Managing endpoints via a centralized, cloud-based IT management system – one that helps ensure security and enables admins to manage policies and workflows consistently across the various devices and apps used in an organization – is becoming increasingly appealing. One of the major hurdles for businesses wanting to align with a more unified endpoint management (UEM) approach is that of migration – specifically, how to migrate from more traditional IT management tools to more modern, cloud-based alternatives. Challenges often arise around understanding where to start in migrating from an on-premises IT management model, built around tools such as Active Directory and Configuration Manager, to a cloud-based alternative. At its Ignite 2017 conference, Microsoft announced some new, modern device management capabilities that aim to help organizations overcome these challenges.
Utilizing both Microsoft Intune and Config Manager to co-manage Windows devices
At Ignite 2017, Microsoft announced new ConfigMgr and Intune co-management capabilities that will support organizations in evolving how Windows 10 devices can be managed. Effectively, this new co-management capability enables organizations to manage some workloads (device compliance, updating, etc.) and policies via the traditional on-premises ConfigMgr agent, and others via the cloud-based Intune mobile device management (MDM) solution. As part of the co-management model, organizations can join Windows 10 devices to both Active Directory and Azure Active Directory at the same time. This capability is certainly welcome, as it will enable organizations to adopt a more phased approach to migrating to a cloud-based IT management model. Supporting this phased approach will help organizations migrate at a more comfortable pace, enabling them to learn valuable lessons and develop confidence in new, cloud-based IT management software and practices. By introducing these capabilities, Microsoft is supporting organizations in adopting a more modern, cloud-based UEM approach – one where IT admins can manage a more traditional device estate alongside an estate of smart mobile devices in a more consistent and centralized fashion. This co-management capability is expected to be shipped later this year, but Microsoft announced that it will enter a preview phase following the Ignite conference this week.
Also at Ignite 2017, Microsoft announced an Apple Mac device management partnership with Jamf – a company that provides solutions that support more than 12,000 organizations in managing Apple devices. This partnership will see Jamf integrate deeply with Microsoft Intune and enable organizations to also manage Mac devices via the solution. The finer details relating to this partnership are yet to be confirmed, but it's certainly good news for organizations that embrace Apple devices alongside a Windows estate.
Finally, Microsoft also announced new capabilities that will enable organizations to manage and deploy Win32 and .exe apps via Intune. This capability will further support organizations wishing to embrace a more unified application and endpoint management model supported by Intune. Traditionally, managing and deploying Win32 apps via MDM solutions has been challenging. Now, with this new capability, organizations can manage Win32 apps alongside an estate of more modern, mobile-native apps that they may already be managing via the MDM solution.
Adam Holtby, Senior Research Analyst, Workspace Services