Blog Post

Microsoft Intune Blog
6 MIN READ

Microsoft introduces a preview of Copilot in Intune

Stefan_Kinnestrand's avatar
Mar 13, 2024

Microsoft Intune is at the cusp of transforming endpoint management and security with Microsoft Copilot, introducing new ways for organizations to help protect and drive productivity for your workers and simplify IT and security operations. April 1, 2024 will mark the beginning of a new era of endpoint management with the public preview of Copilot in Intune.

Organizations are going through a paradigm shift fueled by AI. What everyone wants to know is: will generative AI really transform work, and how? Early feedback about Copilot for Microsoft 365 indicates 70% of users said they were more productive. Plus, organizations of every size across every industry around the globe feel the urgency and pressure of protecting and defending against increasingly sophisticated attacks. As mentioned by Vasu Jakkal in today’s announcement about the general availability of Microsoft Copilot for Security, professionals are faster and more accurate when using Copilot. The most recent Copilot for Security economic study shows amazing outcomes: experienced professionals are 22% faster with Copilot and across all users surveyed, over 90% want to use Copilot the next time they do the same task.

For Stefan Lenz, Head of IT Supply at Audi AG, a cloud native approach to endpoint management enabled his organization to manage all endpoints from one place, which helps prepare for Copilot adoption. He shared,

”What Intune gives us is this single pane of glass where you can look into and manage all the devices. This provides a lot of benefit for IT because it saves us effort with manual processes and we can move forward and put our resources to other activities. It also enables the transition to a world where we can use artificial intelligence with Microsoft Copilot, with GitHub Copilot, and much more, for user productivity.”

Copilot in Intune

Copilot in Intune provides AI powered insights that are tailored for organizational needs, such as quickly resolving end user issues and ensuring policies and settings are configured to optimize business outcomes safely.

At the best of times, IT admins and security professionals can spend significant effort managing policies and troubleshooting device and app related issues. This can require extensive research across multiple systems and sorting through an extraordinary amount of data. With Copilot in Intune, they can now expedite troubleshooting and simplify policy management with the ease of natural language prompts and guidance.

Screenshot of Copilot in Intune with the options for policy management and troubleshooting.

Let's look at the scenarios that Copilot in Intune will support:

Full device context for efficient troubleshooting

Today, admins and analysts need full visibility of their endpoint estate, including device status, app, and device issues. Attaining the level of depth and insight needed for troubleshooting can be time consuming, challenging, and laborious. Instead of navigating through multiple reports and compiling data from various sources, Copilot can retrieve the required information in Intune, help analyze the data, and provide troubleshooting guidance across the full estate of devices including Windows 365 Cloud PCs. Copilot can be used to find necessary information about Intune-managed devices, quickly analyze error codes associated with apps, policies, updates, scripts, or enrollments, and then compare settings between devices to identify potential misconfigurations. The value for IT and security operations teams, as well as end users, is a boost in productivity fueled by simplification and speed.

Screenshot of Copilot in Intune aiding with device troubleshooting.

AI-assisted policy summaries simplify the complex

When admins need to review endpoint management and security policies in Intune, be that for compliance or governance, Copilot can provide a summary of policy settings and security impact. This allows administrators and analysts to quickly grasp the purpose and scope of any existing policy without the need to manually go through each setting and its assignments. This is especially useful for policies that are not often edited or reviewed and when teams are collaborating on policy management with other IT and security teams.

 

 

Policy assessment with Copilot in Intune not only saves time, but also simplifies the process for understanding complex details, making it easier for both new and experienced administrators to manage and govern their endpoint management environment effectively.

Screenshot of Copilot in Intune providing information of the Intune setting for All Removeable Storage classes: Deny all access.

AI guidance based on best practices

Copilot is a powerful tool for creating any policy in the Intune settings catalog. As new settings are added, Copilot can provide guidance to the administrator on what each setting does, how it works, and whether there are any recommended values for it based on Microsoft best practices. With this capability, time is saved by eliminating the need to navigate through documentation or to search for other resources. Copilot provides immediate guidance in the workflow and context of where policies are formulated in Intune.

Copilot for Security provides comprehensive protection and productivity with Intune

Intune is an essential part of the April 1, 2024 general availability of Copilot for Security. Together, Copilot provides a way to swiftly respond to threats, incidents, and vulnerabilities with complete device context in concert with Microsoft Security solutions. This comprehensive approach reduces the complexity of interacting with multiple systems and admin centers to bring together a centralized, generative AI experience and vast information quickly. IT and security teams can all use Copilot for Security to fetch device and user properties and security data when investigating a suspicious or compromised device.

Screenshot of two listed devices that the user Martin has enrolled in Microsoft Intune, along with details and a link to verify the information through Troubleshooting and support page.

Expanding details shows this:

Screenshot of the expanded details list of Last Check-in Date, Compliance Status, and Additional Details.

