Microsoft Intune

Enhance security and IT efficiency with the Microsoft Intune Suite.

Learn more

The broad value of the Intune Suite

While the solutions of the Intune Suite launched at different points in time, three fundamental principles have been there from the beginning.

First, one place for workloads adjacent to Unified Endpoint Management. If you’re currently using a mix of third-party solutions, the integrated experience in Microsoft Intune provides security and efficiency on multiple levels. First, one unified solution means fewer integrations to manage across third parties, meaning fewer attack vectors for malicious actors. And second, on a deeper level, the broader Intune proposition (both Intune Suite and Intune) is integrated with Microsoft 365 and Microsoft Security solutions. This provides a consolidated and seamless experience for IT professionals with a single pane of glass for end-to-end endpoint management.

Second, all parts of the Intune Suite are ready to support your cloud and AI-enabled future. Intune Suite will help accelerate organizations’ digital transformation to cloud native and simplify their IT operations. Additionally, data from Intune Suite are consolidated with other Intune and security data, meaning complete visibility across the device estate, informing and improving emerging technologies like Microsoft Copilot for Security. The more interrelated data that Copilot can use, the more it can proactively advise on the next best action.

Lastly, Intune Suite is available in a single unified plan. So, rather than having separate solutions for remote assistance, privilege management, analytics, and more, these advanced solutions can all be consolidated and simplified into one. This provides value in two ways: directly, by reducing the overall licensing cost, as the cost of Intune Suite is less than purchasing separate solutions; and the economic value of the Intune Suite is also in indirect savings: no need to manage separate vendors, train IT admins on separate tools, or maintain costly on-premises public key infrastructure (PKI). The Intune Suite makes it easier for IT admins, reducing overhead costs.

“With what we get out of Intune Suite, we can eliminate other products that our customers need. It’s now a suite of many components that enable customers who want to consolidate solutions and save money.”

—Mattias Melkersen Kalvåg, Mobility and Windows Management Consultant at MINDCORE, and| Microsoft Certified Professional & MVP

From today: A comprehensive suite across applications, access needs, and support

Let’s get into specifics. For application security, Enterprise App Management helps you find, deploy, and update your enterprise apps. And Endpoint Privilege Management lets you manage elevation rules on a per-app basis so that even standard users can run approved privileged apps. Cloud PKI lets you manage certificates from the cloud in lieu of complex, on-premises PKI infrastructure. And Microsoft Tunnel for Mobile Application Management (MAM) is perfect for unenrolled, personal mobile devices, to help broker secure access to line of business apps. Advanced Analytics gives you data-rich insights across your endpoints. And Remote Help lets you view and control your PCs, Mac computers, and specialized mobile devices, right from the Intune admin center. Let us take each of those three product areas in turn.

Increase endpoint security with Enterprise App Management and Endpoint Privilege Management

Enterprise App Management gives you a new app catalog, allowing you to easily distribute managed apps, but also keep them patched and always up to date. With this initial release, you will be able to discover and deploy highly popular, pre-packaged apps, so you no longer need to scour the Internet to find their installation files, repackage, and upload them into Intune. Simply add and deploy the apps directly from their app publishers. You can also allow the apps you trust to self-update, and when a new update is available, it is just one click to update all your devices with that app installed. We will continuously expand and enrich the app catalog functionality in future releases to further advance your endpoint security posture and simplify operations. 

“I’m very excited about Enterprise App Management as it’s powered by a strong app catalog and natively integrated in Intune. This single pane of glass experience is what we’re all looking for.”

—Niklas Tinner, Microsoft MVP and Senior Endpoint Engineer at baseVISION AG

For more control over your apps, with Endpoint Privilege Management, you can scope temporary privilege elevation, based on approved apps and processes. Then, as a user in scope for this policy, you can elevate only the processes and apps that have been approved. For example, users can only run a single app for a short period of time as an administrator. Unlike other approaches that give local admin permissions or virtually unlimited scope, you can selectively allow a user to elevate in a one-off scenario by requesting Intune admin approval, without you needing to define the policy ahead of time.

“Endpoint Privilege Management offers tight integration into the operating system. And the focus that Microsoft has over only elevating specific actions and apps versus making you an admin for a period of time—this is security at its best, going for the least privileged access.”

—Michael Mardahl, Cloud Architect at Apento

Cloud PKI and Microsoft Tunnel for MAM powers secure access

With Cloud PKI, providing both root and issuing Certificate Authorities (CA) in the cloud, you can simply set up a PKI in minutes, manage the certificate lifecycle, reduce the need for extensive technical expertise and tools, and minimize the effort and cost of maintaining on-premises infrastructure. In addition, support for Bring-Your-Own CA is available, allowing you to anchor Intune’s Issuing CA to your own private CA. Certificates can be deployed automatically to Intune-managed devices for scenarios such as authentication to Wi-Fi, VPN, and more; a modern PKI management option that works well to secure access with Microsoft Entra certificate-based authentication. In the initial release, Cloud PKI will also work with your current Active Directory Certificate Services for SSL and TLS certificates, but you do not need to deploy certificate revocation lists, Intune certificate connectors, Network Device Enrollment Service (NDES) servers, or any reverse proxy infrastructure. You can issue, renew, or revoke certificates directly from the Intune admin center automatically or manually. 

