Hi everyone,
I'm currently on the lookout for some alternative Mobile Device Management (MDM) solutions for both iOS and Android devices within a Microsoft 365 setup. We previously adopted a Bring Your Own Device (BYOD) strategy using Intune Mobile Application Management (MAM), which gave us limited control while mainly enforcing policies through MAM instead of full device management.
Our primary goal is to prevent access to SharePoint and OneDrive from devices that are deemed non-compliant. Given that many employees have both company-issued and personal phones, we want to ensure that only compliant devices can access sensitive corporate resources. Additionally, we might want to restrict certain features, like only allowing outbound emails through the Outlook application.
However, management is concerned about maintaining a positive user experience. This becomes tricky when trying to block native email apps on iOS while enforcing Outlook usage, especially since the current MAM policies apply per account and many users have already configured their emails in Outlook.
Currently, our IT department has blocked client email access via Outlook Web App (OWA) and the native iOS email app. Are there any other solutions or strategies that might better achieve our goals? Would using a platform like JAMF be more beneficial in this context?
Thanks in advance for any advice!
3 Answers
You might want to consider continuing with Intune. It's generally solid for Android management. For iOS, JAMF could be an option, but keep in mind that JAMF only supports Apple devices, so you'd need another MDM for Android. I've heard good things about MaaS 360 and ManageEngine's Mobile Device Manager, which might be alternatives worth exploring.
Honestly, Intune works fine across both platforms. If your usage split between iOS and Android is close to 50-50, sticking with Intune might simplify management. If you have a significant number of iPhones, then looking into a dedicated iOS MDM could be beneficial just to ensure comprehensive support.
JAMF isn’t the best route since it was recently acquired and might end up being more expensive. Plus, it doesn’t manage Android devices. Using Intune correctly can give you the controls you need. It’s pretty effective with enforcing MAM policies without requiring full device enrollment, which helps avoid backlash from your users.
Yeah, if you're mainly using Intune already, it's worth checking if it can successfully cover both systems without needing to switch platforms. Just make sure that whatever solution you choose integrates well with other compliance tools you might already have.