What’s new in Microsoft Intune 2305 (May) edition

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

We're excited to announce our new May (2305) service release! This month we're highlighting three admin-requested capabilities that increase security and ease of use. First off, admins can now use filters to gain more options for assigning app protection and app configuration policies. In addition, Conditional Access has been integrated into Remote Help to help admins manage organizational access policies on the Remote Help app. Finally, we're excited to announce the release of Lifeguard Over-the-Air service updates which will provide an efficient and secure way to update ruggedized Zebra Android devices managed by Intune.

The entire list of What's new will be updated in the next few days as 2305 completes its production release. Earlier this week, Microsoft also announced several Windows features that are managed with Intune, like Organizational messages releasing this month and drivers and firmware updates coming soon. If you'd like to read more, see Expanding IT value in Windows 11 Enterprise and Intune. Let me know what you think of these new developments! Comment on this post or connect with me on LinkedIn.

New MAM app protection and app configuration filter options

Admins now have more flexibility in assigning and fine-tuning Intune app protection and app configuration policies with filters for mobile application management (MAM).

Previously, admins could only set app protection policies (APP) and app configuration policies (ACP) by platform, user group, and application. The new release supports assignment filters for both enrolled and unenrolled devices and allows admins to tailor MAM policy deployments to specific use cases.

When you create a new filter, you'll be able to target APP and ACP based on the following properties:

  • Device management type, including unmanaged devices
  • Device manufacturer
  • Device model
  • OS version
  • Application version
  • MAM client version

A screenshot of the new filter creation pageA screenshot of the new filter creation page

This capability will help IT pros solve complex workflows. Some of the scenarios requested by customers include the ability to target:

  • One policy to apps on one OS version and a different policy to apps on a later OS version to ensure each device has the latest security updates
  • Different ACP settings for users signing into a corporate shared device vs. when they use personal unmanaged devices
  • Specific device models, such as a unified communications device or a ruggedized device, with a particular APP/ACP policy or exclude those devices from APP/ACP policy

With the new release, your existing policies will stay as-is. However, we recommend moving your policies to filters with MAM to take advantage of the new assignment options. MAM filters will be available in all environments upon release, including our gov clouds—Government Community Cloud High (GCC High) and Department of Defense (DoD).

Remote Help now integrated with Conditional Access

The latest release introduces Conditional Access to Remote Help, providing admins better access management for specific user groups or devices. Conditional Access enables admins to control access based on categories, including users and groups, workload identities, directory roles, and external guests. The goal is to empower users to be productive wherever and whenever while protecting the organization's assets.

Customers requested this feature to help them set up and enforce organizational policies when using the Remote Help app, such as:

  • Setting up multifactor authentication
  • Installing security updates
  • Locking access to Remote Help to a specific region

In addition, this month we have also added access to Remote Help audit log sessions created in Intune. This enables admins to reference past events for troubleshooting and analyzing log activities. For more information on how to use Remote Help, see Remotely assist users that are authenticated by your organization.

Introducing Intune integration with the Zebra LifeGuard Over-the-Air service

Traditionally, updating ruggedized Android devices manually can be challenging as IT admins do not always have physical access to devices. This can cause security vulnerabilities if the devices are not updated, and also cause software compatibility issues for customers.

Intune has been working with Zebra to support firmware over-the-air solutions, and in 2305 we are announcing a public preview of integration with Zebra's Lifeguard Over-the-Air service, providing an efficient and secure way to update ruggedized Zebra Android devices managed by Intune. Admins can now update and manage Zebra devices from the Intune admin center and deploy updates through Wi-Fi or mobile broadband.

You can read more about this new capability in our public preview announcement. Note that this capability in public preview is not available in our gov clouds (GCCH and DoD).

Your feedback helps us get better

We'd love to know what you think of our new capabilities. Please share your thoughts by commenting on this post or connect with me on LinkedIn. We'll have more release news for you next month!

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.