Microsoft 365 的裝置管理藍圖Device management roadmap for Microsoft 365

Microsoft 365 for enterprise 包含的功能可協助您管理組織內的裝置及其應用程式。Microsoft 365 for enterprise includes features to help manage devices, and their apps, within your organization. 管理行動裝置可協助您保護和保護組織的資源。Managing mobile devices helps you secure and protect your organization's resources.

裝置管理有兩個選項:There are two options for device management:

Microsoft IntuneMicrosoft Intune

您可以使用 Microsoft Intune,利用行動裝置管理或行動應用程式管理來管理組織的存取權。You can use Microsoft Intune to manage access to your organization using mobile device management or mobile application management. 行動裝置管理是使用者在 Intune 中「註冊」其裝置的時間。Mobile device management is when users "enroll" their devices in Intune. 裝置註冊後,即為受管理的裝置;因此,它可以接收您組織的原則、規則和設定。After a device is enrolled, it is a managed device; therefore, it can receive your organization's policies, rules, and settings. 例如,您可以安裝特定的應用程式、建立密碼原則、安裝 VPN 連線等等。For example, you can install specific apps, create a password policy, install a VPN connection, and more.

具有自己個人裝置的使用者可能不想要註冊其裝置,或由 Intune 和您組織的原則進行管理。Users with their own personal devices may not want to enroll their devices or be managed by Intune and your organization's policies. 不過,您仍然需要保護組織的資源和資料。But you still need to protect your organization's resources and data. 在此案例中,您可以使用行動應用程式管理來保護您的應用程式。In this scenario, you can protect your apps using mobile application management. 例如,您可以使用行動應用程式管理原則,此原則要求使用者在存取裝置上的 SharePoint 線上時輸入 PIN 碼。For example, you can use a mobile application management policy that requires a user to enter a PIN when accessing SharePoint Online on the device.

您也會決定要如何管理個人裝置和組織所擁有的裝置。You'll also determine how you're going to manage personal devices and organization-owned devices. 您可能想要視裝置的用途而異。You might want to treat devices differently, depending on their uses.

設定基本行動與安全性Basic Mobility and Security

這是 Microsoft 365 內建的,可協助您保護和管理使用者的行動裝置,例如 Iphone、Ipad、Androids 和 Windows phone。This is built into Microsoft 365 and helps you secure and manage your users' mobile devices like iPhones, iPads, Androids, and Windows phones. 您可以建立及管理裝置安全性原則、遠端抹除裝置資料,以及檢視詳細的裝置報告。You can create and manage device security policies, remotely wipe a device, and view detailed device reports.

選擇兩個選項Choose between the two options

為了協助您更進一步評估最適合您的裝置管理選項,請參閱 Choose Basic 行動性安全性與 IntuneTo help you better assess which device management option is best for you, see Choose between Basic Mobility Security and Intune.

根據您的評估,使用下列專案開始管理您的裝置:Based on your assessment, get started managing your devices with:

身分識別與裝置存取建議Identity and device access recommendations

Microsoft 會針對身分識別與裝置存取提供一組建議,以確保安全且具有生產力的員工。Microsoft provides a set of recommendations for identity and device access to ensure a secure and productive workforce. 如需裝置存取,請使用下列文章中的建議和設定:For device access, use the recommendations and settings in these articles:

Contoso 如何對 Microsoft 365 進行裝置管理How Contoso did device management for Microsoft 365

如需虛構但具有代表性的多國公司如何使用 Microsoft 365 雲端服務部署行動裝置管理基礎結構的資訊,請參閱 mobile device management For ContosoFor information about how a fictional but representative multi-national business deployed their mobile device management infrastructure with Microsoft 365 cloud services, see Mobile device management for Contoso.