ActiveIdM approached this implementation by creating use case scenarios to segment the client’s user population into manageable groups by user type, user role, device role, organizational role, and supported device platform. This enabled the our team and the client stakeholders to clearly understand Intune policies and security settings in difference scenarios. This solution also made consideration for device ownership, corporate versus personal.
Asset management and reporting was also provided with this solution. Intune was leveraged to perform management tasks such as collecting complete phone numbers for enrolled devices and inventorying applications on corporate-owned devices and presenting this information to administrators.
With use case scenarios defined, ActiveIdM implemented the necessary Intune policies and security settings to address each of the use cases.
Key to this solution is device compliance. The Intune policies were configured to ensure that all mobile devices behave in a predictable and secure manner. This includes requiring a device unlock code, encryption, detection of rooted or jail-broken devices, minimum and maximum operating system versions, and continuous monitoring of the user’s Mobile Threat Defense level.
This successful implementation provided a large step forward in the client’s ability to give users the resources they need, and on the devices that they use, while providing robust controls to keep corporate data secure.