risk On-premises applications Microsoft Azure Risk (Low, Medium, High) Based on the state of the conditions you have set, you can set controls that allow, restrict, require MFA or remediate the issue. You can also set a control to wipe the device. Azure Active Directory Premium Microsoft Intune Microsoft Intelligent Security Graph © 2013 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
15
Multi-identity policy
Control what happens after the data is accessed Managed apps Personal apps Managed apps Corporate data Personal Multi-identity policy Our app protection policies allow you to control what happens to docs and data after they’ve been accessed. App encryption at rest App access control – PIN or credentials Save as/copy/paste restrictions App-level selective wipe Managed web browsing Secure viewing of PDFs, images, videos Restrict features, sharing and downloads And then there is an unprecedented ability to control what happens after the data is accessed. Our unique approach to data protection allows us to protect the data at the app level, with out the need for traditional containerization or sandboxing. And because we leverage the user identity in our approach, we can enable multi- identity usage of apps - -where app policies are intelligent enough to only apply to data applicable to corporate accounts. Our capabilities here include: App encryption at rest App access control – PIN or credentials Save as/copy/paste restrictions App-level selective wipe Managed web browsing Secure viewing of PDFs, images, videos Intune has been working directly with the Office team to define our app protection strategy. Intune is the only mobility management solution that can control Office with this much granular control, without compromising on the end user experience. Personal apps MDM – optional (Intune or 3rd-party)
16
Everything you need for modern PC management
With the different options in Windows 10, plus Configuration Manager and Intune, you have the flexibility to stage implementation of modern management scenarios while targeting different devices the way that best suits your business needs. And if your ready to take the step to full modern PC management we have the full set of capabilities available. And will continue to work closely with Windows to bring new capabilities to you when they are available. Modern management – is here with Intune – if your ready. If you want to start with a mixed environment of traditional PC management and Modern management -- the different options in Windows 10, plus Configuration Manager and Intune, you have the flexibility to stage implementation of modern management scenarios while targeting different devices the way that best suits your business needs.
17
Vision Experience Ready
MICROSOFT INTUNE Now lets look at how we deliver on experience for end users and IT Pros Vision Experience Ready
18
An awesome end-user and IT Pro experience
Real Office apps Natural and intuitive, the best experience for both end users and IT Pros. The control and support IT requires; the experience your people expect. Protect data with and without device enrollment Intune on Azure We believe that your only as good as the experience you enable, which is why we are so focused on providing both end users and IT Pros a natural and intuitive experience that just works. A great experience for end users means they have a higher likelihood of actually using the protected solutions that you provide them – less likely to create workarounds that are completely off your radar to get work done. And for IT Pros this means that you spend more of your time strategically managing the flow of your mobile ecosystem – empowering your users to be productive across the diverse end points that they work on – while your data stays secure. Support to get you started and keep you going day-to-day
19
The Office apps end-users expect
Give your people the real Office experience they expect, without compromising the control you need. Intune gives you unparalleled control over the data in that moves through Office - across all your devices. With Intune you can give your people the real Office experience they expect without compromising the control you expect. Intune is the only mobility management solution that can control Office with this much granular control, without compromising on the end user experience.
20
Protect with and without enrollment
Intune’s application protection policies give you the versatility to manage your data with or without device enrollment. Our ability to protect data with our without device enrollment give you the ability to enable scenarios where corporate data can be accessed securely even when a user is reluctant to enroll the device – which you can find sometimes with BYOD scenarios…
21
A new admin experience with Intune on Azure
Intune on Azure empowers IT Pros be more strategic and proactive in today’s do-more-with-less business environment. A new service platform -built for scale The power of Microsoft Graph Optimized administration of core EMS workflows From now, through the first quarter of 2017, the Intune administrative experience for both MDM and MAM will be migrating completely to the Azure Portal. This move to Azure, brings some important new benefits for IT Pros using Intune, Including: A new service platform with increased scale and reliability. The new platform provides the foundation for nearly unlimited scale moving forward and ready to easily handle and render huge numbers of objects, like devices, users, and groups. And the new admin experience on Azure can run in any browser, on any device The ability to harness the Microsoft Graph for automation and reporting. Intune, like many Microsoft cloud services such as Office 365, will use Microsoft Graph for API exposure --providing interfaces for both IT Pro and IT systems integration. With the Graph, an IT Pro can bulk add and deploy applications to devices without even opening the console. You can also audit any actions done through APIs or the console, providing powerful insights into who made changes when. IT Systems can be integrated with Graph to pull data as well for example, you could pull detailed asset information on devices into asset management or reporting systems. And the new admin experience on Azure provides an optimized IT experience for cross EMS workflows. Workflows that cross EMS services, like Conditional Access, are simplified and optimized administratively through the combination of Azure Active Directory and Intune through the Azure Portal. The Azure Portal administration experience also incorporates role-based access, that allows you to segment administrative actions across the appropriate mobility-management personnel in customer IT organizations. And it brings deep integration with Azure Active Directory groups, which can represent both users and devices as native, dynamic targeting groups, fully federated with an organization’s on-premises Active Directory.
