Cybersecurity is a complex problem due to constantly changing threats, attacks, regulations, and technology. Microsoft Intune provides unified management of mobile devices and applications to empower productivity while protecting data. Intune uses visibility and controls like conditional access to balance security and user experience across an organization's diverse mobile environment.
6. What makes cybersecurity a complex problem?
100101
011010
100011
MalwareSpam Smart attackers Intelligent attacks
Volume of attacks Sophistication of attacks
7. What type of attack to launch…
Who to target in attacks…
When to launch an attack…
Hackers How often to attack…
What type of attacks are happening…
Who is attacking them…
When attackers strike…
Analysts
How often do attacks occur…
A hacker’s advantage is preparation & knowledge
19. EXPERIENCE
• 1M+ Corporate Machines
protected by enterprise IT security
• Multi-platform
Cloud-first hybrid enterprise
• Decades of experience
as a global enterprise
• Runs on Azure
same multi-tenant Azure
environment as you
EXPERTISE
• Development Security
Security Development Lifecycle
(SDL) - ISO/IEC 27034-1
• Operational Security
Hyper-scale cloud services
• Combatting Cybercrime
partnering with law enforcement
• Incident Investigation
and recovery for customers
Visibility
ExpertiseExperience
Context
Industry leading capabilities
VISIBILITY & CONTEXT
1 billion customers
across enterprise and
consumer segments
200+ cloud services
21. Balancing productivity with protection.
How do IT Pros empower their users to be
productive, while protecting the massive
amounts of data flowing through their
mobile ecosystem?
23. Mobile application
management
PC managementMobile device
management
Strategically direct the flow of your mobile ecosystem, giving your end
users the experience they expect while ensuring your corporate data is
protected at every turn.
Enterprise mobility management with Intune
Enable
your users
Protect
your data
Microsoft Intune
User IT
25. Click to edit Master title
style
Delivering on a unified
Microsoft vision
Built with EMS, Office and
Windows, Intune delivers on a
unified Microsoft vision to
transform the way enterprise
secures mobile productivity.
This combined effort enables
awesome end-to-end scenarios.
Control access to your data
Control what happens to your data
after it’s been accessed
Modern PC management
26. Click to edit Master title
style
Control access to data
based on real-time context
Conditional access allows you to
define policies that provide
contextual controls at the user,
location, device, and app levels.
As conditions change, natural user
prompts ensure that only the right
users on compliant devices can
access sensitive data.
27. Azure Active Directory
Premium
Microsoft Intune
Microsoft Intelligent
Security Graph
Risk-based conditional access
• Block access
• Wipe device
Conditions
• Allow
• Enforce MFA
• Remediate
Actions
Location (IP range)
Device state
User groupUser
MFA
Risk
On-premises
applications
Microsoft Azure
Risk (Low, Medium, High)
28. Click to edit Master title
style Managed apps
Personal appsPersonal apps
Managed apps
MDM – optional
(Intune or 3rd-party)
Our app protection policies allow you
to control what happens to docs and
data after they’ve been accessed.
• App encryption at rest
• App access control – PIN or credentials
• Save as/copy/paste restrictions
• App-level selective wipe
• Managed web browsing
• Secure viewing of PDFs, images, videos
Control what happens
after the data is accessed
Corporate
data
Personal
data
Multi-identity policy
29. Click to edit Master title
style
With the different options in
Windows 10, plus Configuration
Manager and Intune, you have the
flexibility to stage implementation
of modern management scenarios
while targeting different devices
the way that best suits your
business needs.
Everything you need for
modern PC management
31. Click to edit Master title
styleAn awesome end-user
and IT Pro experience
Natural and intuitive, the best
experience for both end users
and IT Pros. The control and
support IT requires; the
experience your people
expect.
Real Office apps
Protect data with and without device
enrollment
Intune on Azure
Support to get you started and
keep you going day-to-day
32. Click to edit Master title
style
The Office apps end-users
expect
Give your people the real Office
experience they expect, without
compromising the control you
need. Intune gives you
unparalleled control over the data
in that moves through Office -
across all your devices.
33. Click to edit Master title
style
Protect with and without
enrollment
Intune’s application protection
policies give you the versatility to
manage your data with or without
device enrollment.
