Microsoft Endpoint Manager: Enhancing Modern Application Management – Part 6 – MAM Structure & Non-Windows Applications


We are now entering the final part of the series to conclude the Enhancing Modern Application Management series.

In this part we will go through how things may differ from handling and structuring applications for other devices such as;

  • MacOS Devices
  • iOS Devices
  • Android Devices

Essentially the principles would be the same as they would be for windows devices, but there are other foundational areas to take into consideration when preparing for application management across those devices.

Another area in which we will touch on will be MAM policies, as this will also add that additional icing on the cake for completing of enhancing our application management lifecycle.

Is there anything different to apply for non windows devices for application management

Not really. Reason being is because the previous parts go into a lot of the foundation and principles on how you would look after your application suite in Endpoint Manager.

Having said this, there is the aspect around handling BYOD devices, but these would also include windows devices as well but the popularity from what I’ve experienced for mobile device application management has mostly been around Android and iOS devices.

And this is where MAM policies really come into play here which we will cover in the next section.

MacOS Defender Endpoint Consideration

For MacOS devices, this might fall perhaps within the security side but it does play a part in a small foundation coverage of application management due to Defender Endpoint being an application that can be created from the portal and having the correct policies in place to ensure that it is installed correctly for efficient endpoint security coverage.

For more details on how to configure this for MacOS devices you can view the official Microsoft documentation here

BYOD Devices

Now we look at how we group our devices which are specifically for BYOD.

One of the first things I would recommend (though may happen by default) is to ensure that the devices are defined by Personal Corporate. The reason being is because you don’t want to have a situation in where you target any kind of policies (especially MAM policies) where they can cause great issues on devices which are corporate as opposed to personal devices which allow for certain applications and certain access to take place.

Figure 1.1 – Ownership Column

It is indeed quite a basic function, but getting this right really does make all the difference for your overall modern management experience. These settings can be automatically defined depending on how they are enrolled in your endpoint manager. All of the device types contain enrolment profiles in which you can define how personal and corporate devices can be enrolled.

Of course to do this manually you just need to perform the following;

  1. Go to Devices
  2. Select the Device Platform you require then select the device
  3. Click Properties

Here you can define the ownership and category settings

Figure 1.2 – Device properties for category and ownership

In this position, you should be able to safely start to create MAM policies whether that be around App Configuration or App Protection policies which can then be structured around the correct types of devices.

Conclusion of the series

Overall the series may define a structure that seems a lot of work or complicated, but it really just stresses over the core basics and principles. The most important part of the overall user experience is really to address the basics and ensure that the Endpoint Manager portal is healthy. With everything clearly defined and in-place will then allow you to enrich and enhance the overall application management lifecycle.



Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.