It only took 18 months for Gartner to go from describing Microsoft Intune for UEM as an “infant” to making it a leader. That’s a testament to the rapid development of Microsoft’s online cloud security services under corporate vice president Brad Anderson. Gartner’s 2019 Magic Quadrant for Unified Endpoint Management confirms that Anderson and the massive team he leads are determined to excel, and they are executing at ludicrous speed.
When vision and capability are combined, magic happens. Perhaps that’s why the research company called their visual assessment the Magic Quadrant: it places companies on a scale measuring their completeness of vision with their ability to execute, and then gives them a label of a niche player, challenger, visionary or leader depending on where they fall. This year Microsoft fell into the leader quadrant, scoring the highest of all the companies on the ability to execute axis.
Microsoft Intune is Enterprise and Education Ready
Much of the reason for Microsoft’s magical growth is the dramatic improvements it has made for Intune over the past year. Four categories, in particular, have evolved quickly and well: availability, scale, performance, and engineering agility. Microsoft set specific goals to improve quality ratings in these areas, and the changes they made brought remarkable improvement. The following chart shows the Service Level Objective of Intune going from 99% to 99.999% over the course of 2018.
Virtualization-Based Security (VBS)
Various reports make it increasingly clear that Microsoft has also grown rapidly in security capabilities. VBS uses hardware virtualization features to abstract portions of the operating system into independent components that are completely isolated from each other. Windows can then host a number of security solutions here, providing better protection from vulnerabilities in the operating system. We can thank a group of “guards” responsible for this protection:
- TPM 2.0: The Trusted Platform Module (TPM) is a hardware chip integrated into a computer’s motherboard. It provides the basis for generating, storing, and using cryptographic keys. It’s also a necessary foundation to take advantage of VBS.
- Windows Defender Credential Guard: This uses virtualization security to block “pass-the-ticket” attacks. When enabled, signed-on credentials will not work.
- WD Device Guard: Beginning with version 1709 of Windows 10, Windows Defender Device Guard is split into two features that work together to ensure that a device can only run trusted applications. Exploit Guard offers a new set of prevention capabilities for host intrusion. Application Guard makes use of an isolated Hyper-V instance separate from the operating system so that no untrusted site is able to reach the host PC.
Azure Active Directory (Azure AD) Conditional Access
Conditional Access helps keep an optimal balance between convenience and security. Since today’s users often want to sign on to apps and services from a variety of locations, Conditional Access uses contextual metadata to provide controls that give additional security when needed and transparent access when not. It can also use device risk profiles for identity and access management. This means sophisticated behind-the-scenes security that users don’t have to be bothered with any more security prompts than necessary.
Microsoft Defender ATP (MD ATP)
Microsoft Defender’s Advanced Threat Protection (formerly WD ATP) is now a leading antivirus on the market–further catapulting Microsoft into Gartner’s top quadrant. Windows Defender itself received a perfect score in AV-TEST’s two-month evaluation. MD ATP is essentially Windows Defender on steroids, blocking virtually all know ransomware-based attacks and file-less drive-by attempts.
As with all babies developing into successful leaders, it’s exciting to watch Microsoft’s incredible growth over the past year. One can only imagine the level of security and capability that the company will continue to bring its customers. Bring on the magic!
Closing Thoughts on Intune for UEM
Under the leadership of Satya Nadella, Microsoft has seen a renaissance in AI and ML backed cybersecurity initiatives that are unmatched by any other commercial vendor in the world. In August 2019, Microsoft completed a hat-trick taking the leadership role in three major Gartner Magic Quadrants. Take a look at the other areas that Microsoft has placed in the top 3 on Gartner’s MQ over the past year:
- Gartner recognizes Microsoft as a leader in Business Intelligence
- Microsoft SharePoint recognized by Gartner as a Leader in Content Services
- Online Archiving of SharePoint, OneDrive, and Exchange recognized by Gartner as a leader
- Microsoft Ranks #2 in Access Management for Gartner’s 2019 Magic Quadrant
- Gartner Ranks Microsoft Defender ATP as the leader in endpoint protection for 2019
We used to pitch Microsoft 365 as a best-of-breed platform opposed to a best-of-breed service. In the past year, Microsoft has closed the gap on most of its competitors and it now holds to title for both areas. The largest complaint we’ve had about Microsoft services from our clients over the past year is: how do we automate more? With recent additions like Azure Sentinel, Microsoft is continuing to show its dedication to cross-platform execution. If you haven’t taken a serious look at consolidating on the Microsoft cloud security stack, we encourage you to submit a request below to sign up for a free Microsoft 365 licensing assessment.