Microsoft Tunnel for MAM helps secure mobile access to your private resources. Microsoft Tunnel for MAM works similarly to Microsoft Tunnel for managed devices; however, with this advanced solution, Microsoft Tunnel for MAM works with user-owned (non-enrolled) iOS and Android devices. Microsoft Tunnel for MAM provides secure VPN access at the app level, for just the apps and browser (including Microsoft Edge) your IT admin explicitly authorizes. So, for personally owned devices, the user can access approved apps, without your company’s data moving onto the user’s personal device. App protection policies protect the data within the apps, preventing unauthorized data leakage to other apps or cloud storage locations.

“Cloud PKI within the Intune Suite allows you to go cloud native in terms of certificate deployment, which means you can provision PKIs with just a few clicks—that’s a blessing for all the IT administrators. With this built-in service, Microsoft hosts everything for you to manage certificates.”  

—Niklas Tinner

Resolve support issues quicker with Advanced Analytics and Remote Help

Advanced Analytics in Intune is a powerful set of tools for actionable reporting and AI-driven analytics. It provides deep, near real-time insights into your connected devices and managed apps that help you understand, anticipate, and proactively improve the user experience. We continue to infuse AI and machine learning into our analytics products. For example, you can get ahead of battery degradation in your device fleet through our advanced statistical analysis and use that information to prioritize hardware updates. Intune Suite now includes real-time device querying on-demand using Kusto Query Language for individual devices, useful for troubleshooting and resolving support calls quicker.

With Remote Help, you can also streamline the way you remotely view and interact with your managed devices, for both user-requested or unattended sessions. As a help desk technician, you can securely connect to both enrolled and unenrolled devices. Users also have peace of mind in being able to validate the technician’s identity, to avoid help desk spoofing attempts. Right now, Remote Help works for remote viewing and controlling in Windows PCs and Android dedicated Enterprise devices, and supports remote viewing for macOS. Especially useful for frontline workers, Remote Help for Android allows help desk administrators to configure and troubleshoot unattended devices, meaning issues can be revolved off-shift.

“Remote Help takes away the requirement and the need for third-party remote help tools. Remote Help is native, it’s interactive, and you don’t have to worry about installing anything, it’s already there. It’s part of Intune, it’s part of the build.”

—Matthew Czarnoch, Cloud and Infrastructure Operations Manager at RLS (Registration and Licensing Services)

To see many of these new capabilities in action, we invite you to watch this new Microsoft Mechanics video.

Analyst recognition for Microsoft

With the additions to the Intune Suite now available, IT can power a more secure and productive future at an important time as AI comes online. Notably, analyst recognition is validating the importance of its value. For example, Microsoft again assumes the strongest leadership position in the Omdia Universe: Digital Workspace Management and Unified Endpoint Management Platforms 2024. Omdia wrote: “Microsoft is focused on reducing management costs by utilizing the Microsoft Intune Suite and integrating different solutions with it.” They added: “The company plans to invest in Endpoint Analytics and Security Copilot to introduce data-driven management, helping IT professionals shift from reactive, repetitive tasks to strategic ones by utilizing Endpoint Analytics and automation.” Omdia’s recognition follows that from others like Forrester, who named Microsoft as a Leader in The Forrester Wave™ for Unified Endpoint Management, Q4 2023.

Get started with consolidated endpoint management solutions with the Microsoft Intune Suite

The February 2024 release of the solutions in the Intune Suite marks a key milestone, offering a consolidated, comprehensive solution set together in a cost-effective bundle (and available as individual add-on solutions) for any plan that includes Intune. And in April 2024, they will also be available to organizations and agencies of the United States government community cloud. We look forward to hearing your reactions to the new Intune Suite.

• Microsoft Intune News at Microsoft Ignite 2023.
• Learn more about Microsoft Intune.
• Omdia Universe: Digital Workspace Management/Unified Endpoint Management Platforms 2024.
• Forrester Wave™ for Unified Endpoint Management, Q4 2023. 
• Microsoft Cloud PKI blog announcement at Microsoft Ignite 2023.
• Microsoft Intune Enterprise App Management blog announcement at Microsoft Ignite 2023.
• Microsoft Intune Advanced Analytics blog announcement at Microsoft Ignite 2023.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Ease the burden of managing and protecting endpoints with Microsoft advanced solutions, Dilip Radhakrishnan and Gideon Bibliowicz. April 5, 2022.

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.

The Forrester Wave™: Unified Endpoint Management, Q4 2023, Andrew Hewitt, Glen O’Donnell, Angela Lozada, Rachel Birrell. November 19, 2023.

The post 3 new ways the Microsoft Intune Suite offers security, simplification, and savings appeared first on Microsoft Security Blog.

Propelling business growth

The Forrester report recognizes the advances made to the Microsoft Intune platform in the last year:

This new platform approach aims to help customers simplify management, reduce costs, and transform experiences with AI and automation, all factors that enable Microsoft to vastly outperform others across key metrics like devices under management and revenue growth.

