Office 365

Introducing built-in mobile device management for Office 365

Share on Facebook Share on Twitter Share on Linkedin Share via OneNote Share via Email Print

Today’s post was written by Zohaib Haider Ali, senior product manager for the Office 365 team.

As more and more businesses adopt a bring your own device (BYOD) approach to phones and tablets, keeping corporate data secure on mobile devices is becoming a top challenge. As part of our commitment to making Office 365 the business productivity service suite with the most advanced security and compliance capabilities, we’re excited to announce new mobile device management (MDM) features built in to Office 365 that will help you meet this challenge.

These new MDM capabilities, set to roll out in the first quarter of 2015, will help you manage access to Office 365 data across a diverse range of phones and tablets, including iOS, Android and Windows Phone devices, so you can:

  • Help secure and manage corporate resources—Apply security policies on devices that connect to Office 365 to ensure that Office 365 corporate email and documents are synchronized only on phones and tablets that are managed by your company.
  • Apply mobile device settings—Set and manage security policies such as device level pin lock and jailbreak detection on devices to help prevent unauthorized users from accessing corporate email and data when a device is lost or stolen.
  • Perform a selective wipe of Office 365 data—Remove Office 365 corporate data from a device when an employee leaves your organization, while leaving their personal data, photos and apps intact.
  • Preserve Office 365 productivity experience—Unlike third-party MDM solutions that have replaced productivity apps with restrictive all-in-one apps for corporate email, calendars and documents, MDM for Office 365 is built directly into the productivity apps your employees know and love. You can set access policies to help secure company data while keeping employees productive.
  • Manage policies with ease—Administer mobile device policies directly from within the Office 365 administration portal, through an easy to use interface with wizard-based set up. View reports on which devices are connected to Office 365 and identify devices that have been blocked due to non-compliance.

These capabilities will be included with all Office 365 commercial subscriptions, including Business, Enterprise, EDU and Government plans.

Advanced mobile device and application management with Microsoft Intune

These MDM capabilities built in to Office 365 are powered by Microsoft Intune, our comprehensive device management and app management solution for phones, tablets and PCs.  Organizations that need protection beyond what’s included in Office 365 can subscribe to Intune and get additional device and app management capabilities, including:

  • Mobile application management—Enable your workforce to securely access corporate information using Office mobile apps while protecting your company’s data by restricting actions such as copy/cut/paste/save in your managed app ecosystem. Intune also extends these capabilities to existing line-of-business apps with the Intune app wrapper and enables secure viewing of content using the Managed Browser, PDF Viewer, AV Player and Image Viewer apps.
  • Manage devices from the cloud, or integrate with existing System Center Configuration Manager on-premises—Intune can manage devices from the cloud, with no infrastructure required, or Intune can be connected to System Center 2012 Configuration Manager to manage all of your devices including PCs, Macs, Unix/Linux Servers and mobile devices from a single management console.
  • Comprehensive mobile device management—Deploy certificates, Wi-Fi, VPN and email profiles automatically once a device is enrolled, enabling users to access corporate resources with the appropriate security configurations. You also have the ability to bulk enroll corporate devices to set policies and deploy applications on a large scale and can provide your users with a self-service Company Portal where they can enroll their own devices and install corporate apps.

The built-in MDM for Office 365 service we announced today, the advanced protection available with Microsoft Intune, or a combination of the two may be right for your organization depending on your needs.

Mobile computing is changing the world we live in. Microsoft is committed to delivering the best and most secure mobile productivity experiences on the planet. This includes creating great Office experiences across today’s mobile platforms and providing you with the tools to help keep your corporate data and apps secure.

For a deeper look into MDM for Office 365, watch this week’s Garage Series hosted by Jeremy Chapman:

— Zohaib Haider Ali

  1. which subscriptions will get the mobile device management features?

    • Hi Jeroen, these capabilities will be included with all Office 365 commercial subscriptions, including Business, Enterprise, EDU and Government plans.

    • The ability to apply device policy, conditional access, and selective wipe will be available for Windows Phone but only for ActiveSync for the initial release. We will extend these capabilities to Windows Phone Office Apps in the near future.

  2. Seriously, Windows Phone is not included from word go? Why not?

    • Hi Richard, we will have ActiveSync support for device policy, conditional access, and selective wipe for Windows Phone. We will extend these capabilities to Windows Phone Office Apps in the near future.

  3. As I understand it, Intune is a separate product, not included with Office 365. Will the MDM capabilities only be available to Office 365 subscribers who ALSO purchase Intune?

    • Hi David, Intune is a separate product. The first part of the blog introduces built-in MDM capabilities in Office 365 which are a subset of full Intune that are included in your Office 365 SKUs, without the need to purchase Intune. The second half of the Blog titled “Advanced mobile device and application management with Microsoft Intune” talks about additional capabilities beyond what is built-in that you receive with the purchase of Intune.

  4. Hi Zohaib and team
    This might be a really dumb question … but I’ll ask anyway! What happens if the user isn’t using Microsoft’s own Office apps to access content on Office 365? I’m not sure if that’s even possible but if a user is using say, LibreOffice, to access O365 content, are the controls described in the video still effective?

    • Hi John, conditional access would prevent OneDrive Content from being accessed through other sources when management policies are applied.

  5. Is it possible to use a private O365 account and an O365 business account in parallel on one device (as it should be in a Byod scenario) with all policies in effect when using the business side and free of them when using the private side? And if it is, will I have to install the Mobile Office apps twice or will one installed app support private and business usage?

  6. I was searching for the matter you shared through blog. It is quite interesting and obviously very informative for me.

Comments are closed.