ENFORCE ENROLLMENT, ACCESS, AND APPLICATION CONTROLS USING OFFICE 365 MDM OR INTUNE
The benefits of employees accessing company information while mobile is undeniable. So too is the risk of insecure remote access. ActiveSync Remote Device Wipe has been adequate for many organizations, but as data beyond email is accessed, Microsoft has methods to solve the problem in layers.
Microsoft provides MDM solutions in Office 365 and/or Intune. With Office 365, the essentials are included with any E3 or E5 plan. Intune steps up the granularity of control and enables devices to be managed without actually enrolling them.
With Office 365 MDM, administrators can completely wipe a device (back to factory resets) OR, selectively wipe data and apps that have been published by the organization. With Intune, the latter may be done without even enrolling the device.
Below are the main differences between MDM for Office 365 and Microsoft Intune:
For MDM for Office 365, the cost is included in Office 365 commercial subscriptions (Business, Enterprise, EDU and Government), while Microsoft Intune is a paid subscription
(single $6 per user per month or with the Enterprise Mobility Suite $7 to $12 per month).
2. Device Management
MDM for Office 365 manages devices through the Office 365 admin center while Microsoft Intune manages devices through the Microsoft Intune Cloud console or the System Center Configuration Manager console.
3. Supported devices
MDM for Office 365 supports IOS, Android, Windows Phone while Microsoft Intune supports IOS, Android, Windows Phone and Windows.
MDM for Office 365 is limited to the following: Conditional access, Device management, Selective wipe. Microsoft Intune includes all of the MDM for Office 365 capabilities, plus the following: Advanced mobile device management, Mobile application management, PC management.
See a thorough side by side comparison
For other Microsoft Security solutions see our main Security page.