Using endpoint management to support E8 and Zero Trust

How Intune’s new capabilities streamline security.

It’s been a tough couple of years for company cyber teams with $8.44tn lost to the global economy, thanks to a dramatic upswing in cyberattacks.[1]

With no let-up in sight, the pressure is now on to fortify defences and establish a Zero Trust IT environment and/or apply the Essential 8 framework of controls outlined by the Australian Signals Directorate (ASD).  No small task. Establishing end-to-end security is a team sport that involves collaboration across IT and security teams, and it extends from physical elements like devices, across data and applications right through to IT enablers like analytics, automation and orchestration. 

Co-create to Innovate

It’s this complexity that led the Intune community to feed back to Microsoft. This group collectively manages and secures 150 million devices across the world and includes Australian companies like NAB who use Intune to secure, deploy and manage users, apps and devices for 32,000 workers and Orica who use it to manage 14,000 endpoints  – from AR headsets to workstations.

They told us they’d like a secure way to provide technical assistance for remote workers so we started with that, while lining up a list new, adjacent categories like advanced privilege, application and cloud certification management. 

Our in-depth customer research which involved talking to customers daily, revealed that IT teams juggle as many as five different niche products, each with their own licensing, consoles and integration challenges.

Set this against the backdrop of the IT skills shortage and it’s easy to understand their motivation for a more comprehensive product that could round up key functions into a single console with no integration hassles. And now, thanks to their input, we’re proud to announce the new Intune Suite, specifically designed to help customers strengthen their security posture, enhance user experiences, and reduce TCO. This single offering includes the new solutions listed below, plus a roadmap of advanced capabilities moving forward.

New Helpdesk feature, Synced with Service Now

Addressing both simplification and security, Remote Help is a new secure solution that enables IT helpdesks to support hybrid workers quickly and efficiently. They’ll be able to conduct background device compliance checks, improve compliance messaging, answer requests, and take remote control of devices for troubleshooting.

This direct Intune connection, along with permissions-based access controls and organisational requirements for sign-in, enables support staff and employees to verify explicitly, one of the principles of Zero Trust.

For Essential 8 multifactor authentication (MFA), you can use Intune together with Azure Active Directory conditional access policies to require MFA during device enrolment. 

That level of authentication gives employees a trusted experience. They know that they are dealing with genuine support personnel if they hand over control of their device. Remote Help will also integrate with ServiceNow in April 2023, enabling support staff to see incidents directly in the Intune console, saving time and reducing complexity.

Tightly controlled Endpoint Privilege Management

Another Zero Trust and Essential 8 principle, enforce least privilege access/restrict admin privileges is supported through Intune’s new Endpoint Privilege Management. It enables admins to set very granular policies regarding which users can perform tasks normally reserved for an admin, along with specified time periods. So employees can install applications, printers, and other peripheral devices when they need to – without the risk of leaving admin privileges switched on permanently.

A future release will also enable admins to define policies that automate user-confirmed and support-approved workflows for elevation, to speed up resolution without compromising security. And to inform decision-making, this feature will include a comprehensive view of all elevations with analytics and reporting across the organisation.

Advanced Endpoint Analytics

To help administrators address critical issues that could affect business continuity, we’re introducing anomaly detection, which uses AI and machine learning to automatically notify IT admins about potential problems, such as hardware failures, app crashes and unexpected reboots, so they can find and fix the root cause fast.

IT teams will also be able to slice endpoint analytics reports to a subset of devices to understand specific issues relating to OS, age, or other factors more clearly. And to speed up remediation there are new device timelines for troubleshooting and intelligent recommendations for optimising and improving IT systems.  And, with the wave of innovation fuelled by AI, the Intune team is working on adding many more advanced features in the near future.

Advanced Application Management

Another new capability that will be added to the Intune Suite is advanced app management, offering an enterprise app catalog and controls for easy app discovery, deployment, and automatic updating to mitigate risks introduced by out-of-date apps. Later this year, we will also introduce a cloud certificate management solution to issue and manage VPN and Wi-Fi certificates from Intune to devices without on-premises infrastructure.

Expanding capabilities

These innovations are part of an ongoing program that will see the introduction of a host of new capabilities like advanced cloud certificate management support and Microsoft Tunnel for Mobile Application Management (MAM), which allows people to securely access on-premises apps and resources on their unmanaged Android and iOS devices.

I am personally excited to see our customers’ interest in the new Intune Suite and are even more excited about the opportunity to help them achieve their goals in a more secure and streamlined manner. Going forward, the Intune team plan to add many more advanced capabilities to this new offering to further help customers.

More information?

• Step-by-Step Guide
  Six Steps to Build a Holistic Security Strategy >
  
• Case study
  Find out how National Australia Bank improved productivity with Intune >
  
• Thought Leadership
  See why Gartner recognised Microsoft as a leader in the 2022 Magic Quadrant for Unified Endpoint management tools >

---

[1] Statista (2022), Estimated cost of cybercrime globally 2016-2027. Available at: https://www.statista.com/statistics/1280009/cost-cybercrime-worldwide/