First published on CloudBlogs on Dec 03, 2015
Every organization is wrestling with the same cost vs. benefit scenario: The benefit of a mobile workforce is that workers can access the apps and data they need wherever they go. The downside is that workers are accessing apps and data wherever they go. These countless entry points to an infrastructure are a huge security challenge, and maintaining control over cloud-based apps and data is essential. I believe Microsoft has the only answer for these needs. Two weeks ago , Satya spoke in depth about Microsoft’s broad security posture . His discussion showed a comprehensive approach to cyber-security that actively addresses the reality of the struggle between mobility and security. Central to this security strategy is the Enterprise Mobility Suite’s multi-layered approach to protecting corporate resources . Right now, over 80% of employees are using unapproved SaaS apps to go around IT and do their jobs more effectively. That’s scary. Even scarier: 75% of intrusions can be tracked back to weak or compromised user credentials. The employees at fault for these problems aren’t bad people, and they aren’t intentionally trying to put their company at risk. They’re simply trying to do their jobs, and the company-approved tools don’t come close to meeting their needs. One of the things I love the most about Microsoft’s security strategy is our commitment to delivering it with the best possible end-user experience. When workers have best-in-class apps with native, seamless protections baked right in, they can be helped and guided on how to use and protect that data. We’ve built our security strategy to be integrated and functional end-to-end – this means employees are happy and productive using the apps and devices they love, and IT has one less thing to worry about . When it comes to productivity apps, nothing beats Microsoft Office. The deep integration between Office 365, the Office mobile apps, and the Enterprise Mobility Suite represents the gold standard of seamless protection for corporate resources – both in the cloud and on mobile devices. The rapid growth of EMS has been a major headline in recent months, and I credit a big part of this to our emphasis on building an incredible ecosystem of SaaS and mobile apps with native support for Azure Active Directory, Microsoft Intune Mobile Application Management (MAM), and Azure Rights Management Services. In my post two weeks ago highlighting our big EMS announcement , I noted that other major software providers are now delivering iOS and Android apps with native support for Intune MAM. Below I’ll examine what to expect from these apps, as well as our approach to developing them.
Every organization is wrestling with the same cost vs. benefit scenario: The benefit of a mobile workforce is that workers can access the apps and data they need wherever they go. The downside is that workers are accessing apps and data wherever they go. These countless entry points to an infrastructure are a huge security challenge, and maintaining control over cloud-based apps and data is essential. I believe Microsoft has the only answer for these needs. Two weeks ago , Satya spoke in depth about Microsoft’s broad security posture . His discussion showed a comprehensive approach to cyber-security that actively addresses the reality of the struggle between mobility and security. Central to this security strategy is the Enterprise Mobility Suite’s multi-layered approach to protecting corporate resources . Right now, over 80% of employees are using unapproved SaaS apps to go around IT and do their jobs more effectively. That’s scary. Even scarier: 75% of intrusions can be tracked back to weak or compromised user credentials. The employees at fault for these problems aren’t bad people, and they aren’t intentionally trying to put their company at risk. They’re simply trying to do their jobs, and the company-approved tools don’t come close to meeting their needs. One of the things I love the most about Microsoft’s security strategy is our commitment to delivering it with the best possible end-user experience. When workers have best-in-class apps with native, seamless protections baked right in, they can be helped and guided on how to use and protect that data. We’ve built our security strategy to be integrated and functional end-to-end – this means employees are happy and productive using the apps and devices they love, and IT has one less thing to worry about . When it comes to productivity apps, nothing beats Microsoft Office. The deep integration between Office 365, the Office mobile apps, and the Enterprise Mobility Suite represents the gold standard of seamless protection for corporate resources – both in the cloud and on mobile devices. The rapid growth of EMS has been a major headline in recent months, and I credit a big part of this to our emphasis on building an incredible ecosystem of SaaS and mobile apps with native support for Azure Active Directory, Microsoft Intune Mobile Application Management (MAM), and Azure Rights Management Services. In my post two weeks ago highlighting our big EMS announcement , I noted that other major software providers are now delivering iOS and Android apps with native support for Intune MAM. Below I’ll examine what to expect from these apps, as well as our approach to developing them.
Identity and Mobile Application Management
I’ve written many times before about the importance of using identity as the control plane in a mobile-first, cloud-first world. Everything should be based on the identity of the user: Access to cloud services, on-premises resources, mobile apps, etc. By leading with identity, IT can assign permissions and policies to user accounts, devices and apps can be associated to those accounts, and IT can use identity to see where and how company data is being used. With EMS, we offer a clean separation between corporate and personal resources – and, wow , does this world need it! People are constantly multi-tasking from their mobile devices (you’re probably doing it while you read this), and, industry-wide , consider these two stats: 61% of workers mix personal work tasks on a device, and 58% of senior managers have accidentally sent sensitive information to the wrong person. With EMS’s powerful security integrated directly into O365 and the Office mobile apps, keeping your organization secure is incredibly simple. This is the process: Employees enter their corporate credentials on a device and the right protections just happen . If an employee logs in with her personal account, no corporate policies are applied and no corporate apps/data are available. EMS helps protect employees (and their employers and customers!) from the common, innocent little mistakes that lead to catastrophic corporate breaches and data loss.The big news in this post is that we have extended this capability to allow other software providers to provide these protections as well.
