Best practices for Implementing Intune MDM
Microsoft recommends the different practices for implementing Intune MDM
What is MDM
MDM is a solution that uses software as a component to provision mobile devices while protecting an organization’s assets like data. Organizations practice MDM by applying software, processes and security policies onto mobile devices and toward their use.
Microsoft recommends the following best practices for implementing Intune MDM
- Plan the deployment. Proper planning before deployment will increase deployment efficiency.
- Review the Configuration Manager hierarchy to determine how best to integrate MDM. Remember, MDM does not require a separate site in the Configuration Manager hierarchy.
- Understand which platforms the organization will support. This will help determine what types of certificates are required for app deployment.
- Acquire and deploy certificates and side-loading keys before user enrollment is enabled. Coordinate with other teams to streamline the app certification process.
- Identify and license specific users by using user discovery in Configuration Manager, and then add users to a custom collection that will synchronize these user accounts with Intune.
- Enable AD FS to allow users to use the same username and password to access corporate resources.
- Work with the security and Exchange teams to align passwords and policies across device platforms to ensure a good user experience without compromising corporate security.
- Promote collaboration among all teams involved. Several different teams in the organization might need to be involved—including security, compliance, application developers, services, and infrastructure providers. It is important to ensure that all stakeholders can provide input at an early stage and that they can work together to ensure a smooth deployment.
- Develop a detailed communication and readiness plan. A well-developed support plan and documentation for user and helpdesk readiness can reduce support costs.
- Train help desk technicians before deployment. Have training and support content ready for modern device support, especially for any differences in the user experience across device platforms.
- Educate users. Provide users with documentation about the enrollment steps for each supported device platform to reduce support calls. Set expectations for any delays between enrollment and when Company Portal apps are available for installation. To reduce user concerns, make sure that users understand what is being inventoried on their devices. Create frequently asked questions (FAQs) for common questions and document any known issues.
- Plan the enrollment process. To ensure a good user experience and reduce support costs, consider how the Company Portal and LOB apps will be deployed.
- Use categories to organize applications on the Company Portal and make them easier to find.
- Use security groups to limit what apps users can see, based on their role in the company.
- Determine which apps to publish on the Company Portal, based on business needs. Determine how long apps will be maintained on the Company Portal before they are retired.
- Evaluate which apps might change often, and consider using a deep link instead of deploying the full app.
- Use the Windows Phone emulator in the Windows Phone software development kit (SDK) to test the Windows Phone enrollment experience.
Download Our Profile
Get to know more about Mignet Technologies by downloading our profile.