Moving to cloud management with Intune aids customers in applying Zero Trust security principles, improves user experience, and streamlines operations with AI and automation. Exemplary endpoint management doesn’t often get the credit for propelling business growth like research and development initiatives. But companies that reduce the administrative overhead on their talent have more hours and focused attention available to tackle more challenges and innovate. And “talent” isn’t just made up of users; IT and security teams can tackle more valuable projects after simplifying and automating management tasks for themselves. As just one example, new cloud-based controls to manage the local admin passwords for Windows devices make this critical security operation simpler and reduces the need for on-premises resources.

The report also made note of the Microsoft Intune Suite, saying “it includes new support for mobile application management (MAM)-only, ruggedized, remote control, privilege management, and DEX (digital experience) use cases.”

The Intune Suite extends the capabilities of Intune and powers better digital experiences. Solutions like Endpoint Privilege Management ease the burdens on help desks and keep users productive, and Remote Help makes real-time troubleshooting faster, easier, and more secure for users and administrators alike. The time saved and frustration spared keep everyone focused on progress rather than process.

Defining the endpoint management experience 

In The Unified Endpoint Management Landscape, Q3 2023 report, Forrester offers this market definition of unified endpoint management: “[Unified endpoint management] solutions help EUC (end user computing) professionals balance three priorities at once: exceptional DEX, cost-efficient management, and foundational threat prevention.” 

Exceptional digital experience

How is the Intune digital experience exceptional? Devices are verified as healthy and made more secure without impeding the flow of work—or even rising to the notice of the user. Zero-touch provisioning with Autopilot creates a seamless out-of-box experience. Single sign-on, recently added to Intune’s now-comprehensive MacOS management capabilities, reduces password fatigue and helps users get to work with fewer interruptions. Mobile application management allows users to use their own mobile and Windows devices to access secure resources without enrollment, allowing them greater freedom to work (and be inspired) where they see fit. That Intune works so well with Microsoft Entra ID, Microsoft Defender, Windows, and Windows 365, further enhances the experience of work with fewer hassles and greater peace of mind.

Cost-efficient management

As a truly unified platform, Intune allows admins to manage Windows, Linux, MacOS, Android, iOS, and specialty devices. This reduces the burden of consolidating data from multiple sources and of switching between tools for privilege management, update management, and user experience. Intune instead offers broad management and protection capabilities and true visibility into endpoint performance in one place. With the Intune Suite, the productivity of admins and users can be accelerated even more.

Many enterprises are able to realize the value of Intune at no additional cost as part of their Microsoft 365 licenses. Additional savings can be realized by consolidating specialized management tools with redundant features, by retiring on-premises infrastructure, and by moving to true cloud-native management. Automation of tasks with flows, PowerShell runbooks, and scripts extends efficiency into the day-to-day operations of administrators, and the ability to grant Conditional Access to bring-your-own devices eases the need for dedicated, company-owned devices for employees. The reduction in support tickets and security incidents afforded by the baselines and tools that keep devices compliant and hardened against threat reduce costs of remediation.

Foundational threat prevention

Microsoft Intune offers fundamental capabilities for creating and enforcing Zero Trust security at enterprise scale, and was given the top score in the Security category of the report. Device health compliance capabilities help keep potentially compromised devices from accessing sensitive resources. Privilege management and Conditional Access policy enforcement permit users to remain productive without increasing risk. The ability to define and enforce data protection policies at the device level keeps information flowing to the right places and helps prevent it from leaking to the wrong ones. Using Intune in concert with Microsoft Defender for Endpoint extends the security capabilities even further.

Strategic strength

The Forrester Wave™: Unified Endpoint Management, Q4 2023 report evaluates product strategy in addition to current features when identifying leaders, and Microsoft received the highest possible score in this area. According to the Forrester report, The Unified Endpoint Management Landscape, Q3 2023, “AI will fundamentally change the job of endpoint administrators, allowing them to query endpoints faster and more granularly, help inform policy decisions, and even replace scripting.”

Microsoft has begun to realize that future today with insights driven by machine learning already informing the Intune service. SOC and IT admins using Intune and the Intune Suite will see data from those services used by Microsoft Security Copilot, and expanded capabilities will emerge as the technology evolves.  

Innovation and improvements to Intune are driven by our engineers, partners, and customers. We’re grateful to all our stakeholders for the hard work, extensive feedback, and broad adoption of Intune (Forrester indicates Microsoft has the largest Market presence, too) that has enabled the solution to become a leader in unified endpoint management.

Microsoft Intune

Protect and manage endpoints in one place.

Learn more

Learn more

While we hope that this recognition gives confidence to all those who are interested in Intune, we know that diving deep into how a solution really works is key to making any investment. Check out Intune and Windows Tech Takeoff sessions to get technical breakdowns of existing workloads and explore what’s new.  You can also subscribe to our ongoing news by returning to the Microsoft Intune blog home then join the conversation on Twitter at @MSIntune and LinkedIn.

Learn more about Microsoft Intune.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (formerly known as “Twitter”) (@MSFTSecurity) for the latest news and updates on cybersecurity.

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical representation of Forrester’s call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or service depicted in the Forrester Wave™. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change. 

Forrester Wave™: Unified Endpoint Management, Q4 2023, Andrew Hewitt, Glen O’Donnell, Angela Lozada, Rachel Birrell. November 19, 2023. 

The post Forrester names Microsoft Intune a Leader in the 2023 Forrester Wave™ for Unified Endpoint Management appeared first on Microsoft Security Blog.

