What is Microsoft Endpoint Manager?
A cloud-based solution for managing mobile devices and applications on both business and personal devices.
Formerly MS Intune, MS Endpoint Manager allows you to control how devices, including mobile phones, tablets, and laptops, are used within your business. It also allows the use of personal devices for work, keeping business and personal data completely separate, allowing a greater level of control over your organisation’s data.
MS Endpoint Manager and your Bring Your Own Device (BYOD) policy
Since the start of the pandemic, lots of businesses and organisations have had to cobble together a way of working flexibly, even if this wasn’t something they were doing previously. With so many people working from home, and IT hardware becoming scarce, the solution was for workers to use their own devices in order to be able to work from home effectively.
In practice, this means that there are a lot of people using their own devices to access sensitive business data, and a lot of businesses who have no idea what data is being accessed and when, or how secure the member of staff’s device is.
Microsoft Endpoint Manager allows businesses to combat this by:
- Providing a list of devices accessing company resources
- Ensuring devices meet your minimum security requirements
- Allow users to easily access your WIFI network, or use a VPN to connect
- See reports of compliant and non-compliant devices and users
- Remove company data remotely if a device is lost, stolen, or surplus to requirements
What does using Endpoint Manager look like?
An imaginary case study
An imaginary recruitment firm have discovered that working remotely is much better for all of them and they want to continue working like this, even when the pandemic is over. The only thing stopping them is the expense involved in purchasing phones and laptops for their staff – a considerable outlay. Their team are happy to continue using their own devices, but they are working with sensitive data, including the names, contact details, and CVs of job applicants so they need a way of ensuring a consistently high level of security across every device.
How Endpoint Manager could fix it
By implementing Microsoft Endpoint Manager, company devices and personal devices could be easily subject to the same security standards. Passwords can be made a requirement for sensitive data, updates can be rolled out to everyone quickly, and if anyone loses their device on their travels – the data can be wiped, before it can be accessed by an unauthorised third party.
Our imaginary recruiters who use their own devices wouldn’t have their personal data affected by this, as Endpoint Manager can separate personal and business data, with only the business data being managed centrally.
By integrating Endpoint Manager with Azure AD, our recruitment firm can also set a set of criteria for devices which are able to access certain criteria, to minimise security flaws with devices themselves.
The whole team are now able to work from home while the bosses have peace of mind that they still have control over company data, and can be easily made aware of any security issues flagged up by the use of certain devices.
Does this sound like something you need?
What are the benefits of using Endpoint Manager?
|A list of the good stuff:|
|Easy to keep tabs on who can access data|
|Allows staff to use their own devices|
|Protect yourself against device theft|
|Easily control updates so all users are running up-to-date software|
|Define your IT security standards, and enforce them across devices|
What are the key features?
Remote data wiping
If a device is lost or stolen, whether it’s a personal device or a company device, Endpoint Manager allows you to wipe the device remotely. This means your sensitive company data won’t be seen by anyone it shouldn’t be.
You have the functionality to set this at an app level, so that team members have to sign in to apps that include company data, using security settings stipulated by you. As well as passwords, this also includes multi factor authentication, or MFA.
The creation of a device inventory
At a quick glance, it allows you to see all of the devices accessing your company network. This is really useful for ensuring that there are no ‘rogue’ devices, as you can also see which users and devices are accessing information following correct protocols.
You can check the encryption status of devices you manage, as well as whether they have the right specification to be encrypted via central management. You can also use set rules, so only devices which are encrypted can access certain apps, for example.
FREE GUIDE: 15 Questions to Ask Your New IT Support Company
Working with us
We’re in the business of helping businesses. We provide IT solutions and support to facilitate and encourage growth.
Customers who join us based on a recommendation.
The issues which get fixed on the same day they get logged.
Calls answered in under 10 seconds.
The amount of critical IT problems we have resolved.