Microsoft is expanding its built-in mobile device management (MDM) features built for Office 365.
Small businesses tend to adopt a BYOD (bring your own device) policy to mobile devices when granting email and in-house business information to its employees. However, as this article explains, giving employees wider access to business IT networks poses serious data protection and security risks.
The new tools enable network administrators to selectively restrict senstitive business information so that in the event of, for instance, a temporary loss emails and Word docs can be wiped from a mobile device while leaving an end user’s personal data and apps in place.
Large businesses use applications like Microsoft Intune to automate deployments and management of large mobile device fleets. Office 365 includes provisions for basic device management in its business and enterprise Office 365 services. In early 2015, these tools are being expanded to include:
- configurable security policies on devices that connect to Office 365 to ensure that Office 365 business email and documents are synchronized only on phones and tablets that are managed by your company. For instance, whereas employees could potentially connect multiple devices including home PCs to services, Office 365 administrators can manage which devices a user can authenticate.
- configurable security policies such as device level pin lock and jailbreak detection on devices to help prevent unauthorized users from accessing corporate email and data when a device is misplaced, lost or stolen.
- remove Office 365 corporate data from authenticated devices when an employee leaves an organization, while leaving their personal data, photos and apps intact.
MDM for Office 365 is built directly into the productivity apps like Word, Excel, Outlook, etc., and mobile device policies can be managed with MDM within the Office 365 administration portal using the Office 365 user interface and wizard-based workflows. MDM generates ueful management reports detailing information about connected devices, including automated Wi-Fi, VPN and email profiles. Intune also provides bulk tools for pre-configuring large scale application delpoyment and can provide users with a self-service portal where they can enroll their own devices and install corporate apps.