Post on 20-Jun-2018
Instructions for installing Microsoft Intune on
a mobile device (Android, iOS, Windows)
Version Written/Reviewed By Date
1.1 Joe Bennett 4th February 2016
1.2 Eoin Dunne 26th February 2016
1.3 Joe Bennett 17th June 2016
Introduction
With a view to ensuring compliance with legislation such as the Data Protection Acts (1988,
2003), DIT has chosen a Mobile Device Management (MDM) solution from Microsoft called
Intune. This can be used to secure phones and devices running Android, iOS, and Windows,
with each user able to protect five devices. Once enrolled, you will be prompted to encrypt the
device and apply an alphanumeric password of at least 6 characters. Encrypting an Android
device requires 100% charge and to be plugged in. You can manage your device (reset
passcode, wipe) from https://portal.manage.microsoft.com. Please note 11 repeated
password failures, to the device, will trigger a device wipe.
ICT Services cares about your privacy ICT Services cannot see this type of information on your phone or tablet:
CALL HISTORY
LOCATION
WEB HISTORY
TEXT MESSAGES
CAMERA ROLL
PERSONAL APPS
PERSONAL EMAIL, CONTACTS, AND CALENDAR
PERSONAL DATA
ICT Services can see this type of information on your phone or tablet:
OWNER
MODEL
MANUFACTURER
DEVICE NAME
OPERATING SYSTEM
COMPANY APPS
SERIAL NUMBER
ICT Services are committed to protecting the rights and privacy of DIT staff in accordance with Institute policies at http://www.dit.ie/officeofthesecretarytotheinstitute/recordsmanagement/
Step 1) Getting a License
Please contact the DIT Support Desk at extension 3123 / support@dit.ie to receive a license
for Microsoft Intune. Once this is confirmed, you may proceed to Step 2. Please note the
license is applied to your staff number account, and does not involve your receiving any files
or codes.
Step 2) Enabling location services (optional)
ICT Services strongly recommend you enable location services on your phone/tablet. Only you
will be able to access the location of your device, and this could prove very helpful in the
event of loss or theft. For assistance in turning this feature on, try searching the internet
using keywords “How to enable location services” with the make/model of your phone.
Step 3) Enrolling devices
Before starting the installation, ensure your phone is fully charged. If you have received alerts
to install system updates on your phone, complete these and restart the phone before
installing the Intune app. As with any software installation, ICT Services strongly recommend
you make a backup copy of any data on the phone (e.g. photos, text messages) before
starting the installation. The minimum requirements are that the device is running Android 4,
IOS 8 or Windows phone 8.1, operating systems. Note the app will currently run on iOS 7 but
an impending update will require at least the iOS 8 platform.
While every step has been taken to ensure the accuracy of the instructions and screenshots
below the user experience may differ from device to device depending on operating system
and version of the software.
Android Devices (Samsung, HTC)
1. Tap Home -> Play Store.
2. In the Search box, type company portal.
3. Tap Intune Company Portal.
4. Tap INSTALL.
8. Enter your email address (staffnumber@dit.ie), you will be redirected to the DIT IDP page to verify your credentials.
9. Enter your username (staff number without the @dit.ie) and your password.
12. The screen opposite will appear for a time.
13. Once this screen appears you have enrolled. Now proceed to Step 4 below (Securing the device).
iOS Devices (iPhone and iPad)
1. Open the App Store and search for Intune.
2. Download and install the Microsoft Intune Company Portal app.
3. Open the Company Portal app. Enter your email address (staffnumber@dit.ie), you will be redirected to the DIT IDP page to verify your credentials.
12. Tap Done.
13. Tap OK. Your device is now enrolled in Intune. Now proceed to Step 4 below (Securing the device).
Windows Phone
Install the Company Portal app on your device:
1. Tap Start -> Store.
2. Tap Search and type company portal.
3. In the list of results, tap Company Portal.
4. Tap Company Portal -> Install.
5. On the device, open the Microsoft Intune Company Portal app.
6. Provide your credentials. You may be asked to accept your company’s Terms and Conditions etc.
7. Swipe to My Devices.
8. Tap Tap to Enroll or identify this device.
9. Tap Enroll this device.
10. Tap Add account.
11. Enter additional information as requested and then tap sign in to complete the Enrolment. You should now see your workplace account listed on the Settings > Workplace page. If you are asked for a server at any stage use manage.microsoft.com.
Step 4) Securing the device
Once the software is installed and the device enrolled you have only thus far allowed the
device to be monitored by Intune. To actually secure the device you need to comply with the
security policy applied i.e. applying a six-character alphanumeric password and encrypting
the device. After enrolling your device, you will be prompted to set the password and encrypt
the device. If you ignore this at the time, there will be notifications which cannot be cleared
at the top of your device. It will be visible to the administrator that the device is not
compliant also. The example below is for an Android device.
Note: It is strongly recommended that you update your device to the latest operating system
before proceeding. To do this plug your device’s power adapter in and connect to the
Internet via Wi-Fi. The procedure varies depending on the device. On Apple Devices go to
Settings -> General -> Software Update. On android devices go to Settings -> About Phone ->
System Updates. On windows phone go to Settings -> Phone Updates.
To apply security measures tap, the top
notification.
If you already have a non-compliant password
(shorter and/or less complex) set you will be asked
for this now.
You will only be allowed one option so tap password.
Then choose your password. It needs to contain
letters and numbers and be at least six characters
long. Then tap continue.
Confirm your password by typing the same one
as on the previous screen then tap OK.
You may see the screen opposite. Tap Don’t show
notifications at all, and then Done.
Note: for iOS devices once a password is set, the device is
encrypted. Users with Android phones must undertake
additional steps
Now encrypt the device. Tap the
notification at the top of the screen.
Please ensure that the battery is full and
in the case of android devices that the
adapter is plugged in. If you have the
option also select the SD card. Then
tap Encrypt Tablet or Encrypt phone.
Type in your password and tap Continue.
The device will the shut down and
show something like this screen.
When completed the device will
restart again. The process is now
complete.
Note: Once these settings are applied your device will auto lock when inactive. The maximum
setting in Intune is five minutes but the device will use its own default. This is sometimes as
little as fifteen seconds. This is something the user may want to adjust.
Appendix 1) Managing devices To manage your device go to the company portal found at
https://portal.manage.microsoft.com or search for Intune Company portal. Once you type in
your email username (staffnumber@dit.ie) you will be redirected to the DIT Authentication
page. After you enter your login details, you will see something like the screen below.
Note the section highlighted in red. If you are connecting to the company portal from a
device which is not enrolled (e.g. your PC) you will see this notification, and can disregard it.
When you click on the device you want to manage you will have various options as shown
below. In the event of the device being lost or stolen, the reset option will wipe the device
and return it to factory settings.
As mobile phones can be used to store or access data, the loss or theft of a device must be
handled under the DIT data security breach management guidelines in order to reduce the
impact of the breach. For immediate steps on what to do if a device is missing, follow the
procedure for managing a lost or stolen mobile device.