Microsoft EM+S – Two Flavors of Mobile Device Management

As our company workforce becomes more mobile every year, and security risks for corporate data increase, it’s important to consider how you will manage mobility for your organization. Microsoft Enterprise Mobility + Security customers have a choice of solutions that can be used for mobile device management (MDM) and mobile application management (MAM).

Intune – Mobile Device Management (MDM) or Mobile Application Management (MAM)

The decision point here is not necessarily an either-or situation. Your company can implement the Mobile Application Management solution (MAM), which contains, protects, and manages the data on the mobile device or Mobile Device Management (MDM) through Intune that provides the same capabilities as MAM; it also manages the mobile device itself, which adds an additional layer of security. The level of management that you select will depend on many factors, here are some of the strengths of each solution:

Intune – Mobile Device Management (more intrusive to the end user)

  • Provide a self-service Company Portal for users to enroll their own devices and install corporate applications across the most popular mobile platforms.
  • Deploy certificates, Wi-Fi, VPN, and email profiles automatically once a device is enrolled, and enabling users to access corporate resources with the appropriate security configurations.
  • Deliver comprehensive settings management for mobile devices, enabling the execution of remote actions such as passcode reset, device lock, data encryption, and full wipe to protect corporate data on lost or stolen devices.
  • Protect corporate data by restricting access to Exchange email, SharePoint documents, and OneDrive for Business documents when a user tries to access resources on an unenrolled or non-compliant device based upon policies set by the administrator.
  • Simplify enrollment of corporate devices with bulk enrollment using Apple Configurator or a single service account, enabling IT administrators to set policies and deploy applications on a large scale.
  • Streamline the enrollment of iOS devices purchased directly from Apple or an authorized reseller with the Device Enrollment Program (DEP).
  • Enable the enforcement of stricter “lock down” policies for supervised iOS devices, Android devices using Kiosk Mode, and Windows Phone devices using Assigned Access.

You can read more about Intune’s MDM capabilities here.

Intune – Mobile Application Management (less intrusive to the end user)

  • Enable your workforce to securely access corporate information using the Office mobile apps they know and love while preventing leakage of your company’s data by restricting actions such as copy/cut/paste/save in your managed app ecosystem.
  • Manage Office mobile apps with or without enrolling the device for management to protect corporate information without the risk of intruding on a user’s personal life.
  • Apply the same management policies to your existing line-of-business (LOB) applications using the Intune App Wrapping Tool, without requiring code changes in those LOB apps.
  • Allow users to securely view content on devices within your managed app ecosystem using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps for Intune.
  • Allow administrators and device users to protect corporate information through selective wipe of managed apps and related data when a device is unenrolled, no longer compliant, lost, stolen, or retired from use.
  • Enable administrators to push required apps automatically during enrollment and allow users to easily install corporate apps from the self-service Company Portal.
  • Provide the ability to deny specific applications or URL addresses from being accessed on mobile devices.
  • Intune Mobile Application Management can also be used in combination with non-Microsoft MDM providers.

You can read more about Intune’s MAM capabilities here.

Organizations that own Microsoft Intune or the Enterprise Mobility + Security suite have options when it comes to managing corporate data on mobile devices. The direction that an organization chooses will depend on multiple factors including: security needs, user experience, current device management solution, and others.

If you need further information to help make your decision or if you’d like help to understand and implement a security solution, we’re here to help. You can reach us at 630.832.0075 or info@peters.com.

Check Out Our Other Blogs!

By |2019-04-23T10:54:20-05:00May 31st, 2017|Security Solutions|Comments Off on Microsoft EM+S – Two Flavors of Mobile Device Management

About the Author:

With our expert IT team and technology, Peters & Associates provides full-service IT consulting, managed IT services, and IT security solutions in the Chicago area. Our award-winning work and proven successes help drive businesses forward. We solve challenges and build bridges to a better future with secure, scalable IT solutions aligned with your business needs and goals. A full service Chicago IT consulting firm, Peters & Associates has been successfully serving businesses in the Chicago area for over three decades with award-winning managed IT services and IT solutions for business, education, finance, manufacturing, and health care.