Conquering Android and iOS using Enterprise Mobility Suite
Just a few years ago, the possibility of users working with corporate data from their personal devices was practically not allowed. And it did not even talk about the use of laptops, not that of mobile phones and tablets. But technology does not stand still. Today, tablets and mobile devices are so tightly entered into our lives that organizations must include users to work with them. Nevertheless, the eternal question arises about how to ensure the security of corporate data when users work with personal devices. Moreover, if the problem was somehow solved with Windows devices, then Android and iOS users stayed on the sidelines. So it was until recently. Now you can work with personal devices on Android or iOS, because The IT service of the organization was able to control these devices using the Enterprise Mobility Suite.
Enterprise Mobility Suite is an integrated solution for managing devices, including mobile, authentication and policy-based access while protecting corporate data and applications. Using EMS, an organization gets the opportunity to fully implement the BYOD concept (“Bring Your Own Device” - “Bring Your Own Device”) and provide your employees and partners with maximum freedom for convenient and productive work in a secure IT environment.
EMS includes three cloud services:
What tasks can be solved using EMS?
First, thanks to EMS, employees will be able to work with corporate data and applications on the devices they like. Secondly, the use of common identity for local resources and cloud applications, as well as the use of mobile device management capabilities, allows you to create a unified IT environment. Third, despite the fact that the device is selected by the user, the organization’s data is protected by various tools for access control and data protection.
')
As noted above, using Microsoft Intune helps organizations provide employees with access to corporate applications and data, while exercising control over these devices. Thanks to Windows Intune, mobile device management is implemented on various platforms - Windows, Windows Phone, iOS and Android. More precisely, Windows Intune supports the following operating systems:
Of course, Microsoft Intune in particular, and EMS in general, require installation and configuration, before you can get to work — that is, mobile device management. How to configure Windows Intune is described in detail and shown in the course of the same name on the Microsoft Virtual Academy portal .
I note that before you control the device, you need to register it. To register a device with Microsoft Intune, use the Company Portal application. We will talk about it in more detail.
The Company Portal application helps you find, view, and install applications that your organization has provided through Microsoft Intune. Users can register personal computers and devices with this service, as well as get access to the corporate applications they need to work.
Company Portal can be downloaded from the app stores for each of the platforms:
To work successfully from a mobile device, the Company Portal application needs to be downloaded and installed. After the Company Portal is installed, we go into it. You will need to enter your credentials used to access organization resources. If the data is entered correctly, we will be able to access the Company Portal of our organization.
Company Portal may contain different information and look different: it all depends on what settings your company's IT service has set. For example, in the screenshot above, both the company's applications and the devices that were used to connect to corporate data are displayed.
An exclamation mark next to one of the devices indicates that the device is not properly registered. Because of this, the user cannot access mail or other corporate applications. The situation is easy to fix. It is enough to register the device. To do this, we select the device, click on the item “Device is not enrolled” in the information and in the next window click on “Enroll”.
We will get to the registration portal, we will receive a message that a profile has been found to be installed.
In conclusion, we will receive a message stating that our device has been successfully registered with Microsoft Intune.
Some time after the device is registered, some applications can be installed on it, which are provided by your organization, under compulsion.
In turn, the administrator. Going to Microsoft Intune Management Portal will be able to see which devices are now added to managed ones, to see their type and the operating system installed on them.
Company Portal provides various options so that the user can manage their device. So the device can be renamed, in addition, you can make a remote reset or delete from the device all corporate information. Those. not only the administrator can delete the data, but the user himself. To do this, simply use the application Company Portal.
As we could see, Microsoft Intune - one of the elements of EMS - allows you to manage various mobile devices of users, no matter what operating system they are on - Android, iOS or Windows Phone. If you want more information on how to manage corporate mobile devices, then on March 26 there will be a JumpStart on this topic - register and watch .
