Not all heros wear capes.
Steps for configuring Android devices using Microsoft Intune.
There's a few steps for configuring mobile devices using Microsoft Intune. I recommend reading these steps then watching the video below, where I go into more detail.
- Picking your devices: Unlike Apple iOS, the Android ecosystem is vast. There are so many devices and OS skins available to your users. If you're going to manage Android devices, I would recommended looking at Google's device recommendations for enterprises. Trust me, a bit of restriction for users will make life easier for everyone later on.
- Google Play account: Google recommends that you create an enterprise account rather than using your own as a safeguard. Learn how to create an Enterprise account here.
- Enrolment restrictions: By default, Intune blocks Android Enterprise work profiles. Why? I don't know. It's weird. 🤔
Select 'allow'. Let's say you use two different types of Android devices in your workplace. One being a Samsung for general use such email, text, calendar, etc. Another might be a Zebra enterprise computer which also runs android. You wouldn't want to deploy the apps you assigned to the Samsung to the Zebra. In Intune you can assign different profiles to different device manufactures. More information. Pretty neat, aye.
- App configuration: If you're managing both BYOD and organisation-owned devices (hybrid system), I recommend you configure apps through 'Managed Apps'. You can configure multiple apps at once through this process, and you're not limited to just one at a time. These policies can also be used for iOS/iPadOS.
- Configuration policies: This is where the magic happens! When configuring apps, you can add layers of security to help protect company data. I recommend testing features like: requiring biometrics to access apps, blocking local data saving and allowing notifications via wearable devices. I go into more detail about application security in another blog post.
Android application configuration policies in action.
Watch me configure an application policy in the video below.