Microsoft Intune is the "management arm" of Microsoft Enterprise Mobility + Security (EMS, formerly Enterprise Mobility Suite). Enterprise mobility is about enabling your employees to be productive on all of their devices while keeping your organization's information protected.
EMS is a complete, integrated suite for enterprise mobility inclusive of productivity, identity, access control, management, and data protection. It gives you an effective way to deploy and operate a mobility solution in your organization.
Intune helps you manage mobile devices and mobile apps. It integrates closely with Azure Active Directory (Azure AD) for identity and access control, and Azure Rights Management (Azure RMS) for data protection.
Common business problems that Intune helps solve include:
- Securing your on-premises email and collaboration infrastructure so that it can be accessed by mobile devices and apps on the Internet.
- Securing your Office 365 infrastructure so that it can be safely accessed by mobile devices and apps on the Internet.
- Enabling your organization to issue mobile phones to its employees.
- Enabling your organization to provide limited-use “shared devices” for task workers.
- Enabling your organization to implement a secure “bring your own device (BYOD)” or personal device strategy.
- Enabling your organization to support employees accessing Office 365 from devices and apps that you don’t control, such as a kiosk in the lobby of a trade show.
The primary tools that Intune offers include:
- Mobile device management (MDM): The ability to enroll devices in Intune so that you can provision, configure, monitor, and take actions on those devices, such as wiping them.
- Mobile application management (MAM): The ability to publish, push, configure, secure, monitor, and update mobile apps for your users.
- Mobile application security: As a part of managing mobile apps, the ability to help secure mobile data by isolating personal data from corporate data and allowing the corporate data to be selectively wiped.
These tools are used in different combinations to enable the common business scenarios above. For example, shared device scenarios make heavy use of MDM. BYOD scenarios typically rely on MAM. And the corporate phone scenarios build upon both. Almost all scenarios make use of mobile application security.
Throughout this documentation, we’ll explain how to use the tools that Intune provides to support your business scenarios. We’ll also explain how to use these tools with Office 365, Azure AD, Azure RMS, and other parts of the Microsoft mobility suite. We will give you a broad overview of the ways in which the technology is commonly used and how it might be useful in your environment, as well as procedures to implement them. The technology itself is flexible and can be adapted to all sorts of scenarios beyond the ones that we describe here.