22
World class support – included
FastTrack provides you access to a team of engineers dedicated to helping you plan and execute your deployment. And our 24/7 support ensures you have the support you need day to day. Both included with your Intune subscription. Finally, Intune comes with an incredible support package. Including FastTrack support which provides access to a dedicated team of engineers that can help you plan and execute your Intune deployment And we offer 24/7 support in multiple languages to make sure you have everything you need to stay up and running day-to-day. Both included free of charge with your Intune subscriptions.
23
Vision Experience Ready
MICROSOFT INTUNE Next we’ll look at how Intune is uniquely positioned readily meet your needs today and tomorrow. Vision Experience Ready
24
Meets your immediate needs and adapts to your evolving IT strategy.
Flexibility and choice in how you manage your mobile ecosystem Microsoft Intune is built from the cloud, with the flexibility and control that meets your needs today, and scales as your mobile strategy matures and evolves over time. Inclusive partner ecosystem Where you are today is not where you will be tomorrow, so having a solution that can adapt as your mobile strategy evolves and matures is critical. Our ability to do so means that Intune is an investment that will take you into the future. Now let’s look at how we deliver on this. Microsoft Cloud Infrastructure
25
You need flexibility in a complex device ecosystem
Company-Managed Microsoft Intune provides you option that allow you to keep your data secure across a range of scenarios that occur day-to-day. Our MAM and MDM capabilities allow you to protect corporate data with or without device management. Employee-Managed Microsoft Intune provides you option that allow you to keep your data secure across a range of scenarios that occur day-to-day. Our MAM and MDM capabilities allow you to protect corporate data with or without device management. 3rd Party-Managed
26
Complexity is inherent in today’s mobile landscape – with the multiple needs and scenarios naturally presenting themselves in even the most simple environments. You have company-managed devices – these may be dedicated to a specific user (IW) or devices that are shared across multiple employees. You also have devices that are employee-managed – whether it’s a primary device their using (their iPhone or PC) or what we call a companion device – something the are using to get online from time to time (like their daughter’s iPad or a family computer) And last but not least there’s 3rd party-managed devices – these are devices that may be managed by other entities or perhaps unmanaged but unfamiliar to you --think about your partners and contractors that you want to enable – or public kiosk scenarios. These various needs naturally show up in today’s corporate environment. Intune’s MAM and MDM capabilities are designed to help you solve for them all – in a way that enables you enable access to data securely based on your needs.
27
The best control with Intune-enlightened apps
All Intune-enlightened applications are built with the Intune App SDK, enabling them with the richest set of mobile application protection policies available. Many also support multi-identity and without enrollment scenarios. We have a great app story too. Earlier we discussed all the app policies that allow you secure access to data and what happens to data after it’s been accessed. This premium set of policies and features are available with Intune-enlightened apps- apps that are built with our SDK. Our growing ecosystem of enlightened apps includes over 20 apps, including the Office apps – and there are more being added all the time. And don’t forget, you can also use the Intune App Wrapping Tool to protect your own internal line-of-business (LOB) apps. REMINDER from earlier slides: our unique approach to data protection allows us to protect the data at the app level, with out the need for traditional containerization or sandboxing. And because we leverage the user identity in our approach, we can enable multi- identity usage of apps - -where app policies are intelligent enough to only apply to data applicable to corporate accounts. Our capabilities here include: App encryption at rest App access control – PIN or credentials Save as/copy/paste restrictions App-level selective wipe Managed web browsing Secure viewing of PDFs, images, videos
28
Also manage apps via native OS app controls
Intune can also manage apps via native app controls that are exposed through iOS and Android operating systems. This capability extends Intune’s app ecosystem beyond our SDK built enlightened apps, to include many other popular business apps. Only for managed devices. For device scenarios we can also manage apps via native app controls that are exposed through iOS and Android operating systems. This capability extends Intune’s app ecosystem beyond our SDK built Intune-enlightened apps, to include many other popular business apps. This capability puts us at parity with our competitors that are engaged in the App Config community.
