Remember the early days of MDM (Mobile Device Management)? You know, that company-mandated thing which black-listed your apps, tracked your movements, and monitored which websites you browsed?
We’ve come a long way from those days. Recent developments from Microsoft make authentication and data management easier for both users and for IT admins. Let’s take a look at these newer offerings from Microsoft and how you can benefit from them with our LINK App.
Integration with the Intune SDK and Microsoft Authentication Library
We have integrated the Microsoft Intune SDK and the Microsoft Authentication Library (MSAL) into our LINK App. If you are either an Azure Entra ID user, an Intune user, or both, our integration offers a simpler experience for users and IT alike.
Fewer sign-ins for both frequent and occasional LINK users
Integrating MSAL into our LINK App allows LINK to leverage Microsoft Authenticator as an authentication “broker.” This means that LINK employs the familiar federated sign-in process used by the Office apps from Microsoft. If you are signed-in to Office, you are signed-in to LINK without any additional password prompts. From the security and policy perspective, LINK supports all of your conditional access policies, including:
- MFA requirements (either with MS Authenticator or a 3rd party such as Duo)
- Device requirements (e.g., requiring Intune deployment)
Focused security of your data with MAM policies
LINK’s integration with the Intune SDK adds another layer of security and simplicity to managing and securing LINK. In addition to the standard MDM policies and management tools, Intune supports a different type of policy known as Mobile Application Management (MAM). These MAM policies apply to all apps that support the Intune SDK, including the Microsoft suite of apps and 3rd party apps like LINK. Many MAM policies are particularly focused on the careful treatment of corporate data.
Apps with MAM policies can be used together to enable secure workflows. For example, MAM policies allow our LINK App to share a document from a Document Management System to the Word app for secure, yet uncomplicated, editing.
MAM is a great way to ensure the security of your corporate data without asking users to give up any control of their personal devices.
LINK for Intune
To add MAM support to LINK, we have released a new app – LINK for Intune. Deploying LINK for Intune offers the same functionality as the “regular” LINK app, and it adds in a deeper integration with Intune so that policies can be applied to LINK even when the device is not MDM-managed.
With these recent developments from Microsoft, we think that the optimal path going forward is:
- Use the Microsoft Intune SDK and the Microsoft Authentication Library (MSAL) to simplify authentication
- Advance from “managed devices” to “managed apps” using Intune MAM policies
Are you considering moving to these newer approaches? What questions or observations do you have? You may download our Intune brief here.
-Seth
Seth Hallem is the Mobile Helix CEO, Co-founder, and Chief Architect
Mobile Helix makes the LINK App which is used by attorneys and knowledge professionals to review, edit, annotate, compare, and email documents from a single, secure app.
