Microsoft Office: Word, PowerPoint, Outlook, Excel, OneNote, OneDrive, etc, who doesn’t know these applications? Most of you know the apps from a corporate point of view and I think it is safe to say the Office suite of products is the corporate standard. As we know, there is another world besides the laptop/desktop/Windows based one: the mobile devices world. And besides desktop/laptop vs mobile, we also have a corporate vs private world. To make it even more exciting, the mixture of all worlds is happening all around us.
Wouldn’t it be great to use the same productivity apps you are used to use among all these different devices? What maybe isn’t known to many people is the fact Microsoft has developed many apps for IOS and Android. You can use the complete Office suite on your mobile devices. Find the Microsoft apps on iTunes here. So, if you want to have the same experience on your mobile devices, or even on your Apple Macs as on your corporate device, you can. The Office Suite is developed for all platforms.
Great, users can have the same experience, on Windows, Mac and mobile devices. But when these mobile devices are used professionally, IT would like to manage at least the productivity apps. It is great you can access and consume corporate data by using the Office apps, but you would like to secure the data as well.
To do this security, other MDM/MAM (Mobile Device Management/Mobile Application Management) vendors have created their own productivity apps. Their own email clients and data clients which previews Microsoft Word, Excel and PowerPoint documents. Those apps are not what end users know and like. Also, it isn’t the core business of these MDM/MAM vendors to develop Office/productivity tools.
With Microsoft Intune, it is possible to let users use what they know and like and secure the Office apps in multiple ways:
- Traditionally, you can enrol your device in Intune and manage the device and the Office apps: MDM-MAM,
- It also is possible to use the apps and secure them without enrolment: MAM Only
- If you currently are using another MDM tool, you still can use #2 by using Intune for the MAM part.
Bullit 1 is pretty clear: you enrol the device and policies are being pushed regarding the device and apps, by using Intune. With #2 and #3, the application policies are being pushed after users sign in, within the office apps on IOS and Android, with their accounts in Microsoft Azure/Intune.
So, what can be configured using MDM-MAM or MAM only?
- You can allow/deny copy/past from the Office apps to other native apps,
- You could allow copy/paste from native apps to the Office apps,
- You can set a PIN on all apps for another level of security,
- You can specify that links need to open in the Managed Browser,
- You can prohibit “save as”, to prevent users to save a corporate document on another, unmanaged location.
With Intune and the Microsoft productivity apps, users use familiar apps for productivity, and which are built for that purpose and IT can secure access to and from these apps, and secure corporate data. Check out this Microsoft blog for more details and screen shots. Also, check out this website to see more apps that can be managed by Intune.