deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-19 20:33:42 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update mdm-windows.md

Browse Source
This commit is contained in:
denisebmsft
2021-09-08 13:40:57 -07:00
parent 2d859018a2
commit 2a36d93435
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/security/mdm-windows.md
View File

@ -32,7 +32,7 @@ MDM includes several security features & capabilities, as described in the follo
| Feature/capability | Description | | Feature/capability | Description |
|:---|:---| |:---|:---|
| Remote wipe | When a device is lost or stolen, IT admins can attempt to wipe it remotely and make the data stored in memory and hard disks difficult to recover. Help desk agents can also reset devices to fix issues that are encountered by remote workers.<br/><br/>Windows 10 and Windows 11 supports the remote wipe configuration service provider (CSP) so that MDM solutions can remotely initiate any of the following operations: <br/>- Reset the device and remove user accounts and data <br/>- Reset the device and clean the drive <br/>- Reset the device but persist user accounts and data | | Remote wipe | When a device is lost or stolen, IT admins can attempt to wipe it remotely and make the data stored in memory and hard disks difficult to recover. Help desk agents can also reset devices to fix issues that are encountered by remote workers.<br/><br/>Windows 10 and Windows 11 supports the remote wipe configuration service provider (CSP) so that MDM solutions can remotely initiate any of the following operations: <br/>- Reset the device and remove user accounts and data <br/>- Reset the device and clean the drive <br/>- Reset the device but persist user accounts and data |
| Support for your work or school account | Adding a work or school account enables devices to connect to your work environment. You can join the device to an Active Directory domain, an Azure Active Directory (Azure AD) domain, or by quickly provisioning corporate owned devices so they meet the policy and security guidelines for the company. Easily configure the devices with the apps and settings the person needs to do their work through management solutions such as Microsoft Endpoint Manager (MEM). <br/><br/>When a device is joined to Azure AD and managed with MDM, it will bring the following security values: <br/>- Default fully managed user and device settings and policies<br/>- Single Sign On to all Microsoft Online Services<br/>- Full suite of password management capabilities, using Windows Hello For Business<br/>- Authentication uses Tokens<br/>- No use of consumer Microsoft Account identity | | Support for your work or school account | Adding a work or school account enables people to connect their devices to your work environment. Devices can be joined to an Active Directory domain, an Azure Active Directory (Azure AD) domain, or by quickly provisioning corporate-owned devices so they meet your security and policy guidelines. <br/><br/>When a device is joined to Azure AD and managed with MDM, you get teh following security benefits: <br/>- Fully managed user/device settings and policies by default<br/>- Single Sign On to all Microsoft online services<br/>- Password management capabilities (Windows Hello for Business)<br/>- Authentication using tokens<br/>- No use of consumer Microsoft Account identities |
| Config Lock | | | Config Lock | |
| Remote device attestation | | | Remote device attestation | |
| (other stuff coming soon) | Device Installation, DMA Guard, Endpoint Detection and Response, the Microsoft Defender Security Center, Smartscreen, System Guard, and Windows Hello for Business | | (other stuff coming soon) | Device Installation, DMA Guard, Endpoint Detection and Response, the Microsoft Defender Security Center, Smartscreen, System Guard, and Windows Hello for Business |