Intune is the component of Enterprise Mobility + Security (EMS) that manages mobile devices and apps.
It integrates closely with other EMS components like Azure Active Directory (Azure AD) for identity and access control
and Azure Information Protection for data protection.
- Intune Overview
- Mobile Device Management
- Mobile App Management
- Azure Active Directory
- Role-Based Administration Control (RBAC)
- MDM Authority
Intune lets you manage your workforce’s devices and apps and how they access your company data.
To use this mobile device management (MDM), the devices must first be enrolled in the Intune service.
When a device is enrolled, it is issued an MDM certificate. This certificate is used to communicate with the Intune service.
- Enrollment Methods for Windows, Android and iOS
- Enrollment Options
- Enroll Windows Devices
- Enroll Android Devices
- Enroll iOS Devices
As an IT admin, you must ensure that managed devices are providing the resources your end users need to do their work while protecting that data from risk.
- Lock, Restart or Remove Device
- Locate Lost Device
- Logout or Remove User
- Bypass Activation Lock
- Reset Passcode
- Remote Control Mobile Devices
- Synchronize Device
As an IT admin, you are responsible for making sure that your end users have access to the apps they need to do their work.
This can be a challenge because there are a wide range of device platforms and app types.
Moreover, you might need to manage apps on both company devices and user's own devices, while ensuring your network and your data remain secure.
- Add apps to Intune
- Deploy apps to Groups
- Monitor apps and app Assignments
- App Configuration Policies
- Wipe apps
Use the Microsoft Intune Device configuration workload to manage settings and features on all of the devices you manage.
You mostly use this workload to create device profiles, which let you manage and control a whole range of different features and functionality on devices.
- Configure Device Profiles
- Configure Device Features
- Configure Device Restrictions
- Configure Settings: Email, VPN, Wi-Fi
Policies can be created to define whether devices are compliant, to configure conditional access or to protect app and device data.
- Device Compliance Policies
- Configure Conditional Access
- Protect app and Device Data
- App Protection Policies
Windows Information Protection
With the increase of employee-owned devices in the enterprise, there’s also an increasing risk of accidental data leak through apps and services,
like email, social media, and the public cloud, which are outside of the enterprise’s control.
Windows Information Protection (WIP) helps to protect against this potential data leakage without otherwise interfering with the employee experience.
- Enterprise Data Control
- WIP Protection Modes
- Create WIP Policy with Intune
Windows Autopilot is a collection of technologies used to set up and pre-configure new devices, getting them ready for productive use.
You can also use Windows Autopilot to reset, repurpose and recover devices.
- Benefits of Windows Autopilot
- Deployment Scenarios
- Administering Windows Autopilot
Intune is a cloud-based service in the enterprise mobility and Security (EMS) space that helps enable your workforce to be productive while keeping your corporate data protected. With Intune, you can:
- Manage the mobile devices your workforce uses to access company data.
- Manage the mobile apps your workforce uses.
- Protect your company information by helping to control the way your workforce accesses and shares it.
- Ensure devices and apps are compliant with company security requirements.
This course is intended for IT professional technical specialists responsible for
managing devices in the cloud.