Microsoft Intune is an industry-leading, unified endpoint management solution that organizations depend on to ensure their devices, operating systems, and apps are up-to-date, protected, and performant. Yet evolving work habits and security threats, tougher economic climate, and growing diversity of devices mean that organizations need more help in reducing complexity. Consider this: in a recent survey, two-thirds of respondents were using more than ten tools to manage and protect their digital estate.¹ More individual tools mean more management overhead, more attack surface, and more licensing costs—all things organizations need to reduce.

In this blog, I want to share three reasons why the new Intune Suite will matter to you:

1. Even better security by reducing attack vectors.
2. Simplification through consolidation and automation of IT and security operations workflows.
3. Savings through lower management overhead and reduced support costs.

I’ll also share some results from our latest survey of nearly four hundred endpoint management and security professionals, which will provide additional context for this new offer.

What is the Microsoft Intune Suite?

First, let’s review what capabilities the Intune Suite offers. These important capabilities have been in development for a while, and you may recall we announced our plans at Microsoft Ignite 2022 to launch the Intune Suite in March 2023 with an initial set of advanced solutions:

• Remote Help is a tool that will assist helpdesks—especially important as workers are now working away from the office more often. Remote Help is already available for Windows users and will also come to Android and Mac endpoints in future releases. It enables IT helpdesk teams to remotely troubleshoot a user’s desktop and mobile devices based on a user’s existing company identity. The extra Android support will prove particularly useful for managing frontline workers’ devices. Learn more about recent Remote Help updates for Windows.
• Endpoint Privilege Management, in preview in March 2023 and generally available in April 2023, will enable the controlled elevation of Windows standard users so security controls don’t get in the way of productivity. The right users will have the right privileges at the right time, to reduce the security risk of overprivileged users and reduce the burden on the help desk by allowing greater self-serve for basic scenarios, like setting up a local printer. Learn more about Endpoint Privilege Management first release capabilities.
• The Intune Suite also offers advanced endpoint analytics features, data-driven insights that help IT administrators understand, anticipate, and improve the user experience for the staff in the organization.
• There is also Microsoft Tunnel for Mobile App Management, a micro-VPN that connects corporate resources from personal iOS/iPadOS and Android devices, so employees can have access to company resources from their personal mobile devices when duty calls.
• The Intune Suite improves the management of specialty devices, to give employees the flexibility to choose the device they need to get the job done without those devices becoming points of vulnerability. 
• Following the March 1, 2023, launch, another capability that will be added to the Intune Suite is advanced app management, offering an enterprise app catalog and controls for easy app discovery, deployment, and automatic updating to mitigate risks introduced by out-of-date apps. Later this year, we will also introduce a cloud certificate management solution to issue and manage VPN and Wi-Fi certificates from Intune to devices without on-premises infrastructure. We will continue to add additional advanced capabilities to the Intune Suite over time, providing more endpoint security, automation, and control of the user computing landscape and experience.

So, why is this important for you now? It goes back to better security, simplification, and savings.

1. Improve security and reduce attack vectors

Even if IT and security organizations are becoming accustomed to supporting and protecting remote and hybrid work, our surveys show there is still much work to be done to improve enterprise endpoint security. Only 43 percent of endpoint management and security professionals said that their organization actively manages more than three-quarters of their endpoints.¹ Put another way, 57 percent of organizations do not have visibility or control over a quarter of their endpoints or more. Further, only 37 percent of organizations use patch management, and only 39 percent use Endpoint Privilege Management. As such, there is clearly an opportunity to increase the breadth of devices organizations can manage to have a more complete view of the health and performance of their digital estate. There is also an opportunity to improve the depth of protection offered through more Endpoint Privilege Management and more regular patch updates. This basic “cyber hygiene” is core to the way the suite improves security and is foundational before any Zero Trust initiative can really gain traction.

Security professionals see tighter product integration as a key step. When asked in our survey how they could improve their organization’s endpoint security, “integration” was the top answer. The Intune Suite delivers integration on multiple levels: between the various Intune Suite components, with Microsoft 365, and with other Microsoft Security assets. Better integration means fewer vulnerable spots that could be attacked. Microsoft has learned to be intentional about creating integrated value across its portfolio and with the Intune Suite, we are committed to continue building end-to-end value for users, IT, and security operations.

One extra advantage of using a single vendor for more of your endpoint security needs is that there is one single dataset rather than multiple disparate streams of data. Uniform, consistent data means better security analytics and visibility to potential vulnerabilities and anomalies. You can’t mitigate what you can’t see. Bringing together the data and actionable insights in one place increases your ability to assess, manage, and act on potential risks across your device landscape.

“The Microsoft Intune Suite is going to help us consolidate our endpoint management solutions, saving costs, making our lives easier, and keeping the hospital data secure. I would highly recommend the Microsoft Intune Suite to any organization looking to enhance their security posture.”—Ibrar Mahmood, IT Cyber Security Manager, Milton Keynes University Hospital NHS Foundation Trust.

2. Simplify endpoint management

Many organizations have reported increased complexity within their IT environment over the past few years. This makes sense: smartphones, bring your own device (BYOD), hybrid work, and evolving security threats can all increase complexity. Yet, the response to the current complexity has been to add more point solutions, which is a step backward as more solutions mean more vendor integration requirements, possibly creating additional attack surfaces.

