What can I get from Office 365’s MDM versus Intune?
When it comes to Mobile Device Management, it can be a little confusing keeping all the various MDM offerings straight. For many organizations that utilize Office 365 for their email and/or other office suite applications, O365 MDM may be quite appealing due to one captivating detail…its free! Yes, MDM for O365 is included with many Office 365 commercial subscriptions. Free is indeed a good thing.
Free of course usually denotes some limitations and shortcomings. This is the case with O365 MDM as it does not have near the feature rich options nor device coverability of Intune. Intune either requires a paid subscription or can be purchased with Enterprise Mobility Suite. Cost is one of the main differences between the two.
Mobile Device Management for Office 365 is designed for securing and managing mobile devices. This includes such things as iPhones, iPads, Android devices, Windows Phones and tablets that are connected to Exchange Online. You can create MDM policies to secure these devices by remotely wiping them or removing sensitive information. This is one of the most important security management features for corporate mobile devices. Other functions of O365 MDM include:
- Remotely wipe emails from any device
- Set up device policies like password requirements and security settings
- Ensure email and documents can only be accessed by company managed mobile devices
- Access reports and alerts concerning the jailbreaking of devices
- Review reports concerning which devices are not compliant
O365 MDM is a good fit for a company that fully utilizes domain joined services to manage their traditional workstations and laptops and need to manage and secure mobile devices as well. For those organizations that want to go all in and manage all of their Windows 10 computer devices (including traditional PCs) using an MDM solution, Intune is the only choice between the two. With Intune, it is possible to manage your devices without any on premise infrastructure as long as they are all Azure joined.
Another key difference is how you access each of the CSP interfaces. O365 MDM is accessed using the Security and Compliance Center as is shown below.
Intune on the other hand is accessed through the Azure portal.
Intune has a lot more functionality than O365 MDM such as the following:
- You can integrate Intune with System Center Configuration Manager to coincidingly manage both on and off prem devices
- Supports Mac OS X as well as Linux and Unix servers
- Deploy your internal line-of-business apps and apps in stores to users
- Provide additional security for web browsing
- Implement Mobile Application Management policies for all your users
Which one is best depends on the needs of your organization.