34. Click to edit Master title
styleWorld class support –
included
FastTrack provides you access to a
team of engineers dedicated to
helping you plan and execute your
deployment. And our 24/7
support ensures you have the
support you need day to day.
Both included with your Intune subscription.
36. Click to edit Master title
styleMeets your immediate
needs and adapts to your
evolving IT strategy.
Microsoft Intune is built from
the cloud, with the flexibility
and control that meets your
needs today, and scales as
your mobile strategy matures
and evolves over time.
Microsoft Cloud Infrastructure
Inclusive partner ecosystem
Flexibility and choice in how you manage
your mobile ecosystem
37. Click to edit Master title
style
You need flexibility in a
complex device ecosystem
Microsoft Intune provides you
option that allow you to keep your
data secure across a range of
scenarios that occur day-to-day.
Our MAM and MDM capabilities
allow you to protect corporate data
with or without device
management.
Company-Managed
Employee-Managed
3rd Party-Managed
39. Click to edit Master title
style
The best control with
Intune-enlightened apps
All Intune-enlightened applications
are built with the Intune App SDK,
enabling them with the richest set
of mobile application protection
policies available.
Many also support multi-identity
and without enrollment scenarios.
40. Click to edit Master title
style
Also manage apps via
native OS app controls
Intune can also manage apps via
native app controls that are
exposed through iOS and Android
operating systems. This capability
extends Intune’s app ecosystem
beyond our SDK built enlightened
apps, to include many other
popular business apps.
Only for managed devices.
41. Click to edit Master title
style
A growing partner
ecosystem
Intune partnerships are designed to
enhance our core functionality by
delivering interoperability with
popular point solutions our
customers want and rely upon.
All partner products must be purchased directly from the partner
42. Device is compliant
Device is managed
Scans apps for risk
ITScans unknown
network for risk
Allow access or
Block access
Enforce MFA per
user/per app
Device compliant
Scans OS for vulnerability
Risk (Low, Medium, High)
43. X X X X X
✓ Require enrollment through the Intune portal to ensure compliance
Intune conditions
Device managed
Device compliant
✓ Enforce appropriate network access policies based on mobile device posture and risk assessment.
Allow access
Block access
Cisco ISE enforcement
VPN
WiFi
44. X X X X X
✓ Require enrollment through the Intune portal to ensure compliance
Intune conditions
Device managed
Device compliant
✓ Enforce appropriate network access policies based on mobile device posture and risk assessment.
Allow access
Block access
NetScaler enforcement
VPN
45. Click to edit Master title
style
Delivered from the cloud
Because Microsoft Intune is cloud-
based, it lowers costs and
eliminates the need to plan,
purchase, and maintain on premise
hardware and infrastructure.
Intune is always up to date, and
scales with ease as your needs
evolve.
52. HIPAA /
HITECH Act
FERPA
GxP
21 CFR Part 11
Singapore
MTCS
UK
G-Cloud
Australia
IRAP/CCSL
FISC Japan
New Zealand
GCIO
China
GB 18030
EU
Model Clauses
ENISA
IAF
Argentina
PDPA
Japan CS
Mark Gold
CDSA
Shared
Assessments
Japan My
Number Act
FACT UK GLBA
Spain
ENS
PCI DSS
Level 1 MARS-E FFIEC
China
TRUCS
Canada
Privacy Laws
MPAA
Privacy
Shield
India
MeitY
Germany IT
Grundschutz
workbook
Spain
DPA
HITRUST IG Toolkit UK
China
DJCP
ITAR
Section 508
VPAT
SP 800-171 FIPS 140-2
High
JAB P-ATO
CJIS
DoD DISA
SRG Level 2
DoD DISA
SRG Level 4
IRS 1075
DoD DISA
SRG Level 5
Moderate
JAB P-ATO
GLOBALUSGOVINDUSTRYREGIONAL
ISO 27001
SOC 1
Type 2ISO 27018
CSA STAR
Self-AssessmentISO 27017
SOC 2
Type 2
SOC 3ISO 22301
CSA STAR
Certification
CSA STAR
AttestationISO 9001
Azure has the deepest and most comprehensive compliance coverage in the industry
March
2017