Given other top IT priorities—cloud migrations, lowering costs, AI, analytics, and staff retention—it is understandable why endpoint tools have not been consolidated yet. However, I believe that the simplification and consolidation of endpoint management tools is needed quickly. By choosing the Intune Suite, you can simplify your approach to advanced endpoint management, meaning more bandwidth to focus on other priorities in 2023 and beyond.

Simplification also enables the consolidation of your security vendors—A Gartner® survey reported in September 2022 that 75 percent of organizations are pursuing security vendor consolidation in 2022, up from 29 percent in 2020.² This not only presents the opportunity to reduce risk and direct licensing costs but saves time and mental overhead in not having to manage so many supplier relationships.

One example of reduced mental overhead: the Intune Suite also simplifies your IT and security operations. One unified admin console means unified workflows. You no longer need to hop from one admin console to the next or stitch together workflows.

We are dedicated to helping organizations use the power and data of the cloud to further automate and orchestrate IT workflows to cut complexity. As Omdia recently put it, when ranking Microsoft a leader, in the Digital Workplace Management/Unified Endpoint Management Platforms, 2023 assessment, “The sheer scale of signals Microsoft has visibility of enables more analytics, automation opportunities, and insights across the endpoint estate than any other UEM vendor.“³

3. Enable cost savings

Many C-suite executives are looking for cost savings in 2023—the Intune Suite delivers multiple ways to save.

First, the Intune Suite reduces the overhead of negotiating and overseeing separate contracts with multiple vendors. It means less integration of work between components and training on different tools. It also means fewer costs from employee downtime due to a security breach and lower IT helpdesk costs through fewer inbound calls and faster resolution of remaining tickets.

National Railway Company of Belgium (SNCB) easily manages more than 21,000 devices with Microsoft Intune. “Intune is a huge success story for SNCB,” says Bouke Stijns, Chief Information Security Manager, SNCB. His team fully containerizes SNCB applications on smartphones so that the company can’t access employees’ personal apps and data. He also appreciates that compliance with the General Data Protection Regulation (GDPR) is built into Microsoft solutions and the Microsoft licensing model, which optimizes the IT budget in an industry that allocates resources to passenger experience rather than IT expenditure. “Our Microsoft license offers an extensive set of security solutions that optimizes budget and reduces the number of vendors we need to coordinate with,” he explains. Read the full customer story.

Second, the Intune Suite bundled list price is lower than the sum of all the individual capabilities of the Intune Suite and delivers Microsoft integrated value greater than the cost and overhead of managing alternative vendor solutions.

The bundle is available as an add-on to any plan that includes Intune, which most customers get through the value of their Microsoft 365 subscription. For added flexibility, the individual solutions within the suite will also be available as standalone add-ons to Intune, so organizations can migrate to the Microsoft solution they prioritize based on their needs. 

Additionally, for advanced features that extend the value of Intune beyond core endpoint management functionality—for example, protecting and managing specialty devices or Tunnel for Mobile App Management for unenrolled devices—we are introducing a new plan, Microsoft Intune Plan 2, that you can buy for specific, targeted users. 

Learn more about the new Microsoft Intune plans and pricing.

“I’m eagerly awaiting the migration of all our mobile devices to the Microsoft Intune Suite as our core UEM System. Looking into the migration, we just know—due to the work the team and Microsoft put into Intune the last years—that we are making an exciting step forward to an even better reliable and integrated UEM platform for our mobile devices, better preparing us for the future and all challenges that lie ahead.”—Florian Weisenberger, Product Owner Mobile Workplace iOS, Audi.

The net effect of the new, comprehensive Intune Suite, Intune Plan 2, and the single solution add-ons to Intune offer organizations flexible options to plan their budgets, IT and security lifecycle, and vendor contracts in a deliberate and calculated way—with security, simplification, and savings in mind.

Join us at Microsoft Secure

In Omdia’s report, they wrote: “Microsoft’s focus is on bringing together this range of mission-critical endpoint and application management and security tools into a single cloud solution. In delivering this integrated set of capabilities, the vendor will help customers simplify how endpoints are managed, strengthen security postures, potentially reduce total cost of ownership, and improve employee experiences.”³

The Intune Suite represents shift change in endpoint security, simplification, and savings. I encourage you to learn more by watching the new Microsoft Mechanics video and visiting our Microsoft Intune Suite page to discover the expanding set of Intune products. Finally, please join us at Microsoft Secure on March 28, 2023, where our product leadership will add perspective about the Intune Suite and demonstrate the integrated innovation and value of the new bundled solution.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.

¹Endpoint Management Vulnerability Gap, Enterprise Strategy Group. Fieldwork was conducted in November 2022.

² Gartner Press Release, Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022, Gartner. September 13, 2022. GARTNER is a registered trademark and service mark of Gartner, Inc., and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

³Omdia Universe: Digital Workspace Management/Unified Endpoint Management Platforms, 2023, Omdia. December 12, 2022.

The post The Microsoft Intune Suite fuels cyber safety and IT efficiency appeared first on Microsoft Security Blog.

