Microsoft Intune provides a cloud-based service that can help your business protect and manage devices. Because it is cloud-based, it can be administered from any Silverlight-enabled web browser.
1- Mobile Device Management (MDM)
With the increasing volume and diversity of corporate and personal devices being used in organizations today, a growing challenge for IT departments is keeping corporate information secure. Intune helps minimize complexity by offering mobile device management through the cloud with integrated data protection and compliance capabilities.
- Configure passwords. Password management differs across mobile device platforms, but all supported platforms allow you to require a password, limit the number of failed sign-in attempts, limit the minutes of activity before the screen locks, set the time for password expiration, and prevent the use of previously-used passwords.
- Control system and cloud storage settings for mobile devices. These differ across mobile device platforms, but highlights include the ability to block the iOS lock screen notifications view (to keep meeting details confidential), and the ability to collect diagnostic data from Windows Phone 8.1 and iOS devices.
- Manage e-mail access for mobile devices using Exchange ActiveSync. You can control e-mail access settings such as whether devices can download attachments, or how much of an e-mail folder is synchronized with a mobile device.
- Application settings. You can control browser settings, and also such application settings as whether app stores can be used on mobile devices.
- Device capabilities, cellular and voice. You can allow or deny the use of a camera, control roaming settings, and enable or disable iOS voice assistant and voice dialing features.
- Reset passcodes, lock or wipe. You can reset passcodes if users lose access to their device, lock missing or stolen devices, or even wipe data off of missing or stolen devices.
- Certificate, email, VPN and Wifi profiles. You can deploy certificate profiles to mobile devices, and also deploy e-mail, VPN and Wifi profiles.
- Manage corporate-owned iOS devices. You can set up devices for enrollment and then distribute them to specific users, or you can enroll devices so that they can be shared by multiple users.
- Mobile application management. Managed mobile apps can be configured to restrict certain app operations, such as copy and paste, to help protect your organization’s data. You can also use the managed browser to control the sites that users are allowed to visit.
- Conditional access. Use Intune conditional access policies to control access to on-premises Microsoft Exchange email from mobile devices, even when the device is not managed by Intune.
2- Mobile Application Management (MAM)
Employees are demanding access to corporate applications, data, and resources from their mobile devices. Intune addresses this challenge by building manageability and data protection directly into the Office mobile apps your employees are most familiar with. Intune also provides the flexibility to extend these capabilities to existing line-of-business apps and to enable secure viewing of content using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps.
- Enable your workforce to securely access corporate information using the Office mobile apps they know and love while preventing leakage of your company’s data by restricting actions such as copy/cut/paste/save in your managed app ecosystem
- Apply the same management policies to your existing line-of-business (LOB) applications using the Intune App Wrapping Tool, without requiring code changes in those LOB apps
- Allow users to securely view content on devices within your managed app ecosystem using the Managed Browser, PDF Viewer, AV Player, and Image Viewer apps for Intune
- Allow administrators and device users to protect corporate information through selective wipe of managed apps and related data when a device is unenrolled, no longer compliant, lost, stolen, or retired from use
- Enable administrators to push required apps automatically during enrollment and allow users to easily install corporate apps from the self-service Company Portal
- Provide the ability to deny specific applications or URL addresses from being accessed on mobile devices
3- PC Managment
As the number of device types allowed in corporate environments grows, management becomes more challenging. Intune provides a comprehensive management solution through a single administrative console that allows you to manage across a variety of devices, including PCs and laptops.
- Integrate your existing System Center 2012 Configuration Manager infrastructure with Intune, further enhancing your ability to manage PCs, Macs, and Unix/Linux servers, as well as mobile devices from a single management console, while building on existing investments and skills
- Provide real-time protection against malware threats on managed computers, keep malware definitions up-to date, and automatically scan computers to help protect against malware infections and other potentially unwanted software
- Collect information about hardware configurations and software installed on managed computers, allowing you to generate reports, organize groups of computers, and more effectively target software deployments
- Simplify administration by deploying software and configuring Windows Firewall settings on computers based upon policies defined by the administrator