Microsoft has been moving forwards with consistent speed in their developments, and September was no exception. There were four key updates announced as part of Enterprise Mobility and Security (EM+S). In addition to this, there were also a number of reveals made at the hotly anticipated Microsoft Ignite 2017 conference, which took place in Orlando, USA, last month.
Configuration Manager UNIX and Linux updates
The first of the month saw the launch of Cumulative Update 6, this can be downloaded from the Microsoft website. Available for Configuration Manager UNIX and Linux clients, the update has fixed a variety of bugs and has added support for the recent Linux distro versions.
With these new full versions being launched for UNIX and Linux clients, they have chosen to remove older versions that are no longer being supported. This includes the IBM AIX version 5.3, HP-UX on PA-RISC hardware, Oracle Solaris version 9, SUSE Linux Enterprise Server, and HP-UX version 11iv2. If you are running Configuration Manager using the unsupported versions, you are able to keep working with the existing Cumulative Update 5.
For those looking to upgrade to Configuration Manager's Cumulative Update 6, this can be used with three different versions of the software, including: System Center 2012 Configuration Manager Service Pack 2, System Center 2012 R2 Configuration Manager Service Pack 1, and System Center Configuration Manager (current branch and LTSB) – all supported versions.
Transition to InTune Standalone
Microsoft's second update for the month included helping to simplify the transition from Hybrid MDM to Intune standalone. This has come from extensive feedback from customers using the System Centre Configuration Manager when it is synchronised with Microsoft Intune (Hybrid MDM), who feel that they would prefer to have a cloud-only experience for Intune on Azure.
There will be a variety of benefits available as a result of this change, including large-scale, unified admin consoles. The goal is to keep everything as simple as possible in the transition from Hybrid HDM to InTune standalone. The new approach will be more controlled than previous, allowing for less impact on end users. There will be three processes involved, including Microsoft InTune Data Importer, mixed authority, and a better version of MDM authority switch.
EM+S and Zimperium Integration
September also saw Microsoft's integration with Zimperium become available generally. Zimperium is a leader in the mobile threat defence space. They help to proactively protect devices against malware, OS and app vulnerability risks, as well as network-based risks. It is all about stopping the threat from occurring or escalating and making sure compliance procedures are in place. If it detects a problem, it can block devices from accessing data or limit access.
Through combining Microsoft Enterprise Mobility and Security with Zimperium, the goal is to help improve business' ability to defend themselves and their data against mobile threats. It also helps to ensure devices are not carrying any risks and are secure prior to any corporate resources being accessed. This is particularly beneficial when sensitive data is being kept in online cloud-based locations.
Microsoft's final Enterprise Mobility and Security update for the month is with Azure, in which they have updated their information protection documentation.
It has been updated to take into account new releases, including the GA version of the Azure Information Protection client. The goal of the documentation is to help keep your business protected, controlling security over e-mails, sensitive data and documents that are shared both within and outside your company.
Microsoft Ignite 2017
Along with the four EM+S updates during September, Microsoft additionally announced a range of new updates at their Microsoft Ignite 2017 conference. More than 25,000 IT professionals gathered from across the globe in Orlando to find out more about these advancements through over 45 sessions and key-note speeches.
Some of these key launches and announcements included raising the security of cloud apps by controlling and limiting access. They have made the new conditional access admin experience available generally within the Azure portal. There is now a much simpler and more beneficial process in place for support admins using EM+S. Conditional access is powered using Microsoft Intelligent Security Graph, which can determine what risk a user signing in presents.
Microsoft have also made pass-through authentication generally available for people signing in using Azure AD - this is an alternative to Password Hash Sync and is ideal for any businesses that don't allow users' passwords to leave their internal space. This means that users are able to sign in on their premises, but also using cloud applications, using the same password.
Further updates have been made to allow for new conditional parameters (such as restricting access to corporate data during specific hours), and custom controls (for example, regional fencing which can block access from certain countries depending on IP addresses). It is now also possible to protect sensitive data no matter where you are in the world. This is particularly beneficial for those who are increasingly using SaaS apps and creating more data on a range of different devices. With the risk this presents of increased data loss, Microsoft has now sought out new ways of helping to protect your information through its entire lifecycle.
Other updates include changes to aid in detecting threats and recovering from attacks, as well as modernising the management of Windows 10.