Presentation on theme: "Lack of control for mobile devices Different tools for phone & PC Policy conflict Inconsistent user experience… Granular mobile device mgmt Converged."— Presentation transcript:
Lack of control for mobile devices Different tools for phone & PC Policy conflict Inconsistent user experience… Granular mobile device mgmt Converged admin controls
Investment AreaKey Promises Business StoreProvide an enterprise commerce, with app distribution, license management and application updates through ConfigMgr and Intune. Enterprise Upgrade and Update Upgrades to Windows 10 from Windows 7+ are a first class experience, with Task Sequence support in ConfigMgr Customers don’t have to upgrade ConfigMgr to upgrade to Windows 10 Software updates manageable through modern management (MDM) Inbox MDM Enterprise-rich manageability exposure through inbox MDM, for extensive Intune management Manage Windows 10 “MDM Style” with either Intune or ConfigMgr (i.e. no separate client to managed) Task Worker Devices (Kiosk Mode) Manageability enhancements (enrollment, lockdown, policies) for shared-use task-worker devices Azure Domain Join Login to devices with AAD accounts (MSA for enterprise), just like domain accounts Get key services like Store and Business Store through AAD accounts Force Intune enrollment through AAD login.
Investment AreaKey Promises Provisioning Package First boot configuration of vanilla-image Windows devices Simplified tool for building out initial configurations Configurations transmittable to devices by NFC, Tethering, USB, SD, etc. Device Encryption Enforcement Force encryption of devices logged on with AAD account (connected standby capable hardware) Store and manage recovery keys in AAD Enforce specific encryption policies through Intune (still MBAM for ConfigMgr) Enterprise Data Protection Protect and isolate corporate data associated with managed applications, like Office Conditional Access Limit access to corporate resources based on device enrollment and compliance Passport Modernized authentication not dependent on user/password Management of authentication through Intune Endpoint Protection Management of inbox Defender through ConfigMgr and Intune (PC agent/MDM)
MDM Configuration Service Providers (CSP) Device WMI provider Common component PC component Common Device Configurator EAS Client MDM Client Service/Server Provisioning Engine WMI Bridge EAS Provisioning MDM ConfigMgr
Password Sign in to your work or school account Sign inCancel Privacy statement Forgot your password? If your organization uses Office 365 or other business services from Microsoft, use the same user name and password to sign in here. Sign in What account should I use? |firstname.lastname@example.org Work or school account Allow this PC to be managed ? Accep t Canc el Contoso requires this PC to be managed before it can access org resources. What you get on this PC: Email, Calendar, Contacts OneDrive for Business Access to company apps How this PC is controlled by Contoso: Enforce PIN lock Partial device wipe Enforce password policy Monitor device location Questions? Contact Contoso IT Help Desk at (206) 555-1234.
Business Store Support for Work Identities Bulk acquisition App management/reuse Reclaim/reuse Offline usage Flexible application distribution Familiar experience Integrated with Store Integrated with management tools Support for LOB Apps