Slides from CIAOPS July 2018 webinar that provided Azure news update, open Q & A as well as a focus session on Intune. Video recording is available at www.ciaopsacademy.com
10. News
• Azure File Sync now generally available
• https://azure.microsoft.com/en-us/blog/score-one-for-the-it-pro-azure-file-sync-is-now-
generally-available/
• Azure Firewall in Preview
• https://azure.microsoft.com/en-us/roadmap/azure-firewall/
• Azure Data Box Disk
• https://azure.microsoft.com/en-us/blog/welcome-our-newest-family-member-data-box-disk/
• Baseline Security Policy for Azure AD now in preview
• https://cloudblogs.microsoft.com/enterprisemobility/2018/06/22/baseline-security-policy-for-
azure-ad-admin-accounts-in-public-preview/
• Azure AD Password Protection and smart lockout in preview
• https://cloudblogs.microsoft.com/enterprisemobility/2018/06/19/azure-ad-password-protection-
and-smart-lockout-are-now-in-public-preview/
12. Mobile Device
Management (MDM)
Mobile Application
Management (MAM)
Conditional Access: Restrict access to managed & compliant devices Conditional Access: Restrict which apps can be used to access email or files
Secure your data on any device with Intune
In a complex device landscape, you need choices.
Microsoft Intune gives you the flexibility and control to secure your data on any device—even those you don’t manage.
r
Company-Managed Employee-Managed 3rd-Party-
Managed
Enroll devices for Provision settings, Report & measure Remove corporate Publish mobile Configure and Report app Secure & remove corporate
management certs, profiles device compliance data from devices apps to users update apps inventory & usage data within mobile apps
n
Microsoft IntuneMicrosoft Intune Learn more at microsoft.com/intune
13.
14.
15. Mobile devices and PCs Mobile devices
System Center
Configuration
Manager
Domain joined PCs
Configuration Manager integrated with Intune (hybrid)Intune standalone (cloud only)
IT IT
Intune web console Configuration Manager console
21. •Mobile Device Management
• Deploy certificates, WiFi, VPN, and email profiles automatically
once a device is enrolled
•Mobile Application Management
• Provide the ability to deny specific applications or URL addresses
from being accessed on mobile devices
•PC Management
• Simplify administration by deploying software and configuring
Windows Firewall settings on computers based upon policies
defined by the administrator
22. Personal apps
Managed apps Company Portal
Are you sure you want to wipe
corporate data and applications
from the user’s device?
OK Cancel
Perform selective wipe via self-service company portal or admin console
Remove managed apps and data
Keep personal apps and data intact
ITIT
23. Personal apps
Managed apps
Maximize productivity while preventing leakage of company
data by restricting actions such as copy/cut/paste/save in
your managed app ecosystem
User
24. Enroll
• Provide a self-service Company
Portal for users to enroll devices
• Deliver custom terms and
conditions at enrollment
• Bulk enroll devices using Apple
Configurator or service account
• Restrict access to Exchange email
if a device is not enrolled
Retire
• Revoke access to corporate
resources
• Perform selective wipe
• Audit lost and stolen devices
Provision
• Deploy certificates, email, VPN,
and WiFi profiles
• Deploy device security policy
settings
• Install mandatory apps
• Deploy app restriction policies
• Deploy data protection policies
Manage and Protect
• Restrict access to corporate
resources if policies are violated
(e.g., jailbroken device)
• Protect corporate data by
restricting actions such as
copy/cut/paste/save outside of
managed app ecosystem
• Report on device and app
compliance
User IT
26. Take aways
• Intune is now an Azure service
• Intune can be managed using PowerShell
• Intune can manage all devices in your fleet
• Should be considered the replacement for on premises AD
Group Policy
• Is going to continue to improve and add functionality
• Can be obtained in a variety of licenses
27. Resources
• MDM in Office 365 overview - https://technet.microsoft.com/en-
US/library/ms.o365.cc.DevicePolicy.aspx
• Different ways to manage devices with InTune -
https://technet.microsoft.com/library/dn957912.aspx
• Capabilities of Office 365 MDM –
https://technet.microsoft.com/library/ms.o365.cc.devicepolicysupporteddevice.aspx
• Manage mobile devices in Office 365 – https://support.office.com/en-us/article/Manage-
mobile-devices-in-Office-365-dd892318-bc44-4eb1-af00-9db5430be3cd
• Microsoft Intune features - http://www.microsoft.com/en-au/server-cloud/products/microsoft-
intune/features.aspx
• Microsoft Intune documentation - https://docs.microsoft.com/en-us/intune/
28. CIAOPS Resources
• Blog – http://blog.ciaops.com
• Free SharePoint Training via email – http://bit.ly/cia-gs-spo
• Free Office 365, Azure Administration newsletter – http://bit.ly/cia-o365-tech
• Free Office 365, Azure video tutorials – http://www.youtube.com/directorciaops
• Free documents, presentations, eBooks – http://slideshare.net/directorcia
• Office 365, Azure, Cloud podcast – http://ciaops.podbean.com
• Office 365, Azure online training courses – http://www.ciaopsacademy.com
• Office 365 and Azure community – http://www.ciaopspatron.com
Twitter
@directorcia
Facebook
https://www.facebook.com/ciaops
Email
director@ciaops.com
Skype for Business
admin@ciaops365.com
29. Get access to the latest
information by becoming a
Patron
http://www.ciaopspatron.com