1.  Strong cloud adoption rates will continue

Macroeconomists may be pessimistic about gross domestic product growth in Europe and the United States in 2023, but even in weak macroeconomic scenarios, cloud growth rates remain stellar.¹ Gartner® predicts almost 30 percent growth for infrastructure as a service and almost 25 percent growth for platform as a service in 2023, as compared to 2022 in the worldwide public cloud user spending category. A September 2022 survey of chief technology officers (CTOs) by Evercore-ISI asked the top things they would do in response to reduced budgets or inflationary pressure.² The top answer (from 44 percent of CTOs): increase their use of the cloud. Gartner® predicts that by 2025 more than 90 percent of clients will use cloud-based unified endpoint management (UEM) tools, up from 50 percent in 2022. So, if you have not migrated your UEM to the cloud yet, 2023 is the year to start.

2. Security will remain the top issue for CTOs into 2023

When asked in September about their highest priority project (in terms of incremental spending), 42 percent of CTOs said cloud security. Network security was the second most common response, with analytics third.² Credit Suisse recently polled CTOs on how different categories in their IT budget would grow.³ In 2021 and 2022, security was ranked top, with an 11 percent increase. Asked to predict the growth in security spending in 2026, security again ranked highest, but the expected increase was even more: 14 percent. Underlying factors provide color to the raw growth numbers. The geopolitical storm continues, and new avenues continue to emerge for hackers. I expect to hear even more about deepfake videos and ransomware as a service in 2023. So, how do chief information security officers (CISOs) strengthen their organization’s defenses in 2023? We would propose two initiatives: first, ensure security software is suitably integrated with a unified console to enable fewer points of vulnerability and more automation. By extension, this might mean consolidating vendors. Second, tackle the human aspect: invest in upskilling staff on how best to be aware of potential attacks.⁴

3. Worker mobility will increase further

The past few years have changed the model for knowledge workers. 2023 will see several shifts that will add to the hybrid work from anywhere (and hence, protect everywhere) trend. Next year will see mass adoption of 5G capable devices: Juniper Research estimates that there will be 600 million more 5G connections added in 2023 alone.⁵ Technological trends will be compounded by demographic trends, such as “productivity paranoia,” where workers want to show they are being productive, no matter where they are. What does this mean for CISOs? New working styles, new networks, and new devices mean new attack vectors. In 2023, be ready to protect your workers who are working from anywhere, not just from home.

4. CTOs will need to pay more attention to local factors

There is always a balance between global and local initiatives, but in 2023, we expect that it will be increasingly difficult to just adopt a one-size-fits-all global shortcut. We are seeing an increasing number of national regulations related to data sovereignty, with implications for where that data is stored and secured.⁶ 2023 will see further digital transformation of public sector agencies. These agencies often have more country-specific security or compliance rules compared to their private sector counterparts. As such, CISOs need to ensure their endpoint management solutions (and, indeed, their entire technology architecture) can adapt to handle extra local requirements.

5. Truly transformative technology will rise to the top

My final prediction is that 2023 will see further clarity on the difference between genuinely transformative technology and tech that has been overhyped. One technology that I expect to compare favorably for enterprises in 2023 will be more advanced forms of automation, such as AI. AI start-ups have seen more than USD100 billion in venture capital investment since 2020, in everything from the development of new drugs to new ways to create art and writing (and, perhaps, eventually, transform how blogs are created!).⁷ Security represents a great opportunity for advanced automation and AI, given the nature of the ongoing problems CISOs must grapple with. As such, while new AI-generated images may garner the headlines, away from the limelight we expect many other enterprise software solutions to benefit from both sophisticated AI and simply greater automation.⁸ For example, in endpoint management, Gartner® sees that by 2027, UEM and digital employee experience tools will converge—to drive autonomous endpoint management, reducing human effort by at least 40 percent. The more that security tasks are automated, the more time is freed up for more strategic work by your key staff.

Learn more

I hope you found these 2023 trends thought-provoking. I would encourage you to continue to think about what the macro situation might mean specifically for your organization and translate that into an action plan for your Microsoft Intune assets in 2023. In the meantime, I wish you all a safe and thoughtful holiday season and wish you continued success in the new year.  

Learn more about how Microsoft Intune can simplify your endpoint management:

• Reduce your overall total cost of ownership with a new Microsoft Intune plan.
• Microsoft publishes new report on holistic insider risk management.
• Microsoft Intune blog.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

¹World Economic Outlook, October 2022: Countering the Cost-of-Living Crisis, IMF. October 15, 2022.

²Evercore-ISI Quarterly Enterprise Technology Spending Survey, September 15, 2022.

³Credit Suisse CIO Survey, Credit Suisse. October 6, 2022.

⁴What cybersecurity trends are expected in 2023? Muhammad Zulhusni, November 29, 2022.

⁵5G Service Revenue to Reach $315 Billion Globally in 2023, Juniper Research. October 23, 2022.

⁶Microsoft launches its Cloud for Sovereignty, Frederic Lardinois. July 19, 2022.

⁷State of AI Q2’22 Report, CB Insights. August 10, 2022.

⁸How a computer designed this week’s cover, The Economist. June 11, 2022.

The post Microsoft Intune: 5 endpoint management predictions for 2023 appeared first on Microsoft Security Blog.

As you see in the Magic Quadrant™ in Figure 1, Microsoft is positioned as a Leader in the 2022 Magic Quadrant™ for Unified Endpoint Management Tools. You will also see that Microsoft is highest on the “Ability to Execute” axis. Microsoft was also recognized as a Leader in the 2021 Magic Quadrant™ for Unified Endpoint Management Tools.

