To help organizations deliver on the demands of a modern and mobile workforce, Microsoft today announced updates to its Windows Intune service that will roll out to subscribers next week. The updates accrue to Microsoft’s overall mobile device management strategy, which is centered around people – enabling them to get access to applications and data on the devices they choose, responsibly. 

New features give greater control to IT administrators by allowing them to define and manage employee identities, operate a single administrative console to manage devices, deliver apps, and help protect data. Ultimately, this gives employees increased flexibility to choose the devices they want, while helping to better protect corporate data. 

The new management capabilities include:

  • Ability for the administrator to configure email profiles, which can automatically configure the device with the appropriate email server information and related policies, as well as the ability to remove the profile along with the email itself via a remote wipe if needed.
  • Support for new configuration settings in iOS 7, including the "Managed open in" capability to protect corporate data by controlling which apps and accounts are used to open documents and attachments, and disabling the fingerprint unlock feature.
  • Ability for the administrator to remotely lock the device if it is lost or stolen, and reset the password if the user forgets it.

For more specifics on these features and additional information on the roadmap for Windows Intune, see the Server and Cloud blog post; and check out Corporate Vice President Brad Anderson’s blog post that further articulates Microsoft’s strategy in this space. You can also follow and chime in to the conversation on Twitter by following the @IntheCloudMSFT and @MSCloud handles and #BYOD and #WindowsIntune hashtags.