And I also recommend watching video courses, which tell about Enterprise Mobility Suite:
Little about EMS
Enterprise Mobility Suite is an integrated solution for managing devices, including mobile, authentication and policy-based access while protecting corporate data and applications. Using EMS, an organization gets the opportunity to fully implement the BYOD concept (“Bring Your Own Device” - “Bring Your Own Device”) and provide your employees and partners with maximum freedom for convenient and productive work in a secure IT environment.
EMS includes three cloud services:
- Microsoft Azure Active Directory Premium (allows you to manage identity and access for local, hybrid and cloud environments)
- Microsoft Intune (allows you to manage your PC and mobile devices, and also provides data protection)
- Microsoft Azure Rights Management (protects information in the cloud or in a hybrid environment, which has a local infrastructure)
What tasks can be solved using EMS?
First, thanks to EMS, employees will be able to work with corporate data and applications on the devices they like. Secondly, the use of common identity for local resources and cloud applications, as well as the use of mobile device management capabilities, allows you to create a unified IT environment. Third, despite the fact that the device is selected by the user, the organization’s data is protected by various tools for access control and data protection.
')
Microsoft Intune
As noted above, using Microsoft Intune helps organizations provide employees with access to corporate applications and data, while exercising control over these devices. Thanks to Windows Intune, mobile device management is implemented on various platforms - Windows, Windows Phone, iOS and Android. More precisely, Windows Intune supports the following operating systems:
- Apple iOS 6 and later.
- Google Android 2.3.4 and later (including Samsung KNOX).
- Windows Phone 8.0 and later.
- Windows RT and later.
- Windows 8.1 computers.
Of course, Microsoft Intune in particular, and EMS in general, require installation and configuration, before you can get to work — that is, mobile device management. How to configure Windows Intune is described in detail and shown in the course of the same name on the Microsoft Virtual Academy portal .
I note that before you control the device, you need to register it. To register a device with Microsoft Intune, use the Company Portal application. We will talk about it in more detail.
Company Portal
The Company Portal application helps you find, view, and install applications that your organization has provided through Microsoft Intune. Users can register personal computers and devices with this service, as well as get access to the corporate applications they need to work.
Company Portal can be downloaded from the app stores for each of the platforms:
To work successfully from a mobile device, the Company Portal application needs to be downloaded and installed. After the Company Portal is installed, we go into it. You will need to enter your credentials used to access organization resources. If the data is entered correctly, we will be able to access the Company Portal of our organization.
Company Portal may contain different information and look different: it all depends on what settings your company's IT service has set. For example, in the screenshot above, both the company's applications and the devices that were used to connect to corporate data are displayed.
An exclamation mark next to one of the devices indicates that the device is not properly registered. Because of this, the user cannot access mail or other corporate applications. The situation is easy to fix. It is enough to register the device. To do this, we select the device, click on the item “Device is not enrolled” in the information and in the next window click on “Enroll”.
We will get to the registration portal, we will receive a message that a profile has been found to be installed.
In conclusion, we will receive a message stating that our device has been successfully registered with Microsoft Intune.
Some time after the device is registered, some applications can be installed on it, which are provided by your organization, under compulsion.
In turn, the administrator. Going to Microsoft Intune Management Portal will be able to see which devices are now added to managed ones, to see their type and the operating system installed on them.
Company Portal provides various options so that the user can manage their device. So the device can be renamed, in addition, you can make a remote reset or delete from the device all corporate information. Those. not only the administrator can delete the data, but the user himself. To do this, simply use the application Company Portal.
As we could see, Microsoft Intune - one of the elements of EMS - allows you to manage various mobile devices of users, no matter what operating system they are on - Android, iOS or Windows Phone. If you want more information on how to manage corporate mobile devices, then on March 26 there will be a JumpStart on this topic - register and watch .
And I also recommend watching video courses, which tell about Enterprise Mobility Suite:
Source: https://habr.com/ru/post/252855/
All Articles