Figure 1. Magic Quadrant™ for Unified Endpoint Management Tools.

Why customers choose Microsoft for UEM

Let me summarize three reasons we hear from customers as to why they see Microsoft as a dependable and cost-effective solution for UEM.

1. Microsoft Endpoint Manager is the native Microsoft solution, providing deep integration with Microsoft 365 and Microsoft Azure to improve employee security and the IT administrator experience. Seamlessly integrating management, identity, and security with your employees’ digital experience has two advantages. It improves employee satisfaction as their workplace tools don’t need them to juggle multiple security add-ons. Further, it reduces the amount of platform integration your IT team needs to do, allowing IT to focus on higher-order priorities and save money. Microsoft 365 integration is an ongoing project for us: our advanced endpoint management strategy means we are bringing more solutions into the Microsoft 365 platform, driving down the number of add-ons you need to integrate.
2. Customers like being in control of when they migrate to the cloud. The improvements we have made in tenant attach and hybrid Microsoft Azure Active Directory (Azure AD) mean that customers can have many choices in how to co-manage their devices. This puts the customer firmly in control. The accelerated shift to hybrid work in the past two years has taught us that there is no “one size fits all” for digital transformation. Some organizations are now fully remote and in the cloud; others have leaders that are very keen on a full return to the office. Many are in between. Microsoft Endpoint Manager capabilities accommodate all scenarios, leaving customers in control.
3. Customers are reassured by Microsoft’s ongoing investments in Endpoint Manager. We continue to improve the IT administrator experience and the experience for frontline workers, as well as integrate with Azure Virtual Desktop, Windows 365, and Microsoft Defender for Endpoint. Other recent innovations include new support for managing Linux desktops (currently in preview), macOS enhancements such as support for DMG and other apps, remote help, and Endpoint analytics such as work-from-home readiness and other reports to power a hybrid workforce. We look forward to sharing further advances soon.

Continued momentum for Microsoft Endpoint Manager

Strong rationale from analysts and customers is backed up by metrics. As our Chief Executive Officer (CEO) Satya Nadella revealed on our Q3 2022 earnings call, “the number of Windows, Android, and iOS devices protected by [Microsoft] Intune grew over 60 percent year over year.” More broadly, “the number of customers who trust our security solutions grew nearly 50 percent year over year to 785,000.” We work with our industry-leading more than 15,000 partners to analyze 24 trillion threat signals a day to keep customers like Domino’s Pizza, Fujitsu, Heineken, and Petronas safe.

So, I would encourage you to read the Gartner® report and explore what actions you should take. Specifically, customers looking for a dependable, cost-effective solution in three specific situations may find it particularly relevant:

• If you are spending too much time managing third-party security plug-ins. Simplifying your endpoint management vendors could free up your time for other priorities.
• If your security, identity, or management software vendors are influencing the timing of your migration to the cloud. The ability to migrate at your own pace remains critical.
• If you selected your UEM vendor prior to the shift to hybrid work. The pandemic changed requirements for many customers and initiated deep investments to meet those new needs.

Learn more

You are invited to read the full 2022 Magic Quadrant™ for Unified Endpoint Management Tools report.

We believe any recognition from independent external analysts is an important milestone in building the best product we can; we thank our customers and partners for being on this journey with us.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

Gartner, Magic Quadrant for Unified Endpoint Management Tools, Tom Cipolla, Dan Wilson, Chris Silva, Craig Fisler. August 1, 2022.

Gartner and Magic Quadrant are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

The post Microsoft recognized as a Leader in the 2022 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools appeared first on Microsoft Security Blog.

The Forrester report states that Microsoft “excels at helping customers migrate to modern endpoint management” and that its Desktop Analytics offers capabilities that are among the most advanced in the evaluation for enabling advanced automation alongside the cloud-connected Microsoft Graph API.

Endpoint Manager helps maximize the investments organizations have made in their digital estate through capabilities designed to optimize employee experiences on devices that have become their new workplace for today’s hybrid world. We have worked hard to simplify the path to endpoint cloud management and build capabilities that improve IT productivity as well as mitigate the risk of increasing cybersecurity threats on the expanding endpoint landscape. The Forrester report recognizes that Endpoint Manager continues to grow rapidly with our ability to scale and its inclusion in  Microsoft 365.

Insights help boost digital employee experiences

In the new hybrid world, employees around the globe are increasingly dependent on their devices and apps to keep them connected. We have seen growth in Windows devices under management—up more than 130 percent in the last year. As customers continue to work from home and adapt to the new reality of hybrid work, it’s clear that the endpoint is the new workplace and must be protected and managed. Insights into issues like app health and device boot time that can be addressed remotely by helpdesk or IT teams can improve productivity and reduce frustration. Endpoint analytics in Endpoint Manager brings new capabilities that help with digital employee experiences and has been broadly adopted by our customers for exactly that reason.

