Windows Intune, now part of Microsoft Enterprise Mobility Solutions offering (EMS), enables organizations to allow their people use the devices and applications while meeting the business’ security compliance needs. More than just your standard Mobile Device Management suite, Intune provides secure gateways for people to gain access to information that matters to them most. With Intune being based in the cloud, many questions surrounding security and compliance have been submitted to the #CANITPRO team via social media. This post has been created to not only address the top 3 questions, but to also hopefully start a conversation around adoption. The top security and compliance questions are as follows:
- What globally adopted and accepted security standards does Windows Intune utilize?
A: Windows Intune incorporates a plethora of globally accepted security standards which include:
- HIPAA Business Associate Agreement (BAA)ISO/IEC 27001:2005 Audit and Certification
- PCI data security standard
- SSAE 16/ISAE 3402 (Service Organization Control[SOC] 1, SOC 2, SOC 3)
- EU Safe Harbour
- What user information does Windows Intune store in the “cloud”?
A: Only user account information is stored in the cloud. A full list of attributes that are synchronized can be viewed here and said data can be limited even further should it be required. The data itself suspends after 30 days, and is removed after 90 days.
- What security measures are taken to protect said data from “man-in-the-middle” attacks targeting SSL?
A: Windows Intune utilizes a Global sign CA public certificate from utilizing strong key (2048) protection. Account passwords are double hashed using SHA256 before transmitting over the assigned SSL tunnel.
Mobile enablement for business is no longer a question of when. Windows Intune, whether standalone or “Better Together” with System Center Configuration Manager, provides robust enablement of secure access to pertinent organizational data across a plethora of OS offerings. Learn more regarding Windows Intune and its capabilities on CANITPRO.NET.