Microsoft is also driving cross-product integration. Admins can view useful endpoint data from Intune in the Microsoft Defender device security summary—right in the context that SOC analysts use daily.

Learn more about Microsoft Copilot for security at aka.ms/CopilotForSecurity or contact your Microsoft sales representative.

Note: The public preview of Copilot in Intune will be available to organizations who subscribe to Copilot for Security.

If you missed us at the Microsoft Secure digital event, watch the keynote and extended Copilot demo.

Protect corporate data in the age of AI

At Microsoft Secure, we highlight how security for AI is top of mind for CISO and CIOs. Increasingly, organizations need to ensure data protection is in place to secure their sensitive information, including when workers use new AI apps and technology.

Intune already plays a critical role with protecting the apps and endpoints workers use every day. With the emergence of generative AI and Copilot for Microsoft 365, IT and security professionals can have the confidence that their data is protected across managed and unmanaged devices. Intune enables organizations to apply preventative controls such as app protection and configuration policies on any mobile device, as well as Windows 11 and 10 PCs. Our existing data loss, leak protection, and prevention controls protect your AI interactions on all managed endpoints across platforms. Learn more from this blog post about how Microsoft Security discovers, protects and governs AI usage.

Further simplification and endpoint security with the Intune Suite

With the latest additions to Microsoft Intune Suite now available, including Cloud PKI, Enterprise App Management, and Advanced Analytics, organizations can consolidate and simplify endpoint management and security tools. While we have full value of the Intune Suite available to enterprise customers, we’ll bring this to government agencies on April 1, 2024 with the general availability of Intune Suite for government. Over time, we’ll continue to add more functionality and deliver more value.

  • Microsoft Intune Endpoint Privilege Management will add support approved elevations on April 1, 2024. This new functionality will enable end users to request elevated privileges that can be approved by the support team. It allows IT admins to empower standard users and give them the opportunity to request elevated privileges for a given app not specified by existing rules.
  • Microsoft Intune Remote Help will add support for Mac full control on April 22, 2024. This new functionality will provide full control on Mac devices to reduce time to mitigation. IT help desks will have the ability to not only view Mac devices when using Remote Help, but also be able to control them remotely as well.

    Remote Help provides full remote control for macOS devices.

The best way to prepare for this new AI era is to adopt a cloud native endpoint management approach. This allows organizations to manage endpoints in one place and consistently across platforms. It’s also foundational for consolidating endpoint management and security solutions offered with the Intune Suite, helping organizations eliminate the need for separate solutions, reducing overall expenses, centralizing data, and strengthening their security posture. Finally, a cloud native approach allows organizations to prepare to get the most out of Microsoft Copilot with AI and automation that can simplify operations and improve end to end security. Be sure to follow up by watching this video about Audi’s experience:

Join us on March 20, 2024 for Microsoft Intune edition of Tech Community Live! Here, get your questions answered on Intune and the Intune Suite by product experts and customer adoption teams. To learn more, see Tech Community Live: Microsoft Intune – RSVP now.


Stay up to date! Bookmark the Microsoft Intune Blog and follow us on LinkedIn or @MSIntune on X to continue the conversation.

Updated Mar 19, 2024
Version 3.0
  • davidallen's avatar
    davidallen
    Brass Contributor

    Some of these "AI generated insights" aren't incredibly helpful when the information is already displayed or a single click away. Still, excited to see how this develops over time.

  • vineeshchelora's avatar
    vineeshchelora
    Copper Contributor

    The Copilot summary shows that this policy is configured for Windows platform, but in the policy properties the platform is macOS. Copilot got the most important detail of the policy wrong?

  • David_Swenson's avatar
    David_Swenson
    Steel Contributor

    Stefan_Kinnestrand Shravana_Mukherjee, when will these features be available for Intune Suite subscribers without the need for a Security Copilot license? The issue with security copilot is that it is consumption based and adds another variable to the billing profile of a Managed Services Provider/Microsoft Cloud Solutions Partner. Intune Suite users should have this included. 

  • David_Swenson's avatar
    David_Swenson
    Steel Contributor

    Shravana_Mukherjee & Stefan_Kinnestrand , returning to my unanswered question above - WHEN will this be available as part of the Intune Suite? It IS NOT reasonable to ask MSPs to plan & negotiate the purchase of Security Copilot on a Pay as You Go system with their customers. I am looking forward to Microsoft's plans to make this a sustainable and reasonable solution included in the already added Intune Suite Add-On to Intune Plan 1. 

  • vineeshchelora 

    > The Copilot summary shows that this policy is configured for Windows platform, but in the policy properties the platform is macOS. Copilot got the most important detail of the policy wrong?

     

    Thank you for your comment. We have fixed the image. We are continuously working on improving the accuracy of the skills.