Microsoft Intune news at Microsoft Ignite 2024

At Microsoft Ignite 2024, Microsoft Intune is introducing updates that make endpoint management smarter, safer, and more efficient than ever. In an evolving tech landscape where security and productivity are crucial, Intune’s latest capabilities underscore our commitment to helping customers get to cloud native. Intune uses data as a foundation, applying AI-powered intelligence to make information actionable, strengthening security, and supporting efficient management. Together, these capabilities create a modern and agile digital environment ready for the future.

Our latest updates include:

• Expansion of cross-platform device inventory in preview by early 2025.
• New Microsoft Intune Advanced Analytics capabilities for querying multiple devices and taking remote actions on query results.
• Microsoft Intune Advanced Analytics with KQL integration for real-time data retrieval, anomaly detection, and device performance insights.
• Microsoft Security Copilot in Intune capabilities for Windows Autopatch and the Intune Suite: Intune Endpoint Privilege Management (EPM) and Advanced Analytics.
• Additional Copilot capabilities to assess policy impacts and risk analysis with configuration guidance.
• Launch of the first purpose-built device for Windows 365 Cloud PC managed through Intune.
• App protection policy support for Microsoft Teams on Apple Vision Pro and additional related capabilities coming soon.
• Enhanced macOS management with new certificate storage options.
• EPM support for Windows ARM64 devices.

Device data and analytics: The foundation of informed decision-making

Taking advantage of cloud-native technologies and having visibility into device hardware inventory serves as the foundation of Intune data capabilities, starting with the current rollout for Windows. With Resource explorer (also known as device inventory), we provide access to critical device properties like battery health and Trusted Platform Module (TPM) version. At Ignite, we are announcing our plans to extend this functionality cross-platform for iOS, Android, and macOS devices early in 2025.

With Intune Advanced Analytics in the Microsoft Intune Suite and the ability to query real-time device data, we are introducing new functionality that empowers you to take remote actions on the results of device query investigations. The new device actions functionality will be generally available in November.

We’re also announcing that Advanced Analytics will expand the current capability of single-device query by enabling multiple-device query. This offers admins comprehensive monitoring and reporting across the device landscape.

AI-powered endpoint management

Since the public preview release of Copilot in Intune in April 2024, we’ve learned a lot, and we are prioritizing enhancements and expansion based on that learning and customers’ needs and pain points. Copilot in Intune has started to reshape endpoint security management with AI assistance for troubleshooting and policy management.

Copilot in Intune: Endpoint security with real-time threat detection and response, powered by AI.

Now Copilot can go further by expanding functionality with Security Copilot in Intune and integrating directly with Intune Advanced Analytics, EPM solutions in the Intune Suite, and Windows Autopatch. These updates give IT admins a unified, integrated way in Intune to quickly identify patterns in endpoint activity, surface potential threats in real-time, and provide suggested actions for immediate response and resolution.

Today, Copilot in Intune offers enhanced policy management functionality. This helps IT teams quickly learn about settings and recommended values, and check if similar settings exist in other policies—reducing manual investigation and conflict risk. Soon, we’ll introduce a more intuitive prompting experience, allowing IT teams to use natural language to ask about policy details, assignments, and recommendations, which will simplify policy management and maintain clarity across configurations.

Organizations that have adopted the Intune Suite will also gain broader AI capabilities across multiple solutions. We are taking a step forward by introducing AI assistance with Copilot in Intune Advanced Analytics for multiple-device query to ease scripting and reduce potential errors. And administrators using EPM can reply on Copilot to understand the details and potential risks about applications before approving elevation requests, ensuring secure and seamless workflow continuity.

At Ignite, we’ll introduce Copilot for Windows Autopatch scenarios in Intune. These will feature AI-driven guidance through every update management stage—from planning and deployment tracking to issue identification and remediation. This generative AI experience provides actionable insights that enable teams to keep systems secure and up to date with minimal disruption.

Additional security controls for all device types

The latest security updates to Intune deliver proactive defenses against evolving threats, empowering IT teams with precision tools to help protect and streamline endpoint management.

Windows 365 Link allows users to work securely on a familiar Windows desktop.

• Windows 365 Link: Today, Microsoft announced introducing Windows 365 Link, the first Cloud PC device purpose-built by Microsoft to connect securely to Windows 365. It enables end users to work securely in a familiar Windows desktop with responsive, high-fidelity experiences. This new device is simple, secure, and managed in Intune alongside your other devices with familiar actions such as Restart or Remote Wipe and minimal applicable configuration policies given its small Windows-based OS footprint.
• Specialty devices: Adding to the range of specialty device support in the Intune Suite, Microsoft announced the ability to apply app protection policies to Apple’s new AR/VR device, Apple Vision Pro running Apple visionOS. With this enhancement, you will be able to configure app protection policies and Conditional Access with Microsoft Authenticator for Microsoft Teams. In 2025, this support will be extended to additional Microsoft 365 apps, as well as third-party apps via the extensibility of the Intune SDK. Intune also plans to release full mobile device management (MDM) support for visionOS and tvOS devices.
• EPM support for ARM64: In May 2024, Surface announced two new Copilot+ PCs: Surface Laptop, 7th Edition and Surface Pro, 11th Edition, built with the new Snapdragon ® X Elite and Plus ARM64 based processors for powerful performance and efficiency. Now, Intune EPM will support elevation requests from users of ARM64-based Windows devices in the same way it supports non-ARM64 based Windows devices. In case you missed it, learn about additional EPM and Enterprise Application Management enhancements for the Microsoft Intune Suite releasing now through the end of this calendar year.
• macOS: We will release the ability to store macOS certificates in the user keychain. Previously, certificates were automatically stored in the device keychain, regardless of user or device type.
• Microsoft Edge for Business: Edge for Business now brings enhanced security and productivity features, including encrypted shared passwords and AI controls, to your enterprise browser experience. With Intune, you can seamlessly manage all Edge-related functionalities, ensuring your organizational data stays protected.

As Intune continues to evolve, our commitment to cloud-native, AI-driven, and security-centric solutions remains the focus. We are excited for you to explore these new capabilities at Ignite and look forward to empowering your organization with solutions that make endpoint management simpler, smarter, and more secure.

Please join our Ignite sessions (virtually or in person) and continue to engage with us online at LinkedIn: aka.ms/IntuneLinked and X: x.com/MSIntune