In 2021, flexible work environments are a key offering in the day-to-day operation of a business. Whether on desktops or mobile devices, in-office or remote, IT vendors continuously scramble to best combine all the necessary hardware tools within a single, versatile console.

Let’s go back a decade to 2011. Microsoft launched its Intune cloud service to aid newfound enterprise mobility management (EMM) workplace requirements to great success. Eight years later, they decided to merge this platform with its System Center Configuration Manager (ConfigMgr), granting users access to both whilst utilising one interface.

The combined service – referred to as Endpoint Manager – makes licensing for Intune available to all ConfigMgr customers to co-manage Windows devices. Over 200 million devices remain managed between the two cloud services. 


Endpoint Manager provides a convenient route to managing several devices- protecting corporate data whilst delivering a platform for employees to perform their tasks using both company and personal technology. It combines mobile device management (MDM) capabilities with mobile application management (MAM). And although under the Microsoft umbrella and thus tied to Windows 10 and other products- it remains capable of running other operating systems.

As well as a single management interface for ConfigMgr and Intune, Endpoint Manager also boasts a Device Management Admin Center (DMAC) and Desktop Analytics. This service provides IT admins with on-premises and cloud management tools and co-management options to establish, deploy, manage and secure endpoints – desktops, mobile devices, and applications – company-wide.


Through Endpoint Manager's (Intune's) console, IT administrators can execute a UEM strategy where end users can be onboarded through any hardware platform, and rules can be applied governing which applications and what data they can access. In theory, at least, UEM enables IT to remotely provision, control and secure everything from smart phones to tablets, laptops, desktops and now, Internet of Things (IoT) devices from a single management console. Many of the basic application and system provisioning functions required for business laptops and PCs running Windows 10 can now be done through that OS's EMM control consoles, which are enabled by Microsoft's Intune protocol. That means organizations with more recent Windows PC deployments can use consolidated management tools and unified policy and configuration platforms via UEM. For example, the software's integration with Microsoft's Azure AD and Azure Information Protection enables admins to classify (and optionally protect) documents and emails by applying access rules and conditions.

Microsoft last year added native EMM functionality to Windows 10 and Windows 10 Mobile OS via Intune. That's in addition to Windows 10 Mobile OS, which has a built-in device management client to deploy, configure, maintain and support smartphones.

In all editions of Windows 10, including those for desktop, mobile and Internet of Things (IoT) hardware, the client provides a single interface through which Intune can manage any Windows 10 device. Intune enables conditional access, including denial of access to devices not managed by it or compliant with corporate IT policies; management of Office 365 and office mobile apps; and management of PCs running Windows Vista or more recent Windows releases.


An open API also allows third-party software providers, such as SAP, to wrap their application access controls into Intune's UI. Endpoint Manager works with agent-based SCCM to support more advanced PC and server management capabilities and many of the basic application and system provisioning functions required for business laptops and PCs running Windows 10 can also be performed through EMM control consoles. To discuss all things Intune and Endpoint, contact us now! Our lines are always open and our specialists always ready.