Microsoft adds mobile device management to Office 365

Apple iOS, Google Android and Windows Phone all covered - but not BlackBerry 7 or 10

Microsoft has added mobile device management (MDM) capabilities to its Office 365 suite of cloud-based office applications, with the service available in a "freemium" model.

The new capabilities will enable organisations using Office 365 to set policies so that company emails and documents can be accessed only on smartphones and tablets that are managed by the organisation and in compliance with the organisation's own security criteria. They can also enforce security settings such as making sure users are protecting their devices with a password or PIN, according to Microsoft.

The new capabilities were announced at TechEd Europe last year, but have only now been made generally available.

The move by Microsoft will provide a challenge for MDM specialists, including BlackBerry, as more and more companies run office applications in the cloud, with Office 365 the runaway market leader ahead of Google Apps.

Indeed, the MDM features are compatible with Apple iOS, Google Android and (not surprisingly) Windows Phone devices - but not BlackBerry 7 or BlackBerry 10 operating systems. Organisations that need to manage a wider variety of mobile devices with more features will need to sign up for Microsoft Intune, using Microsoft's Enterprise Mobility Suite.

The new features will be rolled out globally over the next month and will be available for all commercial subscriptions, including Business, Enterprise, Edu and Government subscription plans.

According to Shobhit Sahay, technical product manager on the Office 365 team, Office 365 MDM provides three main features:

Conditional access: Security policies can be set up for devices that connect to Office 365 to ensure that Office 365 corporate email and documents can be accessed only on phones and tablet computers that comply with corporate security policies. "Office 365 leverages Microsoft Intune and the Microsoft Azure Active Directory to deliver this capability. The Conditional Access policies apply to Office applications such as Word, Excel, PowerPoint and other business applications," claims Sahay.

Device management: Security policies such as device-level PIN lock and jailbreak detection can be established to help prevent unauthorised users from accessing corporate email and data on a device when it is lost or stolen. Additional settings and reporting tools are also available within the Office 365 administration centre so that organisations can get more information about the devices accessing corporate data.

Selective wipe: Office 365 company data can be remotely wiped from an employee's device without affecting personal data.