Microsoft’s Intune device and PC management suite has scored support for Android enterprise purpose-built device management, meaning admins can lock down biz devices before users get their sticky fingers near them.
Intune, a cloud-based Mobile Device Management (MDM) and Mobile Application Management (MAM) platform, was launched back in 2011 and sits atop Azure. Like many of its ilk, it allows companies to ringfence the work done by employees on devices, including personal devices lugged in by users either unwilling to have a corporate phone foisted upon them or alternatively forced to use their own device by a company unwilling to splash the cash on something shiny.
While being able to manage employees' access to corporate data, control the apps and settings on the device and hose the things down if need be is all fine and dandy, users have usually had to get hands on in order to add their credentials, triggering the policy downloads. This may be OK in limited roll-outs but it can present a challenge at scale and is certainly not ideal for the likes of kiosks.
Google’s solution to the problem is its Zero Touch enrolment, which is supported on Pixel devices running Android 7, and a limited subset of devices running Android 8. Launched in 2017, the technology allows administrators to have devices configured out-of-the-box. Users can then get up and running with minimal faffing, with all corporate policies in place.
Today's announcement sees Microsoft joining the party as a bit of a latecomer.
The likes of Google's GSuite have been there for a while, and have probably already drunk most of the beer. Of course, this will not worry users of the Intune platform who will be able to shovel Intune's more feature-rich Office 365 integration onto supported Android devices without making users go through the pain of registration first.
Simon Allison, an IT Dev Leader with experience in all things Intune, reckoned that the feature represented "another string to the bow" for Intune’s Windows, Android and iOS offering and saw it working particularly well in commercial sectors such as sales and delivery. Music to the ears of Microsoft, which sees kiosks being plugged in at remote branches by line-of-business staff as a key use case.
James Ridsdale, CEO of dataJAR Ltd, an Apple Enterprise expert, was sniffier: "We've been able to do this sort of thing - pre-staging and such like - for the last four years for iOS, macOS. Even tvOS. Zero touch is very much a buzzword for something that has been in the Apple Device Enrollment Program for a very long time."
Ridsdale is, of course, correct. However, with Apple's own offering working only on, er, Apple devices, (although once registered, other platforms such as Intune can take care of MDM business in mixed environments), admins will appreciate having the choice.
And for Microsoft shops, the tight integration Intune offers with its other cloudy stuff makes Intune with Zero touch a compelling proposition. Unless, of course, their users are expecting new iPhones in their corporate welcome boxes. ®
Sponsored: Webcast: Ransomware has gone nuclear