What’s new in Microsoft Endpoint Manager – 2110 (October) edition

New updates to the experience for Android and iOS users this month show our continued investment in your organization’s productivity across all device types. See the complete list in the What’s New in Endpoint Manager for 2110 (October) release for details. As usual, I appreciate your feedback. Comment on this post, connect with me on LinkedIn, or tag @RamyaChitrakar on Twitter.

Android Open Source Project (AOSP) device management helps frontline workers collaborate while providing company data security through Endpoint Manager

Earlier this week we announced that Endpoint Manager will now manage and protect devices that run AOSP without Google Mobile Services (GMS). RealWear will be the first device run on the AOSP platform and are used largely to provide frontline workers with a way to collaborate using Teams in a safe, hands-free manner. The management capabilities that are releasing in public preview include the ability to provision devices as user-associated devices or shared devices and the ability to deploy device configuration and compliance policies. AOSP is a new enrollment type so IT admins can target specific enrollment profiles with policies specific to the data protection and user scenario needs that specialty devices may have without impacting Android Device Administrator and Android Enterprise managed devices. For more on AOSP management, see:

• Microsoft adds Android Open Source Project device management
• 3 ways to support frontline workers in a hybrid world

Public preview of Shared iPadOS settings to support temporary sessions

Do you use shared iPads in your work environment? I often see them in medical offices, manufacturing plants, and schools. While this model helps reduce costs, it also increases the need to enhance an organization’s security posture to avoid new risks that have been introduced.

For those of you who are using or deploying shared iPads, we’re introducing settings for iPadOS that support temporary sessions on shared iPads. These new settings have targeted policies and apps, and the settings can then be erased upon sign-out. Each time a user signs into a temporary session, it will be like signing into a new device, and a managed Apple ID is not required.

Configuring these settings gives you greater security for shared iPads. For iPadOS 13.0 and higher, in Shared iPad mode you can set the maximum seconds of screen lock before a password is required. For iPadOS 14.5 and later, in Shared iPad mode you’ll also be able to configure a guest welcome pane and set the maximum seconds of inactivity until the user is logged out.

Here is where you configure the settings in the Endpoint Manager admin center:

And here’s what the user sees when they are ready to sign on to the shared iPad:

Learn more about Endpoint Manager updates for new Apple systems.

Let us know what you think

Next month is Microsoft Ignite and you know what that brings – lots of new videos, customer stories, and more! I’ll do a special "What’s new for Microsoft Ignite" to reflect on all we’ve shared. As always, share your feedback so we can continue to invest in improving the user experience and simplifying IT administration in ways that align with your biggest needs. Please share comments, questions, and feedback by commenting on this post, connecting with me on LinkedIn, or tagging @RamyaChitrakar on Twitter.