Welcome back to our Back to Basics blog series, a glossary for Microsoft 365. Last time we discussed the ultimate question – what is Microsoft 365? Microsoft 365 is comprised of multiple applications, such as Intune. Today, we will be covering these three questions: 

• What Is Intune? 
• What Is Mobile Device Management (MDM)? 
• What Is Mobile Application Management (MAM)? 
• Advanced Resources for Intune, MDM, and MAM‍

What is Microsoft Intune?

According to Microsoft,  

“Microsoft Intune is a cloud-based endpoint management solution. It manages user access to organizational resources and simplifies app and device management across your many devices, including mobile devices, desktop computers, and virtual endpoints.”

Intune is part of the Microsoft Endpoint Manager suite and provides capabilities for both Mobile device management (MDM) and mobile application management (MAM). In other words, Intune is Microsoft’s cloud offering for managing end-user's devices and applications on their devices.  

There has been some recent confusion around the name of Intune – is it Intune or Endpoint Manager? Microsoft cleared up the confusion in a Q&A where they establish that Endpoint Manager was renamed to Intune in October 2022. As we established above, Intune is comprised of features for mobile device management and mobile application management. 

What Is Mobile Device Management (MDM)? 

Mobile device management technology is, as the name suggests, software that helps you manage company-owned devices to ensure a smooth, secure, consistent, and controlled experience for end-users. MDM solutions help IT administrators ensure that devices are secure and compliant with company policies. They also help provide the intended mobile device experience to end users.  

Key features of MDM include: 

1. Device Enrollment: Streamline the process of registering devices for management by automatically installing applications on and configuring the device. 
2. Configuration Management: Remotely configure settings and restrictions on devices. For example, your organization could have an MDM policy that prevents users from installing unauthorized applications onto their mobile device. 
3. Security policies: Like configuration management, MDM enables you to enforce security measures remotely. 
4. Monitoring and reporting: Get visibility into device compliance, usage, and security issues. 
5. Remote support: Eased remote troubleshooting and assistance, reducing downtime for users. This is particularly important in the work-from-home era.

While Microsoft Intune is one of the most popular MDM solutions, it is important to note that other MDM solutions exist, such as VMware Workspace One, IBM MaaS360, Cisco Meraki Systems Manager, and more. Many companies allow users to bring their own device (BYOD), which tasks IT administrators to manage certain applications on the device. This brings us to our final question for today. 

What Is Mobile Application Management (MAM)? 

Mobile application management software enables you to remotely control the applications installed on a given device. MAM applies to both company-owned devices and personal devices. For companies that do not distribute devices and instead have their employees BYOD, MAM is critical to ensure a smooth, secure experience for end users.  

Key features of MAM include: 

1. App Deployment and Updates: Remotely install and update applications on employees’ devices. 
2. Application Security: Implement security policies remotely. For example, an organization could have a MAM policy that prevents users from copying and pasting company data outside of Outlook. 
3. Monitoring and Analytics: Track app usage, performance, and compliance with organizational policies.  
4. Remote Management: Remove or restrict access to applications remotely in cases of losing a device or terminating an employee.

Intune ultimately exists to enable IT administrators to practice mobile application management and mobile device management. As we have explored Intune, MDM, and MAM, the question arises, What approach should businesses take to mobile device security? MDM or MAM? While dependent on your business needs, the answer is usually a combination of both.  

Advanced Resources for Intune, Device, and Application Management

For insights on MDM vs. MAM plus practical guidance on getting started with device management, read How to Get Start Started with Device Management in Microsoft Intune. Or, learn best practices for Intune in Mobile Device Management Best Practices for Intune.

For deeper insights on Intune security, read Security Best Practices for Microsoft Intune. Or, learn about Intune Data Retention and Intune Configuration Backup and Restoration to augment your Disaster Recovery plan.

For insights on Intune reporting and monitoring, read How to Monitor and Track Events in Intune and How to Report on Microsoft Intune.

Last but not least, compare Microsoft’s native application deployment to CoreView Configuration Manager in How to Automatically Package and Deploy Applications across Microsoft Tenants with Configuration Management.