Microsoft Intune 2304 April Edition: Improved Security, Management, and More.

 Microsoft Intune is a cloud-based device management service that helps organizations to manage and secure their endpoints, including smartphones, tablets, laptops, and desktops. The service provides a range of features, such as device enrollment, app management, conditional access, compliance policies, and more. In this blog post, we'll explore some of the latest updates and enhancements in Microsoft Intune that were released in the 2304 April edition.

Here's a look at the old vs. new user experience:

Adding Google accounts to Android Enterprise personally owned devices

1. New Enrollment Status Page

Microsoft Intune now features a new Enrollment Status Page (ESP), which provides a simple and easy-to-use interface for monitoring the enrollment status of devices. The ESP shows the progress of the enrollment process and alerts administrators if there are any issues or errors. It also provides a link to the Intune Troubleshooting Portal, where administrators can find more detailed information and solutions.

2. Android Enterprise Enhancements

The 2304 April edition of Microsoft Intune includes several enhancements for Android Enterprise devices, including:

• Support for Android Enterprise Work Profile Management for personal devices: Administrators can now manage the work profile on personal Android devices, providing a more secure and controlled work environment without affecting the personal data and apps.

• New and updated Android Enterprise policies: Intune now supports several new and updated policies for Android Enterprise devices, such as disabling the camera, configuring Wi-Fi, and more.

• Support for Android Enterprise Corporate-Owned, Personally-Enabled (COPE) devices: Intune now supports the COPE deployment scenario, where the organization owns the device but allows users to install personal apps and use the device for personal activities.

3. macOS Enhancements

Intune has also introduced several enhancements for macOS devices, such as:

• New macOS compliance policies: Administrators can now set compliance policies for macOS devices, such as requiring encryption, checking for software updates, and more.

• Improved macOS app management: Intune now provides more options for managing and deploying macOS apps, such as installing apps on demand, using VPP licenses, and more.

• macOS device configuration profiles: Administrators can now configure settings for macOS devices using device configuration profiles, such as configuring Wi-Fi, VPN, and more.

4. Microsoft Endpoint Manager Integration

Microsoft Endpoint Manager is a unified endpoint management solution that combines Intune and Configuration Manager to provide a comprehensive management platform for devices. The 2304 April edition of Intune includes several enhancements for Endpoint Manager, such as:

• Support for managing Windows 10 devices with Endpoint Manager: Administrators can now manage Windows 10 devices with Endpoint Manager, providing a unified management experience for all endpoints.

• New Endpoint Analytics feature: Endpoint Analytics provides insights and recommendations for improving the performance and reliability of devices, based on data collected from Intune and Configuration Manager.

5. Microsoft Defender for Endpoint Integration

Microsoft Intune now features improved integration with Microsoft Defender for Endpoint, a comprehensive security solution that helps organizations to detect, investigate, and respond to advanced threats across their endpoints. The integration allows administrators to manage and configure Defender for Endpoint settings directly from the Intune console, providing a more streamlined and efficient security management experience.

6. New Conditional Access Policies

Conditional Access is a key feature of Microsoft Intune that allows administrators to control access to corporate resources based on a range of criteria, such as device compliance, location, network, and more. The 2304 April edition of Intune includes several new conditional access policies, such as:

• Location-based access control: Administrators can now restrict access to corporate resources based on the physical location of the device.

• Device Health attestation: Administrators can now enforce device compliance policies using the Device Health Attestation feature, which checks the integrity and security of the device.

• Enhanced support for iOS devices: Intune now provides enhanced support for iOS devices, such as allowing access to corporate resources only from devices that are managed by Intune.

7. Improved App Protection Policies

App Protection Policies are a key feature of Microsoft Intune that help organizations to secure their data and applications on mobile devices. The 2304 April edition of Intune includes several improvements to App Protection Policies, such as:

• Improved support for Office apps: Intune now provides more granular control over Office app policies, such as restricting copy and paste operations, disabling screen capture, and more.

• New data protection policies: Intune now supports several new data protection policies, such as restricting access to specific apps or websites, and preventing data leakage through unprotected channels.

• Improved user experience: Intune now provides a more user-friendly experience for configuring and deploying App Protection Policies, making it easier for administrators to secure their apps and data.

In summary, the 2304 April edition of Microsoft Intune introduces several new features and enhancements that help organizations to manage and secure their endpoints more effectively. The integration with Microsoft Defender for Endpoint, new conditional access policies, improved App Protection Policies, and more provide a more comprehensive and streamlined management experience for all types of devices.

The new Enrollment Status Page, Android Enterprise enhancements, macOS enhancements, and Endpoint Manager integration provide a more comprehensive and unified management experience for all endpoints, including smartphones, tablets, laptops, and desktops.

Here's a screenshot of the new options:

Screenshot of the Microsoft Intune admin center showing options for update policy behavior settings, which include critical updates, firmware updates, configuration file updates, and scheduling