Microsoft PKI with Intune

Solution overview

As organizations move to support hybrid and remote workforces, they’re challenged with managing the different devices that access organization resources. Employees and students must collaborate, work from anywhere, and securely access and connect to these resources.

Get in touch Get the datasheet

Implementation of the PKI with Intune

Admins must protect organization data, manage end-user access, and support users from wherever they work. With Encryption Consulting, organizations can easily integrate Intune with their existing infrastructure and use advanced features such as Windows Hello for Business, organization-wide policies so that each device remains compliant with the organization, enable NDES for devices outside the network and much more.

Key Features and benefits

Organizations can manage users and devices, including devices owned by your organization and personally owned devices. Microsoft Intune supports Android, Android Open Source Project (AOSP), iOS/iPadOS, macOS, and Windows client devices. With Intune, you can use these devices to access organization resources with policies you create securely.

Intune simplifies app management with a built-in app experience, including app deployment, updates, and removal. Organizations can connect to and distribute apps from their private app stores, enable Microsoft 365 apps, deploy Win32 apps, create app protection policies, and manage access to apps and their data.

Intune automates policy deployment for apps, security, device configuration, compliance, conditional access, and more. To receive these policies, the devices only need internet access. Organizations can deploy the policies to their user and device groups when they are ready.

Employees and students can use the self-service features in the Company Portal app to reset a PIN/password, install apps, join groups, and more. Organizations can customize the Company Portal app to help reduce support calls.

Intune integrates with mobile threat defense services, including Microsoft Defender for Endpoint and third-party partner services. With these services, the focus is on endpoint security, and organizations can create policies that respond to threats, do real-time risk analysis, and automate remediation.

Organizations use a web-based admin center focusing on endpoint management, including data-driven reporting. Admins can sign into the Endpoint Manager admin center from any internet device.

Deployment Options

Intune can be fairly complex to deploy, and depending on the current configuration would vary as to how Intune would be deployed in your organization.

If your organization doesn’t use anything

Intune

If you want a cloud solution, consider going straight to Intune. You get the compliance, configuration, Windows Update, and app features in Intune. You also get the benefits of the Endpoint Manager admin center, a web-based console.

Configuration Manager

If you want the features of Configuration Manager (on-premises) combined with the cloud, consider tenant attach or co-management. With Configuration Manager, you can:

Manage on-premises devices, including Windows Server.
Manage partner or third-party software updates.
Create custom task sequences when deploying operating systems.
Deploy and manage many app types.

If you currently use Third party MDM provider

Devices should only have one MDM provider. If you use another MDM provider, such as Workspace ONE (previously called AirWatch), MobileIron, or MaaS360, then you can move to Intune. The biggest challenge is users must unenroll their devices from the current MDM provider and then enroll in Intune.

If you currently use Configuration manager

Configuration Manager supports Windows and macOS devices and Windows Servers. If you’re using other platforms, you may need to reset the devices and enroll them in Intune. Once enrolled, they’ll receive the policies and profiles you create.

If you currently use on-premises group policy

In the cloud, MDM providers, such as Intune, manage device settings and features. Group policies objects (GPO) aren’t used. When managing devices, Intune device configuration profiles replace on-premises GPO

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Microsoft PKI with Intune

With the integration of Microsoft PKI, Intune enables organizations to provide more security and reliability for their remote workforce and migrate the organization towards a passwordless and more secure future.

Solution overview

Implementation of the PKI with Intune

Key Features and benefits

Deployment Options

If your organization doesn’t use anything

If you currently use Third party MDM provider

If you currently use Configuration manager

If you currently use on-premises group policy

If you currently use Third party MDM provider

If you currently use Configuration manager

If you currently use on-premises group policy

Ready to get started?

Global Headquarters

Contact Sales

Services

Products

Company