Choose between MDM for Office 365 and Microsoft Intune

Microsoft Intune and built-in Mobile Device Management for Office 365 both give you the ability to manage mobile devices in your organization. But there are key differences, described in the following table.

Note: You can manage users and their mobile devices using both Intune and Office 365 in the same Office 365 tenant. Setting up both Intune and MDM lets you decide which solution is best for specific users and their devices. If you have both options available, you can choose whether you manage a user's devices with MDM for Office 365 or the more feature-rich Intune solution.

Feature area

MDM for Office 365

Microsoft Intune


Included with many Office 365 commercial subscriptions.

Requires a paid subscription for Microsoft Intune or can be purchased with Enterprise Mobility Suite.

How you manage devices

Manage devices using the Security and Compliance Center in Office 365.

If you use Intune by itself, you manage devices using the Intune admin console.

If you integrate Intune with System Center 2012 Configuration Manager, you use the Configuration Manager console to manage devices on-premises and in the cloud.

Devices you can manage

Cloud-based management for iOS, Android, and Windows Phone.

Cloud-based management for iOS, Mac OS X, Android, Windows Phone, and Windows PCs.

Key capabilities

Help ensure that Office 365 corporate email and documents can be accessed only on phones and tablets that are managed by your company and that are compliant with your IT policies.

Set and manage security policies, like device level pin lock and jailbreak detection, to help prevent unauthorized users from accessing corporate email and data on a device when it is lost or stolen.

Remove Office 365 company data from an employee’s device while leaving their personal data in place.

Details are included in capabilities of Built-in Mobile Device Management for Office 365.

MDM for Office 365 capabilities, plus:

Help users securely access corporate resource with certificates, Wi-Fi, VPN, and email profiles.

Enroll and manage collections of corporate-owned devices, simplifying policy and app deployment.

Deploy your internal line-of-business apps and apps in stores to users.

Enable your users to more securely access corporate information using the Office mobile and line-of business apps they know, while ensuring security of data by helping to restrict actions like copy, cut, paste, and save as, to only those apps managed by Intune.

Enable more secure web browsing using the Intune Managed Browser app.

Manage PCs from the cloud with no infrastructure required using Intune, or connect Intune to Configuration Manager to manage all of your devices including PCs, Macs, Linux and UNIX servers, and mobile devices from a single management console.

An Intune subscription also allows you to set up MAM (mobile app management) policies by using the Azure portal, even if people's devices aren't enrolled in Intune. See Protect app data using MAM policies.

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!