Secure your Office 365 data on mobile devices using Microsoft Intune, which provides mobile application management capabilities in the cloud.
Part one of a series.
So, what is MAM? You may have heard the term if you’ve had any talks about a mobility strategy for your organization. It stands for Mobile Application Management, which is all about securing mobile applications on your corporate or employee devices.
As the mobile ecosystem grows larger and more important every day, iOS and Android remain the top leaders in the operating systems space for mobile devices.
But these operating systems can be very diverse in versions and features. If your organization is not strict with the purchasing and management of them, your employees may be all over the place. Privacy laws in different countries can further confuse the best way to manage mobility at your organization.
What should you manage and secure on mobile devices?
At a recent client, the answer to this question was fairly simple. The client wanted to make sure their corporate data, stored in Office 365, was secure on mobile devices.
This was the perfect scenario to implement MAM, which allows you to deploy security policies to the app itself. This is different than MDM, which applies to an entire device.
For instance, let’s say you want to allow employees to bring their own devices to the organization. Due to privacy concerns, being allowed to fully control someone’s personal device may not be feasible, or even desirable at your company.
However, with MAM, you could deploy a policy to manage only the Outlook App on a user’s device, encrypt the email stored on that device, and wipe only the Outlook email and account from that device. MAM only concerns itself with the app and data.
Microsoft Intune provides mobile device management, mobile application management, and PC management capabilities in the cloud.
What types of apps can Intune protect?
Natively, you can deploy MAM policies for all of the major Microsoft mobile applications (Outlook, Office, Skype for Business, etc.).
Microsoft also provides a software development kit (SDK) to allow app developers to build Intune support into their app. Some major organizations – like Salesforce and SAP – provide this functionality in their mobile apps as well.
What kind of security policies can I deploy to these apps?
I won’t go into every single setting you can configure, but MAM policies allow you to require passwords and pins to open the app. They also allow you to encrypt any data stored on the device and restrict what data can enter or leave the app.
A user must have the minimum version of an operating system on their device before they are allowed to connect to the data.
How can my organization try out Intune?
Intune is a part of the Enterprise Mobility and Security license, which is an add-on to Office 365. More licensing details can be found here.
