Working on-the-go with mobile devices is an amazing aspect of modern working life, but only if you can effectively control access. Microsoft Intune gives you that control.
Microsoft Intune is a comprehensive device and application management tool, included within Microsoft 365 and the Enterprise Mobility + Security suite. Intune enables you to manage the mobile and BYOD (Bring-Your-Own-Device) devices that have access to your network and data – verifying their security compliance, controlling their access to data and managing the rollout of updates.
We’re going to look further into what Intune does and what it can be used for, but first we should probably answer a very important question…
Why should I be managing the mobile devices accessing my network?
When a mobile device connects to your IT infrastructure, it becomes a gateway to your network and the data within it. As a result, these devices represent a potential vulnerability. It would be like having a laptop without antivirus or a mobile phone without a password.
In effect, data is only as secure as the device accessing it. So, whilst your network may have secure login credentials, up-to-date firewalls and so on, if a mobile device accessing that networking is not secure, then it is a weakness.
Furthermore, the leading cause of successful cyberattacks is human error. This means that there is an increased risk that comes with allowing more staff access to your data. This risk needs to be mitigated with sophisticated controls, as well as staff training on cybersecurity awareness.
Compliance with the GDPR requires you to adequately protect any personal data that you hold. If this kind of data can be accessed via any mobile device, you are legally obligated to ensure that all data is as safe in the mobile environment as it is within your on-premise infrastructure.
As such, effective mobile device management is critical to ensure that all employee devices are configured, deployed, managed and monitored in a manner that prioritises the integrity and security of your network, systems and data.
How does Microsoft Intune help?
The security challenges a business faces today are both complex and numerous. Intune enables you to protect any and all data on your network and mobile devices – whenever, wherever and on whatever device is being used.
Without management of this kind, data that is not secure is accessible and potentially at risk. Furthermore, Intune enables you to manage and review the capabilities and security of mobile and BYOD devices and roll out amendments and upgrades accordingly.
With Intune, you can:
- Set rules and configure settings on all devices with access to data and networks
- Deploy and authenticate apps on devices – on-premise and mobile
- Protect your company information by controlling the way users access and share it
- Be sure devices and apps are compliant with your security policy and requirements
How you can manage devices with Microsoft Intune
Intune can verify whether a device complies with your security policy and determine whether it can be allowed to access the network. Intune also enables you to manage devices on a case-by-case basis. This could, for example, include different levels of management for company-owned devices compared with personal devices, or providing higher level permissions for more senior staff.
Full control of a device, including settings, features and security, might be appropriate for the devices your company owns. In this approach, users of these devices ‘enrol’ with Intune, and receive the rules and settings via the company policies you have configured. For example, you can set password and PIN requirements, create a VPN connection, set up threat protection, and more.
For personal or BYOD devices, users may only want access to email or Microsoft Teams. Intune enables you to put in place app protection policies that require for example, multi-factor authentication (MFA) to use these apps.
When devices are enrolled and managed in Intune, administrators can:
- View all devices enrolled and reports on all data being accessed
- Configure devices so they meet your security and health standards
- Push certificates to devices so users can easily access your Wi-Fi network, or use a VPN to connect to your network
- See reports on users and devices that are compliant, and not compliant
- Remove organisation data if a device is lost, stolen, or not used anymore
It’s worth noting that Intune and the Microsoft Enterprise Mobility + Security suite also distinguishes between company data and an employee’s personal data – providing digital privacy to information that is not part of your company.
How can Air IT help?
We can assess your needs and configure Intune according to your business and your team.
If you don’t already have access to Intune, we would recommend upgrading to Microsoft 365 – this is the most cost-effective way to get Intune and the benefits it provides. For more on the benefits of Microsoft 365, click here.
As experts in cyber security, we are well-versed in sufficiently protecting data to comply with GDPR. Our knowledge and experience with cloud technologies enable us to advise, create and implement new aspects of your security policy that encompass mobile and BYOD devices.
We also offer a comprehensive service for your wider IT infrastructure and can advise on your requirements, implement a transition from planning to completion and support your infrastructure on an ongoing basis.
If you’d like to find out more about mobile device management, please don’t hesitate to get in touch.