Mobile device management capabilities in Microsoft Intune
Updated: May 18, 2015
Applies To: Microsoft Intune
Use this topic to learn about the mobile device management capabilities that Microsoft Intune offers.
Devices that run Windows 8.1 and later can be managed as computers, or enrolled as mobile devices. The management capabilities you can use will differ depending on the method you use.
If you plan to use Configuration Manager with the Windows Intune connector to manage devices, see Manage Mobile Devices with Configuration Manager and Microsoft Intune.
Mobile device configuration policies let you manage many settings and features on mobile devices in your organization.
Use custom polices when configuration policies do not contain the setting you require. For iOS devices, you can import settings you exported from the Apple Configurator Tool. For other devices, you can use OMA-URI settings to configure settings and features on the device.
Remote Wipe, Remote Lock, and Passcode Reset
Erase sensitive data when a device is lost or stolen. For example, you can remotely lock the device, restore it to factory settings, or wipe only corporate data.
Lets you lock down certain features of mobile devices such as screen capture and the power switch. Also lets you restrict devices to run a single app that you specify.
App deployment and management
Provides a range of tools to help you manage mobile apps through their lifecycle, including app deployment from installation files and app stores, detailed monitoring of app status, and app removal.
Compliant and noncompliant apps
Lets you specify lists of compliant apps (that users are allowed to install) and noncompliant apps (which must not be installed by users).
Mobile application management
Configure restrictions for apps by using a mobile application management policy. This helps you to increase the security of your company data by restricting operations such as copy and paste, external backup of data and the transfer of data between apps.
After you deploy the managed browser to your users, you can configure a managed browser policy to control the websites that they can visit. In addition, you can also apply mobile application management policies to the managed browser.
Create and deploy trusted certificate profiles and Simple Certificate Enrollment Protocol (SCEP) certificates which can be used to help secure and authenticate Wi-Fi, VPN, and email profiles.
Deploy wireless network settings to your users. By deploying these settings, you minimize the end-user effort required to connect to the corporate network.
Create and deploy email settings to devices. This lets users access corporate email on their personal devices without any required setup on their part.
Deploy VPN settings to users and devices in your organization. By deploying these settings, you minimize the end-user effort required to connect to resources on the company network.
Conditional access policies
Manage access to Microsoft Exchange email and SharePoint Online from devices that are not managed by Intune.
Inventory and reporting
Find information about the devices you manage and the software they are using.
You can filter these reports in a number of ways, such as the device platform, and whether the device is compliant with corporate standards.
Manage mobile devices with Microsoft Intune
Manage mobile devices and PCs from the cloud
Bring your own device (BYOD) design considerations guide
Sign up for a free trial
How to buy Intune
Microsoft Intune Evaluation Guide
Microsoft Intune Service Description
Getting started with Microsoft Intune: walkthrough guide