You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: memdocs/intune/fundamentals/common-scenarios.md
+7-9Lines changed: 7 additions & 9 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -36,10 +36,8 @@ The needs around enterprise mobility are dynamically evolving, and Microsoft's a
36
36
37
37
Following are short introductions to the six most common scenarios that rely on Intune, accompanied with links to more information about how to plan and deploy each of them.
38
38
39
-
>[!NOTE]
40
-
>
39
+
> [!NOTE]
41
40
> - Want to know how Microsoft IT uses Intune to give corporate access on mobile devices, while also keeping corporate data protected? Check out the [IT Showcase Library](https://www.microsoft.com/itshowcase), and search for "Intune".
42
-
>
43
41
> - The [Microsoft Security and Compliance blogs](https://techcommunity.microsoft.com/t5/microsoft-security-and/bg-p/MicrosoftSecurityandCompliance) are a great resource. You can filter on areas that interest you, including Enterprise Mobility + Security, data loss prevention, identity & access management, and more.
44
42
45
43
## Protecting your on-premises email and data so it can be safely accessed by mobile devices
@@ -62,29 +60,29 @@ Intune and Microsoft Enterprise Mobility + Security provide a uniquely integrate
62
60
63
61
The Office mobile apps in their respective app stores are ready to go with data containment policies that you can configure via Intune. This enables you to prevent data from being shared with apps (for example, with native email apps) and storage locations (for example, Dropbox) that aren't managed by IT. All this functionality is built into Microsoft 365 and EMS. You don't have to deploy additional infrastructure to get this value.
64
62
65
-
A common Microsoft 365 deployment practice is to require devices to enroll into management if they need to be fully set up with corporate apps, certs, Wi-Fi, or VPN configurations, a common scenario for corporate-owned devices.
63
+
A common Microsoft 365 deployment practice is to require devices to enroll into management if they need to be fully set up with corporate apps, certs, Wi-Fi, or VPN configurations, a common scenario for corporate-owned devices.
66
64
67
-
However, if your user simply needs to access corporate email and documents, which is often the case for personally owned devices, then you can require the user to use the Office mobile apps (to which you have applied [app protection policies](../apps/app-protection-policies.md) and skip enrolling the device altogether.
65
+
However, if your user simply needs to access corporate email and documents, which is often the case for personally owned devices, then you can require the user to use the Office mobile apps (to which you have applied [app protection policies](../apps/app-protection-policies.md)) and skip enrolling the device altogether.
68
66
69
67
Either way, the Microsoft 365 data will be secured by policies you've defined.
70
68
71
69
<!-- Learn more about how to plan and deploy Intune to help secure Microsoft 365 email and data. -->
72
70
73
71
## Offer a bring your own device program to all employees
74
72
75
-
Bring your own device (BYOD) continues to grow in popularity among organizations as a means to reduce hardware expenditures or increase mobile productivity choices for employees. Just about everyone has a personal phone these days so why put another one in their pocket? The main challenge has always been to convince employees to enroll their personal device into management, as they are fearful of what their IT department will be able to see and do with their device.
73
+
Bring your own device (BYOD) continues to grow in popularity among organizations as a means to reduce hardware expenditures or increase mobile productivity choices for employees. Just about everyone has a personal phone these days so why put another one in their pocket? The main challenge has always been to convince employees to enroll their personal device into management, as they are fearful of what their IT department will be able to see and do with their device.
76
74
77
-
When device enrollment is not a viable option, Intune offers an alternative BYOD approach of simply [managing the apps that contain corporate data](../apps/app-protection-policies.md). Intune protects the corporate data even if the app in question accesses both corporate and personal data, as is the case for Office mobile apps.
75
+
When device enrollment is not a viable option, Intune offers an alternative BYOD approach of simply [managing the apps that contain corporate data](../apps/app-protection-policies.md). Intune protects the corporate data even if the app in question accesses both corporate and personal data, as is the case for Office mobile apps.
78
76
79
77
As an administrator, you can require users to access Microsoft 365 from the Office mobile apps and configure the apps with policies that keep the data protected (such as encrypting it, protecting it with a pin, and so on). These app protection policies prevent data loss from unmanaged apps and storage locations -- inside or outside of those apps. For example, the policies prevent a user from copying text from a corporate email profile into a consumer email profile even if both profiles are configured within Outlook Mobile. Similar configurations can be deployed for other services and applications that are required by your BYOD users.
80
78
81
79
<!-- Learn more about how to plan and deploy Intune to support BYOD.-->
82
80
83
81
## Issue corporate-owned phones to your employees
84
82
85
-
Many employees are mobile these days, making productivity on mobile devices an imperative to be competitive. These employees need seamless access to all corporate apps and data, at any time, wherever they are. You need to ensure that corporate data is secure and administrative costs are low.
83
+
Many employees are mobile these days, making productivity on mobile devices an imperative to be competitive. These employees need seamless access to all corporate apps and data, at any time, wherever they are. You need to ensure that corporate data is secure and administrative costs are low.
86
84
87
-
Intune offers [bulk provisioning and management solutions](../enrollment/device-enrollment.md) that are integrated with the major corporate device management platforms on the market today, including the Apple Device Enrollment Program and the Samsung Knox mobile security platform. Centralized authoring of device configurations with Intune helps make provisioning of corporate devices something that can be highly automated.
85
+
Intune offers [bulk provisioning and management solutions](../enrollment/device-enrollment.md) that are integrated with the major corporate device management platforms on the market today, including the Apple Device Enrollment Program and the Samsung Knox mobile security platform. Centralized authoring of device configurations with Intune helps make provisioning of corporate devices something that can be highly automated.
88
86
89
87
Picture this: hand an employee an unopened iPhone box. The employee powers it on and is walked through a corporate-branded setup flow where they must authenticate themselves. The iPhone is seamlessly configured with [security policies](../configuration/device-profiles.md).
0 commit comments