Hybrid work accelerates cloud migration

Organizations have been forced to rethink how to enable their workforce to be productive from anywhere, on any device, and that means that the calculus for cloud enablement has also changed. Our approach to cloud enablement keeps customers at the center and meets them where they’re at.  We take deliberate measures with Endpoint Manager to approach our customers’ need to maximize their existing investment of their endpoints on-premises. From refreshing our cloud configuration wizard to driving group policies into our settings catalog, we can extend the value of the cloud to co-managed endpoints, and at the same time continue to invest in helping customers move to cloud management at their own pace.

A cross-platform approach offers flexibility

We see customers continue to use both fully managed and unmanaged devices within their enterprises. Whether they adopt work profiles, mobile application management (MAM), device enrollment, or user enrollment, each of these have their place and Endpoint Manager supports customers for all the models. With Endpoint Manager, administrators can decide if they need the validation provided through Conditional Access protected resources at the device or app level. More than 80 percent of Endpoint Manager devices use Conditional Access with Microsoft Azure Active Directory.

At Microsoft Ignite 2021, we announced that we will soon introduce Linux to the platforms supported in Endpoint Manager. Simply building a management agent for Linux clients isn’t enough. Rather, devices need to be registered, managed, secured, and then they can be used to access Conditional Access protected resources. We are doing this across Microsoft 365 and are seeing a very broad usage of Conditional Access, which is at the very core of our Zero Trust solution. Our product strategy includes adding more capability over time, providing flexibility to check more stats on the device or app, increasing security, and improving productivity—and there’s still so much more to do.

We invite you to read the full Forrester report here.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

The post Microsoft is recognized as a Leader in the 2021 Forrester Wave for Unified Endpoint Management appeared first on Microsoft Security Blog.

Adapt and thrive

This year, we focused on meeting our customers’ needs to adapt to today’s evolving business landscape. They responded with increasing reliance on Microsoft Endpoint Manager to enable their employees’ remote and hybrid work. Our cloud-connected Microsoft 365 apps, devices, and Windows innovation—with integrated security and protection—help build resiliency for today’s shifting world of work.

By using Endpoint Manager to apply the principles of a Zero Trust security model to apps and endpoints, Microsoft customers can transform their security posture across their entire endpoint estate. This ability is foundational to enabling employee productivity in hybrid work environments. From remote to frontline workers and from large enterprises to small, Microsoft is recognized for its ability to execute and completeness of vision for Endpoint Manager.

Windows endpoint management in the cloud

Our focus on helping businesses adapt continues as organizations move to cloud management, starting with their Windows endpoints. In the past fiscal year, we’ve seen more than 250 percent growth in customers managing their Windows endpoints exclusively in the cloud. We anticipate that the recently announced Windows 365 will further accelerate this growth, with our UEM solution essential to implementing an end-to-end process for deploying, configuring, and scaling the new Windows 365 experience.

When Windows 11 becomes generally available later in 2021, cloud management will be key to reducing complexity as IT teams determine how their workforce will update to this new operating system built for hybrid work. Building on Windows innovation and our investments in AI with endpoint analytics, we’ll continue to help customers deliver seamless endpoint and management experiences for their employees—all while protecting data and ensuring endpoint compliance.

Automation improves security

Connecting our cloud capabilities has also helped increase cooperation between security operations (SecOps) and IT teams through automation and modern management. We’ve evolved Endpoint Manager into a hub for Microsoft 365 management and security, building automation based on the billions of signals we get from the Microsoft intelligent security cloud. Actions required to remediate vulnerabilities are automatically communicated between cloud services and implemented immediately. We’ve built Endpoint Manager to provide role-based visibility back to the security teams, relaying information about actions taken and policies implemented. These advances help drive the modern workplace by empowering organizations to adapt and scale as their business evolves.

Increasing endpoints and protection

The demands of the modern workplace require securing a diverse set of endpoints, including productivity apps and non-traditional devices. With Microsoft Teams at the core of the hybrid work environment, we continue to grow the scope of devices under management across the ecosystem. In the last nine months alone, we’ve seen the number of endpoints under management more than double. Our service continues working across platforms for customers worldwide, including those from highly regulated industries, with deep integration into Microsoft apps and endpoints enabling increased security and flexibility. Customers appreciate having the choice to support both managed and unmanaged experiences with a consistent security promise—applying app-protection policies and configurations to protect sensitive information without device enrollment. Learn how Siemens transitioned to Microsoft Endpoint Manager to manage all of the company’s mobile endpoints in less than 12 months—advancing its Zero Trust journey and improving employee experiences.

Learn more

The endpoint is the new workplace, and we’re committed to helping organizations build business resiliency with Microsoft Endpoint Manager. We’re grateful to again be recognized by Gartner as a Leader in Unified Endpoint Management, and we’re humbled every day as we continue learning from our customers. You’re invited to read the full Gartner Magic Quadrant report or view a snapshot of the UEM Magic Quadrant above. Keep up with ongoing developments on UEM and hybrid work by following the Microsoft Endpoint Manager Blog.

To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.

¹Gartner, Magic Quadrant for Unified Endpoint Management Tools, Dan Wilson, Chris Silva, Tom Cipolla, 16 August 2021.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER and MAGIC QUADRANT are registered trademarks of Gartner, Inc and/or its affiliates and are used herein with permission. All rights reserved. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Microsoft.

The post Microsoft a Leader in 2021 Gartner® Magic Quadrant™ for Unified Endpoint Management Tools appeared first on Microsoft Security Blog.