Each year at Microsoft Ignite we present a vision for the future. For IT teams, this year’s vision is especially bright, with exciting announcements about security and productivity. Through the lens of endpoint management, we’ll look at what the future holds for end users, organizations, and IT professionals. Then we’ll examine how to get there with Microsoft Intune, and finally, which parts of that future are already available now.
Visions of the future for end users, organizations, and IT professionals
Microsoft Copilot is integral to our vision of the future, but we also envision new ways to experience assistive and generative AI, as well as computing generally through Windows 365. To the end user, this future is about expanded access. This includes access to resources with nearly any device, and access to expertise—not solely information or knowledge on that device. And it is about access to meaningful assistance that relieves the burden of repetition and instead helps connect and express ideas. For organizations, access must come with accountability. Security and compliance must accompany expanded access to help protect resources. Copilot has guardrails and transparency vital to organizations, and Microsoft Security Copilot extends specific capabilities to help security and IT teams protect data and devices. Windows 365 enables secured sessions from devices that may lack the most up-to-date security features, and it offers IT admins more paths to scale and right-size computing resources. As IT teams look to this future, they anticipate more complexity. That’s why we want to point out the bright spot of what’s ahead. With Microsoft Intune, we’ve been preparing for the future of endpoint management, and are prepared to help IT professionals meet complex needs with simple, unified controls—and help from Copilot, of course.
How to get there
“There” in this case is the convergence of the visions above. The first step on the path is shifting to cloud-native management. We define that simply: devices are Microsoft Entra ID-joined and Intune enrolled.
Moving from on-premises investments
This transition doesn’t have to come all at once. For companies with large on-premises investments in Windows management, the transition can be made in stages. Start by moving all your workloads to the cloud. Existing devices can be comanaged and Microsoft Entra hybrid joined until a refresh cycle, when new devices can be provisioned with Windows Autopilot, thereby skipping the time-consuming and expensive imaging process.
A single pane of glass
Add macOS devices, iPads, iPhones, Android tablets, and phones to Intune and realize the first promise of the future. This is a simpler experience for IT, where a single pane of glass—the Intune admin center—provides visibility and capability across platforms. Intune can manage access to resources from unenrolled devices with app protection policies, enabling productivity while helping to maintain data security.
Conditional Access
One of the most powerful features of cloud-based management with Intune is the ability to limit access to resources based on device health. Many IT pros are familiar with Conditional Access in the context of mobile devices, but applying Conditional Access policies to Windows or macOS endpoints is key to achieving Zero Trust security.
A Conditional Access scenario
Imagine that a vulnerability has been discovered in an older version of Windows. With cloud-native management, IT teams can identify if they have any devices running that version of Windows in just a few clicks and target them for updates.
They can then define a policy preventing those devices from accessing corporate resources until the OS has been updated.
Setting a minimum OS version for Windows devices
And with Windows Autopatch, IT teams can configure updates to go out to targeted devices using progressive deployment rings, which will help identify any potential issues early and allow IT to investigate before the impact is widespread.
Conditional Access policies also contribute to overall compliance. Users who don’t meet Conditional Access policy requirements are prompted to resolve issues themselves.
This can help bring security update rates up in organizations where users regularly defer updates and restarts. In turn, that helps organizations stay more secure.
Productivity and total cost of ownership
"Since moving to a cloud-based environment with Intune, we’ve seen a notable drop in support tickets, especially for password issues."
-- Laetitia Berard, Digital Workplace Director, Engie
With cloud-native management, the combination of self-serve functionality and cloud-enabled technology can have a big impact on productivity and the cost of doing business. Touchless deployment of devices to employees via Autopilot has saved countless hours of IT time. As just one example, update management with Autopatch helped cut update deployment time from 90 minutes to 25 at Westpac, one of the largest banks in Australia.
New features, new value
With monthly updates to the service, Intune continues to add functionality aimed at helping IT teams and their end users be more productive. Our Ignite-specific news is all collected in this post. Microsoft Security Copilot in Intune is going to be a big help to IT professionals—read the latest in this post.
In terms of end user productivity, the macOS sign-in process now allows passkeys to be used during the enrollment process, bringing a more secure and seamless experience to authenticating on Apple computers and supported apps.
Single sign-on during enrollment now supports passkeys, as on an iOS device, for authentication.
As outlined above, end user compliance with update policy can sometimes be a struggle. That’s why the new hotpatching capabilities for Windows 11 Enterprise with Autopatch are sure to garner attention. Monthly security updates can now be applied to devices running Windows 11 without requiring a restart. Read more about this exciting update here.
Future endpoints and next-generation technology
Much of the future described above is already available or is arriving imminently. And Intune is ready for all of it. One future for endpoints is about adding neural processors to quickly onboard AI. Adding Copilot+ PCs with Arm processors to your fleet will be seamless. Another future for endpoints is about adding virtual devices to scale up and right-size with ease. Intune empowers you to create Windows 365 Cloud PCs and manage them alongside the rest of your Windows devices.
“Our Windows 365 solution connects with Intune, and it inherits all our prework for Windows 11. We added only one additional policy—it was that simple. That is a huge contrast … the alternatives.”
-- Gareth Johnson, Infrastructure & Cloud Architect, Close Brothers
Get ready for what’s next
There’s more incredible technology being announced at Ignite. And all that can be said about it here and now is Intune will manage what’s next, too. Read the news to find out exactly what we mean—and check out this Ignite session.
Read more about Intune-related news at Ignite.
Intune resources
Don’t miss these posts, documentation, and additional resources, which are designed to help you plan and execute your cloud-native journey:
- 3 benefits of going cloud native
- Best practices in moving to cloud native endpoint management
- How to achieve cloud-native endpoint management with Microsoft Intune
- Step-by-step guides to getting started with Intune
- Calculate your ROI with the Intune value calculator
- Microsoft Intune documentation hub
- Intune Customer Success Blog
- Microsoft Intune | Microsoft Community Hub
- Skilling snack: Go cloud first with Windows device management
We look forward to sharing more at Microsoft Ignite 2024. Please join our sessions (virtually or in person) and continue to engage with us online at LinkedIn: aka.ms/IntuneLinked and X: x.com/MSIntune
Microsoft
