What is Microsoft Intune and How Can it Protect Your Office 365 Data and Endpoints?
Prior to the computer age, company files were in paper format and were stored in filing cabinets, which wasn’t great for sharing, editing, or finding easily, but did have the advantage of restricting access.
In today’s digital age, most files and company assets are electronic, making them much easier to find via keyword search, eliminates the need for all those filing cabinets, and makes them accessible from anywhere and any device. But with that accessibility comes security challenges.
Company data is often created and stored in cloud services, like Office 365 or G Suite. These applications make it easy to collaborate on files and keep them in a single place instead of stored on multiple endpoint devices that can be lost, stolen, or suffer a hard drive crash.
90% of companies use cloud services and 60% of workloads are running in cloud-based solutions.
But, how do Sydney area businesses properly secure their data when it’s being accessed by multiple devices, both computers and mobile? How do you ensure using a bring your own device (BYOD) mobile policy isn’t leaving your sensitive information at risk?
Microsoft Intune is a mobile device management application that also protects data accessed by any endpoint. It addresses both the management of multiple smartphones and tablets used for access to business files and how to keep Office 365 data secure at the application level.
Understanding the Security Features of Microsoft Intune
The Microsoft Intune application can be subscribed to separately or comes packaged with Office 365 and Windows 10 as part of the Microsoft 365 solution.
Intune allows you to easily manage a BYOD mobile policy at your office and protect your data and endpoints. It goes farther than other mobile device management apps due to the integration with Office 365 and the ability to deploy security policies that can be enforced, even if devices aren’t registered.
Here are the things that Intune can help you do to secure both endpoint devices and your Office 365 cloud data.
Flexible Control over Windows, Apple, and Android Devices
When company email, files, and application login capabilities are on employee-owned devices, having the ability to manage access remotely, know who is logging in to which apps, and shut down access when needed are all vital to your endpoint security.
Microsoft Intune gives you the ability to separate the business from the personal on an employee-owned device and have the following security controls:
- Remotely grant or revoke access to company data
- Remotely lock or wipe a device that’s lost or stolen
- Remove access to all company data and apps remotely if an employee abruptly leaves
- Log which devices have access to your data and when they’re accessing it
- Push automatic updates and security patches
- Deploy new applications across all devices at once
Security for Office 365 Data
Intune gives you more control over your Office 365 data by having the ability to enact security policies at the application level that keep information safe regardless of what devices are accessing that information.
This grants an additional layer of security in case a mobile device that hasn’t yet been added to the platform is logging in to your Office 365 business account and trying to access company data.
You can control security for multiple applications throughout the Microsoft world, including Word, Teams, Excel, OneNote, and many others.
The data protection policies that Intune allows you to put in place for Office 365 and Microsoft applications include:
- Ability to apply data loss prevention without managing the user’s device
- Restrict the ability to copy/paste or save as
- Enable application level Conditional Access
- Require web URLs to open inside the secure Microsoft browser only
- Enable app protection without needing to enroll a device
Conditional Access Controls
Intune allows you to create conditional policies that only allow authorised users access to your business data and that can dictate how they can use it within Office 365 as well as other mobile apps.
Data access and handling policies can be based upon conditions such as:
- Device state
- App sensitivity
- Real-time risk
For example, if a user is traveling outside the country, you could set a policy that allows read only access to data, with no sharing or copying capabilities.
Intune goes beyond other mobile device managers by giving you the ability to add app protection for mobile apps whether or not they are enrolled in Intune. You can protect apps that are:
- Enrolled in Microsoft Intune
- Enrolled in a third-party mobile device management solution
- Not enrolled in any mobile device management solutions
Learn More about Getting Microsoft Intune for Your Office
GKM2 can show you exactly what Intune can do for your office mobile device program and data protection within Office 365. Start securing your endpoints and data with an all-inclusive solution.
Contact us today for a free consultation. Call +61 2 9161 7171 or reach out online.