By integrating the Intune App SDK, native mobile apps can now be managed from EMS/Intune just like the Office mobile apps, as well as share data in a protected way with Office and other apps that have the same integration. Included below are details about apps that have been developed by four key partners.Adobe
When my team was evaluating who would be among the first companies we wanted to partner with on Intune MAM, Adobe was an easy choice. The reason was simple: Our customers demanded it! Everyone uses PDFs, and companies need to know that the data in those docs is protected. A crucial part of Adobe’s mission to modernize how people and organizations get work done with documents is making sure that these docs can be accessed quickly, easily, and securely from anywhere. Adobe Acrobat Reader now provides the native protections available with Intune. You can learn more via Adobe’s announcement , or you can download Adobe Acrobat Reader for Microsoft Intune from Google Play . The iOS version is coming soon.Box
Microsoft and Box have had a strong corporate alliance for a long time, and we share common goals around empowering collaboration from any device. Box was a top request from Intune MAM customers because of how frequently they use Box along with the Office mobile apps, so we were thrilled to find that Box saw the same value in integration with our SDK. Box for EMM keeps your employees connected and collaborative while letting you centrally manage security, policy, and provisioning on any mobile device. Box for EMM with Intune is the only way that customers can fully manage and protect Office files stored by Box on mobile devices. For more information, Box has blogged about our work with them , and they’ve also produced a deployment guide for IT administrators . Box for EMM with Intune is available now on iOS .Mobile Application Development Platforms
In addition to supporting the very best mobile app providers, we also support our customers’ need to customize and build their own mobile apps to empower their workforce. This is why we teamed up with Visual Studio to develop a way to support mobile application development platforms (MADP). You may recall that this was previewed at the Microsoft Connect(); //2015 event . We are building rich integrations with the Visual Studio and SAP development environments, as well as support for technologies like Cordova and Xamarin . We are making it easy for any app to provide the native protections available with Intune’s App SDK.SAP
One of our most strategic investments is with SAP . Many of our customers told us that SAP is an important part of their mobility solution, so we reached out to them about working together. We found out that they had heard the same thing about us! As a result, our two companies quickly identified many ways we could collaborate to better support our customers. SAP has a unique approach to providing a personalized, responsive and simple experience for SAP software with the SAP Fiori user experience. There are now 700+ Fiori apps, plus many more custom apps Last week, SAP announced the upcoming ability for customers to create custom mobile versions of SAP Fiori apps with Intune MAM built in. Using the SAP Fiori mobile service, Intune and SAP customers will be able to easily integrate the Intune App SDK Cordova plugin. Our collaboration joins the advanced data protection capabilities of Intune with the award winning SAP Fiori UX – all delivered under SAP’s mobile cloud service in a way that is easy for both IT Pros and developers. Senthil Krishnapillai , VP and head of Mobile Secure Development & Products at SAP, believes that allowing customers to build rich mobile apps using SAP’s mobile offerings coupled with Microsoft technologies is the best way to leverage their customer’s current investments while offering a great mobile user experience. You can find more information on the partnership via SAP’s blog . Also: Right now we are working with SAP on some really great scenarios, and SAP plans to introduce features that streamline development of SAP-powered mobile apps in Visual Studio. You can watch this channel 9 video (and read this blog from the Virtual Studio team) to learn more.Xamarin
A big challenge customers face when delivering mobile apps to their employees is the always-looming need to support apps for all of the major mobile device platforms. This challenge led us to reach out to Xamarin about working together. The benefit to our users was obvious: With Xamarin, developers can build native apps quickly with one shared C# codebase for iOS, Android, and Windows platforms – and they can then automatically test apps on Xamarin Test Cloud’s 2000+ devices. Xamarin also lets developers address issues immediately with Xamarin Insights ’ real-time app monitoring. Right now, after working closely with the Xamarin team, we are offering a preview of a Xamarin component which allows app developers to quickly and easily add native Intune MAM support to any Xamarin app. You can find out more in Xamarin’s press release . You can also check out this Channel 9 video showcasing the Xamarin component for Intune App SDK . If you are interested in joining the preview program for Cordova or Xamarin, contact us today . We’ll contact you via e-mail (you can refer to our privacy statement for reference) and get you set up.Additional Partners
Our customers use a variety of technologies to view and share their data, so we can’t limit our Intune ecosystem to just a few great companies. Our strategy is to create a vibrant ecosystem of the industry leaders in each category. With that strategy in mind, in addition to the partners described above, I’m excited to announce that Acronis, Citrix, and Foxit are also delivering native support for Intune MAM – with more partners on the way!- Acronis delivers cloud and on-prem solutions for backup and disaster recovery, as well as secure file access and sharing. Acronis Access Advanced is a popular enterprise file access, sync, and share solution. Their new integration with Intune enables IT administrators even more control over corporate data and sharing with the Office mobile apps. You can find out more in Acronis’s press release .
- Citrix is one of our industry’s top providers of mobile workspace solutions, and Citrix ShareFile is a popular secure file sharing and storage system. You can find more information about Intune integration and protections for Citrix ShareFile in Citrix’s blog announcement .
- Foxit is a provider of fast, affordable, and secure PDF solutions. Foxit MobilePDF Business has all the great capabilities of their consumer PDF viewer with additional protections and capabilities for corporate users – including native Microsoft Rights Management support and now Intune MAM integration. You can find more information in Foxit’s press release.
Published Sep 08, 2018
Version 1.0Brad Anderson
Iron Contributor
Joined September 06, 2018
Security, Compliance, and Identity Blog
Follow this blog board to get notified when there's new activity