You’ve asked how to manage mobile and bring-your-own-device (BYOD) scenarios. With mobile device management (MDM), of course! Device management is an important part of a larger security strategy, so we’ve collected resources to help you get started or improve with MDM. Learn about deployment and management of Windows and various mobile platforms, endpoint and app management, update management, and how to handle management and deployment as securely as possible.
Time to learn: 136 minutes
READMobile device management for Windows overview Start managing company security policies and business applications while maintaining user privacy on personal devices. Check the MDM security baseline for your Windows versions as well as Windows editions and licensing requirements for Windows built-in management. Windows + Server + Policies + Security + Enrollment + Management + Protocol + Entra + FAQ |
READWhat does device management mean? Microsoft Intune is designed for management of mobile devices and applications. Learn about its features, benefits, and capabilities to manage various platforms including Windows. Choose the management solution that’s right for you, in the cloud or on premises. Intune + MDM + MAM + Apps + Windows + Android + iOS + iPadOS + Linux + macOS + ConfigMgr + Co-management |
|
READDeployment guide: Manage devices running Windows Here’s how to use Microsoft Intune to protect and manage Windows apps and endpoints. First, check your prerequisites and plan for deployment. Then, create compliance policies, configure endpoint security and device settings, and set up authentication methods. Finally, deploy apps, enroll devices, and run remote actions. Don’t forget to check out the next steps and help for employees and students. Intune + Admin Roles + Compliance + Policies + Access + Security + Apps + Authentication + Entra ID + Defender |
WATCHProvide access to on-premises resources for mobile devices using Microsoft Tunnel Do users at your organization need access to resources that are located on premises? Learn about Microsoft Tunnel, which provides a secure, simple, and zero-trust-based solution for your mobile devices. Watch the explanation of its architecture, installation, configuration, and deployment for iOS and Android. Access + Tunnel + Cloud + On-premises + iOS + Android + Security |
Enroll mobile devices in Microsoft IntuneEnrollment guide: Enroll Android devices in Microsoft Intune (17 mins) Learn about the multiple options for enrolling Android devices in Microsoft Intune. These include BYOD devices with a work profile, Android Enterprise corporate owned dedicated devices and corporate owned fully managed devices, Android Enterprise corporate owned work profile, Android Open Source Project, and Android device administrator. Read an overview of the administrator and user tasks for each option and download visual guides. Enrollment guide: Enroll iOS/iPadOS devices in Microsoft Intune (30 mins) Choose the best way to enroll iOS and iPadOS devices in Microsoft Intune. Learn the difference among automated device enrollment (ADE) (supervised), Apple Configurator enrollment, and user and device enrollment. Find a list of administrator and user tasks for each option in this official documentation. Intune + Android + iOS + iPadOS + BYOD + Enterprise + AOSP + ADE + Company Portal |
Manage apps with Microsoft IntuneMicrosoft Intune app management (1 min) Easily manage apps on company-managed devices, whether they are organization-owned or personal. This functionality is called mobile application management (MAM). Watch this brief introduction to the topic before diving deeper! What is Microsoft Intune app management? (9 min) Start with the basics of MAM here. With Microsoft Intune, you can publish, push, configure, secure, monitor, and update mobile apps across your organization. Whether or not you choose to couple it with device management, you’ll find a range of capabilities by platform, a get-started guide, and additional functionalities to consider. Data protection for Windows MAM (6 min) Protect corporate data on personal devices used for work. Learn about Conditional Access compliance and threat defense health. Then create important Intune app protection policies (APP) with this guidance. Note: Windows MAM is supported in government cloud environments. MAM + MDM + LOB + Apps + M365 + iOS + Android + Policies + Compliance + Admin Center + ACP + APP + GCC High + DoD + Security + Conditional Access + MTD + Data Protection + Health Checks |
BOOKMARKMicrosoft Intune prescriptive guidance library Save this library of interactive tutorials to learn how to use Intune as your MDM solution. Learn how to configure Conditional Access, deploy and manage line-of-business (LOB) applications, set up Windows Autopilot for new device delivery, update Windows from the cloud, and enable Universal Print. Intune + MDM + Security + Apps + Autopilot + Updates + Universal Print |
WATCHBalancing security and flexibility when implementing Windows Defender Application Control (WDAC) Consider WDAC as part of your MDM strategy. It’s a more comprehensive solution than AppLocker. Check out the video and chat comments for tips on how you can convert AppLocker policies to WDAC policies and get started with WDAC today. WDAC + Intune + Defender + MDE + App + Security + Allowlisting + Policies + Managed Installer |
READDeploy WDAC policies using mobile device management (MDM) If you use Microsoft Intune, configure WDAC with built-in policies. To customize the available configuration, you can configure a profile using custom Open Mobile Alliance-Uniform Resource Identifier (OMA-URI) settings. Follow our step-by-step guide to deploy or remove WDAC policies. WDAC + Intune + OMA-URI + CSP + Policies + AppLocker |
Go deeper on the following MDM-related topics:
- Skilling snack: Go cloud first with Windows device management
- Skilling snack: Windows Autopilot 101
- Skilling snack: Windows Autopatch
- Skilling snack: Best practices for shared and frontline Windows devices
- Skilling snack: Windows application security
Thanks for putting in your order for this skilling snack on mobile device management! Leave us a comment below or in our skilling snack library with additional topics you’d like to savor. Remember that we add fresh items to the menu every other week. Tell a friend.
Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us @MSWindowsITPro on X and on LinkedIn. Looking for support? Visit Windows on Microsoft Q&A.