Skip to main content

Microsoft Defender for Endpoint wants to help your employees use iOS devices

A close up of someone using a smartphone.
(Image credit: Future)

Zero-touch onboarding for Microsoft Defender for Endpoint (MDE) is now available for iOS in public preview, the company has announced.

In a blog post, Microsoft said this new functionality “eases the deployment frictions” and “significantly reduces the time needed to deploy the app across all devices.” MDE is a cybersecurity solution that can now protect iOS phones for work (12.0 and above) from phishing, malicious apps, and unprotected networks.

Zero-touch essentially means that enterprise administrators can push the app to iOS endpoints without user interaction. MDE gets silently deployed and configured, and then added to the Microsoft Defender Security Center portal, with the user simply seeing a notification that the app has been installed.

Scanning for jailbroken devices

Microsoft first announced zero-touch onboarding for iOS in December 2020, saying that besides defending from the usual threats, the app will also scan for jailbroken devices on the network, and assess the vulnerability of each device.

The same upgrade has also brought Mobile Application Management (MAM) support for non-Intune enrolled Android and iOS devices, and reduced the complexity of iOS users onboarding, by enabling admins to create VPN profiles during setup. 

Microsoft has been hard at work, upgrading MDE with new features and capabilities. Last July, at the height of the pandemic and the rising popularity of remote working, it added support for removable storage devices and printers.

These capabilities are designed to allow administrators to exercise access restrictions on removable devices and reign in printing tasks on non-corporate or non-approved printers. The printer protection feature allows admins to block users from printing to a non-corporate network printer or non-approved USB printer.

At the same time, the removable storage access control capabilities added to the Windows version of the security platform complement the existing device control protections for tasks such as installing a new device, removing BitLocker storage, and others.

Those interested in setting up MDE for iOS can find more detailed instructions in Microsoft’s support document here.