Microsoft Ignite Enterprise Mobility and Security Highlights

For enterprise IT shops that may have been dismissive of Microsoft as they plan and implement their mobility strategies, Ignite proved that it is time to pay attention. Let’s face it, Microsoft has had to play catch up, but this is the first time I have seen validation of enterprise customer success, business success, and technology innovation. Here are a few highlights I’m seeing here at the event.

Coexistence of Microsoft System Center Configuration Manager and Intune was clumsy and not ideal for IT operations. Not anymore. Comanagement of devices now enables IT pros to turn on both management solutions and provides a path to migrate towards a modern management solution at their own pace.


Identity and access management is one of those under-served conversations, but has massive implications across IT operations and security teams. While there are some updates shared in the slide below, the primary value to be aware of is conditional access. Simply put, conditional access is what arms IT and security pros with the ability to balance productivity with protection. I also saw some good progress with the potential to eliminate passwords with some of the work Microsoft is doing with the FIDO alliance.


Autopilot for Windows 10 deployment is aimed at simplifying the initial out of the box experience. Gone are the days of spending days to set up a new laptop. Microsoft is collaborating with the hardware OEM to ship devices with autopilot so end-users can unbox the device, answer a few basic questions, provide login credentials, and then have applications and settings auto provisioned. This helps provide a predictable experience for end-users, IT operations, security teams, and business owners. On a side note, you can see that Dell is missing from the below list of OEMs...I suspect there is clearly contention with VMware Workspace ONE and AirWatch device configuration.


What we typically refer to as task workers, Microsoft has categorized as firstline workers. A nicer name. These workers don’t always need the full capabilities of a client OS, but do need a secure productive environment to do their job. Microsoft is addressing this workforce with Windows 10 S that provides the security businesses expect at a price point that is more attractive for the role of these users.


Measuring risk and remediating threats has unfortunately become a process that, if not handled correctly, can cost companies money and put executive jobs in jeopardy. Microsoft may not be top of mind with security professionals, but its capabilities should be understood. The ability to map endpoint information with Defender, ATP, and remediation services is an opportunity for Microsoft in the enterprise as well as an opportunity for businesses to boost their confidence in a world where the perimeter continues to expand.


Microsoft may have surprised a few folks with its Jamf collaboration that taps into Macintosh device and health information to factor into conditional access. Based on the customers I speak with (even the big SCCM shops) this collaboration is significant. IT pros are responsible for providing Mac management, and being able to now work in conditional access polices for these devices is a nice win for them. It also shows that Microsoft has willingness to step outside the box and manage heterogeneous devices. Jamf may prove to be a nice acquisition candidate for Microsoft.

So, businesses that may have been dismissive of Microsoft’s capabilities should take the time to boost their understanding of how Microsoft may fit into their broader mobility and security strategy. In fact, Microsoft has a FastTrack program that they are encouraging businesses to engage with to help solve challenges and see where Microsoft may help accelerate a companies digital transformation.

Topics: Cybersecurity ESG on Location Enterprise Mobility