With the latest Microsoft Defender for Endpoint (MDE) preview for iOS, Microsoft has taken another step that should make life easier for IT administrators who need to secure remote iOS devices at the endpoint.
Endpoint protection without the user friction
The MDE preview includes a new capability to install Defender for Endpoint remotely and automatically on any devices enrolled in the service. The company first announced its intention to deliver the feature last month.
In practice, this seems relatively friction-free.
Once configured, the app will be installed on iPhones and iPads without requiring any user interaction. The devices are then added to the Microsoft Defender Security console and the user is informed that the installation has taken place.
With MDE installed, the device will gain all the anti-phishing, jailbreak detection, and vulnerability assessment tools offered by the service. These include unsafe connection blocking, which is invaluable for remote workers who may unknowingly use insecure networks.
This information is also made available to security teams who can monitor threats across all active endpoints via the console. These teams will receive an alert about any security events — for example, if a device has been jailbroken. And if Conditional Access is in place, the device will be blocked from accessing corporate data once it exceeds the acceptable risk score.
What this means is that security professionals attempting to protect existing teams or onboarding new recruits can put MDE protection in place without requiring user interaction. It’s an approach that allows users to focus on their job, rather than needing to negotiate a complicated installation process.
“This eases the deployment frictions and significantly reduces the time needed to deploy the app across all devices as Microsoft Defender for Endpoint gets silently activated on targeted devices and starts protecting your iOS estate,” Microsoft’s Sunayana Singh wrote in a blog post.
Defender for Endpoint on iOS protects iOS devices (iPads and iPhones) running iOS 12.0 and later. To install MDE, admins must open up the Microsoft Endpoint Admin Center and open Devices>Configuration Profiles>Create Profile where they choose the platform (iOS/iPadOS), set up a VPN connection, and install the code. More information on deployment is available here.
Microsoft has been moving fast to support Apple fleets.
It first introduced iOS support for Defender for Endpoint in December 2020 and gave enterprise IT remote endpoint device security alerts a few months later.
The company isn’t entirely motivated by the need to support the rapidly growing number of Apple devices in use across the enterprise, though this will clearly be part of the mission.
It reflects Microsoft’s much wider strategy to expand its services — including security — across all active platforms. Defender for Endpoint also supports Linux, Android, and Windows 10 on Arm devices. (While the company appears sadly reluctant to license Windows to Arm-powered Macs, it continues to optimize its services for the platform and has updated MDE for Apple Silicon.)
“Trends like employee technology choice programs and the consumerization of IT continue to grow, and organizations need management tools that can adapt and shift to hybrid environments,” said Microsoft corporate Vice President Brad Anderson in 2020.