Exciting New Features Coming To Windows 365 and Microsoft Intune

When it comes to which tech products and services to use, businesses certainly have plenty of choices. There are so many players in the tech landscape that winning over new clients is often a huge challenge. With this in mind, tech companies need to go above and beyond to retain the customers they already have. For Microsoft, this means ensuring its Windows 365 and Intune offerings continuously update and offer new features.

Doing this helps these services continue to deliver the exceptional quality that customers expect. But more importantly, these services want to enhance the experience even more so that they remain the best in class. With that said, what can we expect from these products in the near future?

What’s coming to Microsoft Intune?

Intune is one of the leading endpoint management platforms available. It is constantly pushing the boundaries of what it can offer to customers. Especially now, with the growing interest in hybrid and remote workforces.

Microsoft Intune is helping companies better manage access to organizational resources. It’s also simplifying app and device management across various devices. With this in mind, new features are consistently in development to improve management. And some of those upcoming features to be excited about include:

Microsoft Intune: On-Demand remediations – single device

We should expect the rollout for this one to begin in December 2024. Remediations are excellent tools that help you address problems a lot faster. These script packages will detect and resolve common support issues on a user’s device. And they’ll do so before they even realize there’s a problem. By running remediations on-demand on a single device, you can immediately start resolving issues. Find resolution without waiting for the predetermined remediation schedule.

Microsoft Intune: Enrollment time grouping for iOS/iPadOS automated device enrollment

Enrollment time grouping (ETG) for iOS/iPadOS automated device enrollment (ADE) is another feature. It will support targeted apps and policies in reaching devices faster. This helps minimize delays, common with device setup.

However, it’s only going to be part of the new iOS/iPadOS enrollment policies. For devices to be part of that group upon enrollment, admins need to add a static Entra ID group into the enrollment policy. This will also reduce the latency of targeted apps and policies. The rollout is on the schedule for October 2024.

Microsoft Intune: Scoped and targeted device clean-up rule

The preview will be available in November 2024, with the rollout starting the following month. With this rollout, admins will be able to clean up inactive devices from their tenant by providing capabilities of running these rules at a platform level. I’m sure we can all attest to the need for a clean environment.

Microsoft Intune: Security Baselines for HoloLens 2

To get the best level of security for your organizational resources, it is advisable to use the security baselines that Microsoft considers the best practice guidelines. This should enhance your security and improve the experience in deploying and supporting HoloLens 2 devices to customers in various industries. The rollout will be coming in October 2024.

Microsoft Intune: SCEP certificate delivery

With the rollout scheduled to begin in October 2024, Microsoft Intune is offering this solution to its customers as well as other external partners. This feature’s design can deliver SCEP certificates with all the necessary security requirements to devices to mitigate the KFC issue.

Microsoft Intune: Enhanced device inventory for Windows devices

Few things can increase work efficiency the way that easily having access to all the information you need when you need it can. This is what businesses will get when this service rolls out in October 2024. And it will enable them to obtain more inventory information about their Windows devices. You get to specify which device properties you need to collect as well as from which devices. With this done, you can view that information for your devices.

Microsoft Intune: Simplified App Control policy creation experience (curated workflow)

In keeping in line with the need to increase efficiency, this solution’s upcoming October 2024 update rollout will do a lot to make life easier for IT admins. This capability will help you configure App Control policies with built-in toggles in the console that expose all App Control for Business capabilities.

Microsoft Intune: Work-hour access controls for Front-Line Workers

This solution can contribute significantly to simplifying workforce management as well as enhancing your overall security posture. Coming in October 2024, this feature will help IT admins with work-hour access controls for front-line workers. Once workers have clocked out, admins can swiftly put in place measures to prevent Teams access or notifications.

Microsoft Intune: Endpoint Privilege Management on single session Azure Virtual Desktop

Anything that can simplify user management will be a welcome addition to the tools that IT admins already have. With this in mind, admins will be happy, as it enables them to use Privilege Management elevation rules and policies to simplify how they manage standard users on Azure Virtual Desktop. The rollout for this one is on the schedule for September 2024.

Microsoft Intune: Endpoint Privilege Management rules support specifying allowable command arguments

Similar to the previous solution, this one is also coming to market in September 2024. This will give admins Endpoint Privilege Management rules support that can specify a list of allowable command parameters. Consequently, this will restrict elevation to only the allowed or mandatory arguments.

Microsoft Intune: New design for Windows Company Portal app

This new and updated design should give users a platform that is easier to use and streamline workflow. You should expect to see changes in the Home, Devices, and Downloads & updates pages. These intend to enhance the overall user experience. Additionally, this updated design will be very simple to understand and thus use. It will clearly highlight any areas that require action from the user.

Windows 365 features in development

For Windows 365, Microsoft has provided us with information about the exciting new features that are currently in development but not yet released. These should help improve the security posture of organizations and enhance the end-user experience. We haven’t found any release dates as of yet. It would be useful for planning purposes to look at what we could soon see coming to our Cloud PCs.

