by Thor Olavsrud

Microsoft adds MDM capabilities to Office 365

Mar 30, 20153 mins
CareersMicrosoft OfficeMobile

Leveraging Microsoft Intune and Azure Active Directory, Microsoft extends built-in mobile device management capabilities to Office 365 commercial plans at no additional cost.

mdm UEM
Credit: Thinkstock

Microsoft today announced the general availability of mobile device management (MDM) capabilities for Office 365, which is designed to give administrators the built-in capability to manage access to data in the cloud-based productivity suite across iOS, Android and Windows Phone devices. The MDM features are available at no additional cost in all Office 365 commercial plans, according to Microsoft.

office 365 logo gallery

“With today’s GA, the first app every organization will look to secure and protect now comes with MDM capabilities natively built into it,” Brad Anderson, corporate vice president, Enterprise Client & Mobility at Microsoft, wrote in a blog post. “This means IT admins can set up security policies on devices to ensure that O365 corporate email and data can be accessed only on phones and tablets that are managed and compliant.”

[ Related: MDM features and functions compared ]

Shobhit Sahay, technical product manager on the Office 365 team at Microsoft, notes that Office 365’s new MDM capabilities work in three ways to keep your data safe:

  • Conditional Access. Office 365 leverages Microsoft Intune and Microsoft Azure Active Directory to allow you to set up security policies on devices that connect to Office 365 so that only managed and compliant devices can connect. The Conditional Access policies apply to Word, Excel, PowerPoint and other business applications.
  • Device Management. You can set and manage security policies such as device-level pin lock and jailbreak detection to help prevent unauthorized users from connecting. Additional settings and rich reporting are also available within the admin center.
  • Selective Wipe. You can easily remove Office 365 data from an employee’s device while leaving their personal data in place.

“If you are looking for protection beyond what’s included in Office 365, you can subscribe to Microsoft Intune, part of the Microsoft Enterprise Mobility Suite, and receive additional device and application management capabilities for phones, tablets and PCs,” Sahay says. “This includes the ability to restrict actions such as cut, copy, paste and save to applications managed by Intune — helping keep corporate information even more secure.”

[ Related: How marketing is tackling MDM in the shadows ]

Anderson notes that Microsoft has architected its Enterprise Mobility Suite (which includes Active Azure Directory Premium and Microsoft Intune) and Office 365 to work together, bringing together multi-layer mobile security with identity and access management, mobile application management and data protection.

[ Related: Attack of the BYOD-killing MDM software ]

“The pivot of managing Office via Intune is a big (and really proactive) step for the industry,” he says. “In fact, Intune now sits as the only comprehensive MDM solution on the market that can manage the recently released Office mobile applications on iOS and Android. This enables the workforce to utilize the apps they love, while preventing data leakage — and it empowers IT teams to constantly improve and streamline the services they deliver while maintaining strict security.”

Sahay notes Microsoft will begin rolling out the new capabilities on Monday and expects they will be completed worldwide in four to six weeks.

Follow Thor on Google+