This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.
In Part I of this mini-series, I discussed some of the new hotness around multi-tenant capabilities in our Entra ID space. In Part II, I'll cover cross-platform support across several of our cloud services. The cloud era ushered in mainstream cross-platform support from many Microsoft services. Like the title of this post says, anymore, it's a cross-platform world.
Intune
Nowhere is this more pronounced than in Intune, which now provides a very polished and rich set of MDM and MAM capabilities for numerous platforms. Device enrollment and configuration, application deployment and protection, and on. Not only for typical device management scenarios, but we've added support for specific use-cases such as single and multi-app kiosks and point-of-sale devices from Samsung and Zebra, as well as support for AOSP - the Android Open-Source Project - which is often used for 'wearable' devices such as VR goggles (which don't need the mobile services 'stack' within the OS).
Intune offers support for updates policies to manage OS and firmware updates for non-Windows devices:
- iOS - Use Microsoft Intune to manage software updates for supervised iOS/iPadOS devices | Microsoft Learn
- Android –
- Corporate-owned - Corporate-owned Android Enterprise device restriction settings in Microsoft Intune | Microsoft Learn
- FOTA (Firmware Over The Air) – for certain OEMs - Android FOTA Updates | Microsoft Learn
- Zebra Lifeguard OTA - Zebra LifeGuard Over-the-Air Integration with Microsoft Intune | Microsoft Learn
The Intune cross-platform story continues with the introduction/expansion of Intune Suite. One component of the Suite is Remote Help – here’s the macOS flavor:
- Here's the admin portal view for initiating a Remote Help session on a Mac device:
Here's the end-user experience, from that device:
BONUS - The long-awaited device SSO for macOS is coming soon
Microsoft Purview
Information retention, governance and protection capabilities are integrated on platforms far and wide - we've enabled/extended secure productivity and labeling across device types via M365 apps (aka 'the Office apps'). The Office Web Apps are supported for many of these scenarios, too.
- Learn about sensitivity labels | Microsoft Learn
- Minimum versions for sensitivity labels in Microsoft 365 Apps | Microsoft Learn
Here’s Word on a Mac, where a user is prompted to apply a certain label, due to sensitive information discovered within the content:
Here's that file, once the label is applied (notice the header, watermark and footer applied):
Here’s a different file, where the label is automatically applied due to an Automatic Label policy:
Endpoint DLP
Endpoint DLP provides numerous capabilities across platforms to reduce the likelihood of casual data leaks and to help protect end-users from accidents, mistakes or 'unwise decisions.'
- NOTE: EDLP rules/policy can integrate with the labels above
NOTE: The end-user notifications are customizable
- Copy to clipboard - Block w/ override and justification:
-
- Block saving to USB:
3. Block print:
4. Block upload to specific cloud services (such as personal cloud storage) or from unapproved apps:
Defender for Endpoint
In Defender for Endpoint, we have a strong security 'platform' that includes AV, XDR and malware protection.
- Here's the client app for macOS, deployed and managed via integration of Intune and Defender for Endpoint services:
- Portal Reporting and Export
- If you click one of the colored line-items in the report, you'll get a fly-out w/ more details (here's the 'Mac devices' line):
Defender for Endpoint also offers a mobile threat defense (MTD) solution for iOS and Android platforms.
- One question I had from numerous customers was: ‘Some users sign out of the Defender mobile app - How can I prevent that?’
- It’s now a simple policy setting:
There you have it folks - a sample of some of our cross-platform capabilities. Of course, these days, most of our products have 'standing' design goals to account for cross-platform support so that will only continue to expand.
A series recap (so far):
- The Twelve Days of Blog-mas: No.1 - A Creative Use for Intune Remediations - Microsoft Community Hub
- The Twelve Days of Blog-mas: No.2 - Windows Web Sign in and Passwordless - Microsoft Community Hub
- The Twelve Days of Blog-mas: No.3 - Windows Local Admin Password Solution (LAPS) - Microsoft Communi...
- The Twelve Days of Blog-mas: No.4 - Sync Cloud Groups from AAD/Entra ID back to Active Directory - M...
- The Twelve Days of Blog-mas: No.5 - The Endpoint Management Jigsaw - Microsoft Community Hub
- The Twelve Days of Blog-mas: No.6 - The Reporting Edition - Microsoft Community Hub
- The Twelve Days of Blog-mas: No.7 - Architecture Visuals - for Your Reference or Your Own Docs - Mic...
- The Twelve Days of Blog-mas: No.8 - The Evolution of Windows Server Management - Microsoft Community Hub
- The Twelve Days of Blog-mas: No.9 - It’s a Multi-Tenant and Cross-Platform World: Part I - Microsoft Community Hub
Hilde