UEM

How to Enroll MDM for Office 365: A Step-by-Step Guide

Maverick Updated on Apr 23, 2024 Filed to: UEM

In this current time of the digital world, employees of multiple organizations access important data or resources, such as documents, calendars, emails, etc, on their mobile devices. However, such actions bring ease and convenience but also raise security concerns and risks for organizations. Here is where MDM Office 365 becomes critical for business. It is a tool that allows the IT Admins of organizations to keep control of the resources of the company on an employee’s device. 

In this article, we will guide you through the process of enrolling Mobile Device Management (MDM) for Office 365, introduce the difference between MDM for Microsoft 365 and Microsoft InTune, and explore the benefits MDM can bring to your business.

1How to enroll Mobile Device Management (MDM) in Office 365? (Step by Step Guide)

In this part of the article, you will get a detailed step-by-step guide on enrolling in Office 365 device management.

  1. Step 1
    Sign in to Office 365 with your work or school account
  2. The initial step is to sign in to Office 365 with the account of your school or work. Follow this URL: https://www.office.com/signin
  1. Step 2
    Access to Security & Compliance
  2. Once you have signed into Office 365, you will then have to access the security & compliance. For that purpose, you will first have to navigate Admin centres, and on the drop-down, you will see Security & Compliance.
  3. Access to Security & Compliance
  1. Step 3
    Click Let's get started
  2. As soon as you are done with navigating the security & compliance, check security policies and then check device management and click “let’s get started” to start the process of activation.
  3. Click Let's get started
  1. Step 4
    Start setup
  2. After clicking “Let's get started”, update the name of the security policy and click the “Start setup” option.
  3. Start setup
  1. Step 5
    Complete and activate the Mobile Device Management service
  2. In the next step, you will see the setup screen in which the progress on the setting of the service will be shown. Once the process is complete (it will take some time though to activate mobile device management for MDM Office 365), the system will send you an email that will explain each and every step that you will have to follow to complete the process.
  3. activate the Mobile Device Management service
  1. Step 6
    Click Manage settings on the Device Management page in the Security & Compliance Center
  2. When you see your service ready, click Manage settings on the “Device Management” on the Security and Compliance centre to look at the four settings that will be described in the following steps for setting up.
  1. Step 7
    Configure domains for MDM (Required)
  2. This is a required section once you have landed on the manage settings page. In this section, you will have to put the DNS record for the domain of the DNS host you use. Once done with this step, if your employees log in to Office 365 with the custom domain of the organization, they will be redirected to enroll in the MDM Office 365 setup by you. If you do not have a specific custom domain for your organization, it is better to leave the step. As soon as you are done, navigate back to the device management page to complete the process. 
  3. Configure domains for MDM 1
  4. Configure domains for MDM 2
  1. Step 8
    Configure an APN Certificate for iOS devices (Required)
  2. In order to be able to manage and control devices such as iPhones and iPads, it is important to create an APN certificate.  
  3. To make this possible, take the direction of steps on the setup links that are present on the page of setup mobile device management page.
  4. - Select the setup option next to configure an APN certificate for the iOS devices.
  5. Configure an APN Certificate for iOS devices 1
  6. - Here you would be given an option to download the CSR file, click that and then make sure to save the certificate signing request to a location on your computer that you will be able to remember.
  7. Configure an APN Certificate for iOS devices 2
  8. - Once this is done, click on the next option. After that, you will see the create an app certification option.
  9. - Once you reach the Creating an APNs certificate page, select, the Apple push certificates Portal and sign in with your Apple ID.
  10. Configure an APN Certificate for iOS devices 3
  11. - Once you have completed the process, click Create the Certificate option and accept all the terms of use.
  12. - Here you will land on APN certificate pages and you will have to browse the certificate signing request that you downloaded from Microsoft MDM Office 365. 
  13. - The next step would be to download the APN certificate that is basically created by the portal of Apple Push to your computer.
  14. - As you are done, you will have to navigate to MDM Office 365 and click on next to get to the uploading of APN certificate page. Here you will browse to the Certifcate created by Apple Push Certifcate Portal.
  15. Configure an APN Certificate for iOS devices 4
  16. - Select “Finish” in order to complete the process of setting up the APNs certificate.
  17. As you are done with the step, go back to the manage settings page to complete the next step.
  1. Step 9
    Set up multi-factor authentication (Recommended)
  2. Setting up a multifactor authentication is a recommended step, if you do not see it, you can skip this one. But if you see it, it is highly recommended to turn on the multi-factor authentication in the Azure AD portal. Doing such a process will elevate the security in the process of enrollment of the MDM Office 365.
  3. This is basically a process where signing in would require a second form of authentication through text or call.
  4. You will be required to navigate back to the Manage Settings portion to follow the next step.
  1. Step 10
    Manage device security policies
  2. This is one of the last few steps where you have to create and deploy the policies of security in order to apply security to the organization's data saved on Microsoft MDM Office 365. 
  3. Examples of such policies can include device preventing data loss on the employee losing their device after 5 minutes of not being active etc.
  4. To reach the option, navigate to Security and Compliance, then security police and then Device Security Policy to create the policies.
  5. Manage device security policies
  1. Step 11
    Make sure users enrol their devices
  2. The last and final step would be to make sure that the users enrol their devices in MDM Office 365. This is an option once you have deployed an MDM policy licenced by Office 365 in your organization. Each and every employee would be required to complete the enrollment and activation steps before they can actually get into the organization's resources saved in Office 365 MDM.

2MDM for Microsoft 365 Vs Microsoft InTune: What's the difference?