DEVICE MANAGEMENT

FeaturesWhat to expect
Support for symmetric NAT with RDP ShortpathThe goal is to develop an RDP Short path in Windows 365 such that it can support setting up an indirect UDP connection using Traversal Using Relays around NAT (TURN) for symmetric NAT. Most are probably aware that TURN is a widely accepted standard for device-to-device networking for low latency, high-throughput data transmission.
Chroma subsampling default change to 4:2:0Both Intune and Windows 365 want to help enterprises operate more efficiently. And in this case, that can be achieved by reducing monitor support issues. The Windows 365 service will be able to do so by defaulting the chroma subsampling at 4:2:0 (instead of the previous 4:4:4).
Cloud PC gallery images update to Microsoft Teams 2.1Another feature that we should expect to see in the future is Windows 365 Cloud PC gallery images with Microsoft 365 applications being updated to use Microsoft Teams 2.1. These images will include: Windows 11 Enterprise + Microsoft 365 Apps 21H2Windows 10 Enterprise + Microsoft 365 Apps 22H2Windows 10 Enterprise + Microsoft 365 Apps 21H2
Windows 365 support for HEVC video codingWindows 365 is also working on providing support for Hardware High Efficiency Video Coding (HEVC) h.265 4:2:0 on compatible GPU-enabled Cloud PCs.
Azure network connections inactive stateIn the future, some Azure network connections will start getting marked as inactive under some conditions. These conditions are as follows: ANCs not associated with provisioning policies for more than four weeks, ANCs with provisioning policies that have no Cloud PCs associated with them for more than four weeks. IT administrators need to be aware that inactive ANCs will be skipped during health checks and cannot be assigned to provisioning policies. However, if need be, you can reactivate these ANCs.

DEVICE SECURITY

FeaturesWhat to expect
Cloud PC support for FIDO devices and passkeys on macOS and iOSMany consider Fast Identity Online (FIDO) to be the future of authentication measures. These protocols allow you to swiftly and securely authenticate to various services without the need for a password. Because of the ease of deployment, convenience, and extremely high security, it’s no surprise that FIDO is now widely supported and used. Therefore, macOS and iOS users will be glad to know that Windows 365 is working on enabling Cloud PCs to support FIDO devices and passkeys for Microsoft Entra ID sign-in on their devices.

MONITOR AND TROUBLESHOOT

FeaturesWhat to expect
End user manual connectivity checkI’m sure we’ve all experienced the frustrations that always come with faulty connections. All one wants in that instance is to quickly figure out what’s wrong and resolve it. Currently, connectivity health checks are run on individual Cloud PCs, but in the future, end-users will have the tools to manually run connectivity checks on their Cloud PCs from windows365.microsoft.com.
Update to Cloud PC action status reportThe Cloud PC action status report officially allows you to view the actions that admins have taken as well as on which Cloud PCs these actions have been taken. In addition, you get to see the status of these actions. To access this report, you need to sign in to the Microsoft Intune admin center. Once there, select Devices > Monitor > Cloud PC actions (preview). With the update that is soon to come to the Cloud PC action status report, you will be able to view batches of devices in which actions have been activated. Furthermore, customers will be able to see the batch current progress.

PROVISIONING

FeaturesWhat to expect
New health check: UDP TURN (preview)The Azure network connection (ANC) health checks are one of the more unique features that Windows 365 provides. These health checks, which are run regularly, help to ensure that the provisioning of Cloud PCs is successful in addition to verifying that end-users are getting the best possible Cloud PC experience. The update that Windows 365 has mentioned, will see a new UDP TURN being added to the Azure Network Connections health checks.

SECURITY

FeaturesWhat to expect
New settings for Windows 365 security baselinesIn the near future, customers should expect to receive new configuration settings for the Windows 365 security baseline. These Windows 365 security baselines provide customers with a set of policy templates that are founded on security best practices and experience from real-life situations. By using these baselines, customers can obtain security recommendations that will improve their cyber security and reduce the risks facing their networks. With these security baselines, security configurations for Windows 11, Windows 10, Microsoft Edge, and Microsoft Defender for Endpoint will be enabled. Before fully implementing any Configuration changes, however, it’s always safer to first test the security baseline on a pilot group of Cloud PCs.

Wrap up

Getting updates and new features is always an important part of keeping our apps and devices performing at optimum levels. Technology is constantly evolving. And without regular updates, the user experience can suffer negative impacts within a short space of time. Devices can slow down, apps can develop issues that hinder productivity, and security can become compromised.

This is why Microsoft works hard to stay ahead of the issues with a stream of new features and services frequently released to Microsoft Intune and Windows 365. These upgrades guarantee end-users that they will continue to receive industry-leading quality of service, enabling their user experience to improve even further.

Feel free to comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.