This post has been republished via RSS; it originally appeared at: Microsoft Tech Community - Latest Blogs - .
For organizations that strive to achieve a Zero Trust security model, reducing the risk of cyber-attacks involving unmanaged devices is mission-critical. Microsoft is expanding the device types that Microsoft Intune can manage to specialty devices. With the launch of the Microsoft Intune Suite, IT can proactively manage and configure purpose-built devices that may be widely used across the organization, such as Teams Room and AR/VR devices, wearable headsets, and other devices that may be unattended.
Device diversity continues to grow as employees use an assortment of devices as part of their job. Each device increases management responsibilities and the attack surface. In a recent survey by ESG with Microsoft, over 34 percent of respondents experienced several cyber-attacks due to poorly managed endpoints, and 54 percent noted that more than 20 percent of their endpoints are unmanaged.
Today we're announcing that the management of specialty devices will be an integral part of the new Intune Suite, providing organizations access to advanced device management and configuration tools needed to help mitigate risk and attack surface.
Key device management capabilities
All device types are not created equal. A consistent way to manage and protect sensitive information and deliver exceptional user experiences is essential to ensuring devices are secure and compliant. Included in the Intune Suite, Microsoft Intune capabilities across specialty device platforms help simplify endpoint management, protect hybrid and frontline workforces, and empower IT to deliver exceptional user experiences based on:
- Provisioning – Create a device enrollment profile with settings applied to a device during enrollment, such as Wi-Fi, VPN, email, and security policies. Create profiles for single user or shared multiuser devices.
- Certificate and Wi-Fi management – Configure settings and security policies based on the device enrollment profile.
- Conditional Access – Improve security by ensuring only authorized devices and users can access corporate resources under specific conditions such as device type and location.
- Device compliance – Ensure devices are compliant with regulatory requirements and company policies.
- App lifecycle -- Deploy, configure, add, and retire applications.
- Remote actions – Troubleshoot and resolve device issues without requiring physical access to the device for actions such as remote lock, wipe, reboot, and reset.
Specialty devices used on the frontline
Organizations increasingly use AR/VR technology for business scenarios such as training, remote support, and simulations. At Meta Connect 2022, Satya Nadella and Mark Zuckerberg announced the plan to partner to deliver immersive experiences and for Microsoft Intune to manage and protect Meta Quest devices.
With the Intune Suite available now, we're ready to support customers who want to deploy and manage Meta Quest 2 and Meta Quest Pro headsets in their organization. Microsoft Intune support for Meta Quest headsets will be made possible through a new integration into Meta Quest for Business, to be released later this March. As promised, this will give organizations confidence that the security and management options they expect from PCs and mobile devices carry over into VR.
Microsoft has built a new way to manage devices that run Android Open Source Project (AOSP) since these devices don't have access to Google Mobile Services for essential key management capabilities. The HTC VIVE Focus 3 VR device that runs on AOSP can now be managed and configured with Intune. Capabilities include configuring device settings, remote actions, and enforcing security policies as part of the enrollment experience. Administrators can configure device settings such as screen timeout and encryption, and password security policies in a way similar to how Intune currently manages and protects Microsoft HoloLens.
While device diversity continues to evolve, specialty devices, such as wearable devices from RealWear, are an important and growing component of today's end-user computing landscape. For use on the frontline or in the hands of workers anywhere, today's world of work requires constant collaboration using these purpose-built devices and applications such as Microsoft Teams. Now organizations can safely deploy and manage settings and apps, knowing devices and data are more secure, and users have consistent and productive experiences.
Unattended and other meeting room devices
This same protection is required for large screen and other devices used in the workplace. Endpoints such as Printers, Teams Room devices, including Surface Hubs are part of your device landscape and therefore need to be considered a point of potential vulnerability unless managed. Don't let these devices be a blind spot in your security and IT plans. The capabilities of the Intune Suite will help simplify your endpoint management, increase your security posture, and improve user experience on their apps and endpoints.
Organizations that subscribe to Intune and the Microsoft Intune Suite will automatically have access to manage specialty devices in Intune without additional licensing requirements. Intune subscribers that don't yet have plans to adopt the Intune Suite but need to manage and protect specialty devices now have the option to purchase a new plan, Intune Plan 2.
Launching today, Intune Plan 2 also includes Microsoft Tunnel for Mobile Application Management, a micro VPN solution for BYOD mobile devices. We'll add more functionality in the future, including using a single device with multiple company accounts in apps such as Microsoft Teams and Microsoft Outlook. To explore the new Microsoft Intune plans, go here.
Learn more about the Microsoft Intune Suite and specialty device management
Read the launch announcement, check out the newest episode of Microsoft Mechanics, and take advantage of two amazing opportunities to explore Intune capabilities and use cases:
- Microsoft Secure – March 28, 2023 (digital)
Learn and share comprehensive security strategies to protect more with less.
- Tech Accelerator: Microsoft Intune Suite – April 11-12, 2023 (digital)
Get a closer look at the latest features, capabilities, and scenarios with two days of technical deep dives and live Ask Microsoft Anything (AMA) sessions delivered by the engineering teams building the future of Microsoft Intune.
You can also explore our Microsoft Intune Suite technical documentation.