In this part of the article, you will be able to understand the basic and key differences of Mobile Device Management for Office 365 and Microsoft InTune differences.

difference between microsoft 365 and intune

MDM Office 365:

Mobile Device Management MDM for Office 365 is a built-in feature which is always included in the plan of Office 365 device management. It does not include Mobile application management services and mainly provides data resource support.

Supported device and System:

- Windows 11

- iOS 10.0 or later

- Android 4.4 or later

- Windows 8 and 8.1 (Exchange ActiveSync functionality)

- Windows 10 (all versions) - the device should be Azure Active Directory joined.

Supported Policy Settings:

Through MDM Office 365 device management, the settings that can be done are

- encryption,

- mail,

- specific password,

- jailbroken settings

Supported Features:

365 mobile device management provides basic MDM solutions and management rights such as enforcing security and setting up email profiles. Such features are the best options such as small businesses and organizations that are not required to have advanced device management capabilities.

Microsoft InTune:

Microsoft InTune kind of gives more control to the organization where they get to have the management control of their enterprise data as well as applications, and network access. This allows securing both applications as well as data of the organization.

Supported devices and Systems:

- iOS and iPad 11.0 or later

- Mac OS X 10.0.12 or later

- Android 5.0 or later (including Android Enterprise)

- Windows 8 and 8.1 (including Windows 8.1 RT)

- Windows 10- all versions - with Teams, Microsoft IoT, and Holographic for Business

- Windows 11 - all versions - with Teams, IoT, and Holographic for Business

Supported Policy Settings:

Microsoft InTune has advanced configuration such as:

- VPN

- WiFi

- Configuration certificate

Supported Features:

Microsft InTune is more towards enforcing device compliance, providing advanced security features and restricting data from all non-compliant devices. It is good for medium to large enterprises as it provides comprehensive control which is mostly more sophisticated and better for such organizations.

3How can Mobile Device Management for Office 365 Benefit Your Business?

microsoft 365 MDM-features

There are multiple ways through which you can use Office 365 to benefit your business. Below are the following.

Policy Formulation:

This is a feature that allows the IT admins to enforce some rules or policies for the employee who is going to access the company's available resources or data. The effect is that such actions make a baseline of security and minimize the risk of data breaches.

An Example could be enforcing an automatic screen lock after a few minutes of activity.

Device Enrollment:

The device enrollment feature makes it possible for employees to register with the MDM system on their personal devices. This helps in enabling a centralized management of the devices that are accesing company resources.

An example could be when an employee enrols for the MDM, they receive security policies and configuration settings directly from the MDM server.

Application Management:

This is a feature that allows centralized management of applications that can be installed on the device for the purpose of work. It ensures that the company data is safe and only company-allowed secured are used to access the company resources.

Taking example where IT admins specify the apps that can be used for work by creating a list. Only the allowed apps can be installed and used. Any unauthorized app will be blocked by the MDM solution.

Data Protection:

Such features allow the IT admins of the organisation to make configuration settings on the devices for keeping the company data safe and secure. This allows reducing the chances of data loss and unauthorized access.

An example can be taken when Admins enable data encryption on devices and make it unreadable if accessed by unauthorized devices.

Compliance Management and Reporting

It is a feature that allows IT Admins to keep track of the compliance status of all the devices which are enrolled into the system. Such a mechanism allows for identifying potential risks.

An example can be taken where IT admins are able to see that device which are compliant with the security policies and which are not.
Click a star to vote
66 views
Was This Page Helpful?
Maverick
Maverick
For more than 8 years, Maverick has dig deep into IT and mobile device management. He delivers practical MDM solution tips and strategies for various endpoints management.
You Might Also Like
AirDroid Parental Control Social Content Detection
AirDroid Parental Control Launches Social Content Detection New Feature for Enhanced Child Safety Online
Anita R.
Anita R.
Nov 9, 2023
Introducing the New Launch of AirDroid Parental Control Web Version
Anita R.
Anita R.
Nov 13, 2023
Android Zero-Touch Enrollment with AirDroid Business for Streamlined Android Device Management
Anita R.
Anita R.
Nov 9, 2023
10 Best AI Telegram Chatbots & How to Create It
Isabella
Isabella
Jan 17, 2024
Exploring 10 Free Online Chatbots to Enhance Your Business
Isabella
Isabella
Mar 8, 2024
AirDroid Business Is Now A Google Certified Enterprise Mobility Management Solution Provider
Anita R.
Anita R.
May 31, 2023
AirDroid Parental Control Social Content Detection
AirDroid Parental Control Launches Social Content Detection New Feature for Enhanced Child Safety Online
Anita R.
Anita R.
Nov 9, 2023
Introducing the New Launch of AirDroid Parental Control Web Version
Anita R.
Anita R.
Nov 13, 2023
Android Zero-Touch Enrollment with AirDroid Business for Streamlined Android Device Management
Anita R.
Anita R.
Nov 9, 2023
10 Best AI Telegram Chatbots & How to Create It
Isabella
Isabella
Jan 17, 2024
Exploring 10 Free Online Chatbots to Enhance Your Business
Isabella
Isabella
Mar 8, 2024
AirDroid Business Is Now A Google Certified Enterprise Mobility Management Solution Provider
Anita R.
Anita R.
May 31, 2023
Discussion
The discussion and share your voice here.

Leave a Reply.

Your email address will not be published. Required fields are marked*

*

More Resources
AI Insights AirDroid Business Tutorials Alternative App Management Blocker Chatbot Templates Chatbots ChatInsight Tutorials ChatInsight User Manual Device Management Event File Transfer MDM Parent Control Press Quick Guides Remote Control Remote Support Screen Mirroring Security Streaming Tips Support Teen Slang UEM
Product-related questions?Contact Our Support Team to Get a Quick Solution>

Dislike