At its Ignite conference today, Microsoft announced a number of new features for the Microsoft Endpoint Manager, the company’s unified platform for managing and securing devices in an enterprise environment. The service, which combines the features of the Microsoft System Center Configuration Manager with the cloud-based tools of Intune, launched just under a year ago. Today’s updates build on the foundation the team created at the time and add improved macOS and iPad support, as well as new tools for connecting mobile devices to on-premises apps and additional productivity tools based on the date the company gathers from the service. The company is also making it easier for corporate IT departments to provision devices for employees remotely.
If anything, the pandemic has only accelerated both the growth of this business for Microsoft and the need for companies to manage their remote devices.
“It really is about bringing this cloud and all the intelligence that we had in Intune together with Config Manager and making it act as one,” Brad Anderson, Microsoft corporate VP for the Commercial Management Experiences team, told me. “And it’s been so fascinated to see how the pandemic accelerated people wanting and needing to use that. When the pandemic first hit – and as I go back to March 8th or 10th, in the US, the calls that I was having almost every day with CIOs centered around, ‘my VPN is overwhelmed. How am I going to patch on keep all my systems updated?’”
Today’s announcements build on the work Microsoft has done on this service over the course of the last year. After launching support for scripting on macOS earlier this year, for example, the company today announced a new “first-class management experience on macOS” that brings deploy scripts, but also improved enrollment experiences and app lifecycle management feature to the platform.
Endpoint Manager now also supports Apple’s Shared iPad for Business functionality and will help businesses deploy iPads to their users and allow them to log in with Azure Active Directory accounts. This gives users two separate portions on the device: one for work and one for everything else.
Another new feature is Microsoft Tunnel. This gives businesses a VPN that can cover the entire device or single apps to ensure that their employees’ devices are secure and compliant with their internal policy to access their networks.
“The key thing [with Microsoft Tunnel] is that this is all integrated into our conditional access,” Anderson explained. “And so when that VPN comes up, before access is granted to the data or to the apps, the conditional access engine that we’ve built inside of Microsoft 365 has that point of view on the trust of the identity and the trust of the device. That really is the key differentiator on that. I’ll tell you, between you and I, that one feature is probably the single feature that customers who are running another MDM and then the Microsoft Endpoint Manager — that’s the one they’re waiting for.”
Endpoint Manager now also supports the Windows Virtual Desktop (WVD) environment. That’s been a massive growth area for the company — one that has only been accelerated by the COVID-19 pandemic. As Anderson told me, the company saw 10x growth for WVD through the pandemic. “Now, Windows Virtual Desktop is that first-class citizen inside Microsoft Endpoint Manager. So you can manage your virtual endpoints just like you manage your physical endpoints. All your policies are applicable, all your apps are clickable. And it just makes it easier to be able to use that as one of the tools you have to empower your users,” he said.
Another area of Endpoint Manager, which may only seem tangentially related at first, is Microsoft’s Productivity Score. There are two aspects to this service, though: employee experience and technology experience. Productivity Score is meant to help businesses better understand how their employees are working — and identify areas where companies can improve. On the technology side, that also means understanding which apps crash, for example, or why laptops slow down.
“Here’s one of the key scenarios,” said Anderson. “We’ll get a call every once in a while that says, like, ‘hey, my users are all having a great experience with Office 365 but I’ve got a handful of users for whom it’s slow.’ More often than not, that’s a networking issue. And so every time a user, for example, opens a file or saves a file, opens an attachment, we get telemetry back that helps us understand the operations of that. We probably know when an ISP in the south of France sneezes, because Office 365 is so ubiquitous now.”
The other new feature here is what Microsoft calls Endpoint Analytics. With this, Microsoft can now provide businesses with details information about when apps on their employees’ devices crash – no matter whether that’s an internal app, a third-party service — or a Microsoft app.
In addition to these technology scores, Productivity Score is also getting new categories like meetings, so managers can see how many meetings their employees have, as well as a new teamwork category.
By Frederic Lardinois