29
A growing partner ecosystem
Intune partnerships are designed to enhance our core functionality by delivering interoperability with popular point solutions our customers want and rely upon. We also have a growing ecosystem of technology partners. These technology partnerships are designed to enhance our core functionality by delivering interoperability with popular point solutions you may be using today. All partner products must be purchased directly from the partner
30
Intune + Lookout IT Lookout Intune Scans unknown network for risk
Scans apps for risk Allow access or Scans OS for vulnerability Intune Enforce MFA per user/per app Device is managed Lookout provides mobile threat detection – they scan apps on your devices to identify malicious threats, data leakage risks, and wireless network or operating system vulnerabilities that may otherwise go unnoticed. Our partnership with them allows you to include this threat intelligence into the conditional access policies you define with Intune by integrating Lookout with Microsoft Enterprise Mobility + Security. Device is compliant Block access Device compliant Risk (Low, Medium, High)
31
TeamViewer remote assistance session
10/7/2017 Intune + TeamViewer Register your company’s TeamViewer account with Intune and enable streamlined remote assistance TeamViewer remote assistance session Chat Remote restart Video Screen annotation File transfer The TeamViewer partnership gives you streamlined remote assistance for agent-managed Windows computers. With our interoperability you can use the Intune center to request remote assistance through the TeamViewer connection—enabling such operations as desktop sharing, chat, file transfer, and screen annotation. End user requests help through Intune PC Client Center IT alerted and responds through Intune Admin Console © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
32
Intune + Datalert from Saaswedo real time telecom expense management
Notify Intune when thresholds are reached App reports usage Input telecom plan details Set data & roaming thresholds Real Time data monitoring activity Block data and/or roaming use when thresholds are reached Managed apps Personal apps Warning notifications sent as thresholds approach Unblock when notified by Datalert Saaswedo does telecom expense management – they help their customers keep their mobile data and roaming bills from getting unruly. With this interoperability, an IT pro would enter the data plan details into Saaswedo and set usage thresholds where they want roaming and data to be turned off for a user. An app on the end user’s device monitors usage and reports back to the Saaswedo service. Once a threshold is hit, Saaswedo triggers Intune to block data and/or roaming. This requires an Intune managed device. Public preview in December 2016 in the Azure admin experience Generally available Q1 2017 USER Datalert app deployed & activated Intune managed device ADMIN
33
Intune + Cisco ISE 10/7/2017 Intune conditions Cisco ISE enforcement
Device managed Device compliant Cisco ISE enforcement VPN WiFi XXXXX Allow access Block access Our interoperability with Cisco ISE gives you on-premises conditional access – allowing you to set it so that only managed and compliant devices are able to connect to your on-premises corporate network—either through a wireless or virtual private network. Require enrollment through the Intune portal to ensure compliance Enforce appropriate network access policies based on mobile device posture and risk assessment. © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
34
Intune + Citrix NetScaler
10/7/2017 Intune + Citrix NetScaler Intune conditions Device managed Device compliant NetScaler enforcement VPN XXXXX Allow access Block access Citrix NetScaler, similar to CISCO gives you on-premises conditional access – allowing you to set it so that only managed and compliant devices are able to connect to your on-premises corporate network—through a virtual private network. Require enrollment through the Intune portal to ensure compliance Enforce appropriate network access policies based on mobile device posture and risk assessment. © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
35
Delivered from the cloud
Because Microsoft Intune is cloud-based, it lowers costs and eliminates the need to plan, purchase, and maintain on premise hardware and infrastructure. Intune is always up to date, and scales with ease as your needs evolve. Another true differentiator for us is that we are born in the cloud. Because Microsoft Intune is cloud-based, it lowers costs and eliminates the need to plan, purchase, and maintain on premise hardware and infrastructure. Intune is always up to date, and scales with ease as your needs evolve.
36
Microsoft Intune Manage your diverse mobile environment in a secure and unified way with Microsoft Intune. Vision Experience Ready
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.