One of the important security management responsibilities of Microsoft Intune is the ability to issue certificates to devices using the Simple Certificate Enrollment Protocol (SCEP). SCEP is an industry standard protocol implemented by most certification authorities to simplify large scale certificate issuance. We are pleased to announce Intune support for SCEP request validation using third-party certification authorities.Entrust Datacardis the first Microsoft partner solution to support this interoperability.
Digital certificates have become increasingly popular to identify a user or device before granting access to corporate resources such as Wi-Fi and VPN access, web applications, and cloud storage. They are also used to encrypt and sign email, so recipients know they can trust the sender and only the intended recipients can read the message. Certificate-based authentication prevents untrusted devices (devices without certificates issued from a trusted source) from accessing the network, which is important with widespread use of bring-your-own-device (BYOD) and corporate-owned mobile devices in the modern workplace. Some of these devices may belong to external partners (contractors, vendors, temporary workers) who have legitimate requirement to access the corporate network but appear as “unknown devices” to the organization. To protect against ever-increasing and ever more sophisticated attacks, IT must ensure not only the right user has access to the right data—but that they’re also using the right device.