Describe Microsoft 365 apps and services Flashcards
The differences between Office 365 and Microsoft 365
Office 365 is a cloud-based service that includes apps such as Word, Excel, PowerPoint, and Outlook along with services such as Microsoft Exchange, SharePoint, Teams and OneDrive. Microsoft 365 is a cloud-based service that includes the same Office apps and services, plus Windows, and Enterprise Mobility + Security.
Enterprise Mobility + Security (EMS)
Enterprise Mobility + Security (EMS) is a mobility management and security platform that helps protect and secure your organization and empower your employees. The platform includes services such as Microsoft Entra ID (formally known as Azure Active Directory or Azure AD) and Microsoft Intune. Microsoft Entra ID provides a complete identity and access management solution with integrated security to manage and protect access for employees, customers, and partners as they connect to their apps, devices, and data. Microsoft Intune is a cloud-based endpoint management and security solution for managing users, devices, and apps across platforms like iOS, Android, Windows, and macOS. These topics will be discussed in later learning paths and modules.
Microsoft 365 Copilot
Microsoft 365 Copilot, your copilot for work. It combines the power of large language models (LLMs) with your data in the Microsoft Graph and the Microsoft 365 apps to turn your words into the most powerful productivity tool on the planet. And it does so within our existing commitments to data security and privacy in the enterprise.
Microsoft Intune
Microsoft Intune is a cloud-based endpoint management solution that manages user access to organizational resources and simplifies app and device management across your many devices, including mobile devices, desktop computers, and virtual endpoints. Some of the key features and benefits of Intune include:
Allows management of users and devices (both organizational and personal) across platforms like Android, AOSP, iOS/iPadOS, macOS, and Windows, enabling secure access to organization resources through user-defined policies.
Intune streamlines app management, offering in-built deployment, updates, and removal capabilities, integration with private app stores, Microsoft 365 app support, Win32 app deployment, and tools for app protection policies and data access control.
Intune automates policy deployment for apps, security, device configuration, compliance, conditional access and more.
The Company Portal app provides self-service features for employees and students, such as PIN/password resets, app installations, and more.
Intune partners with mobile threat defense tools, including Microsoft Defender for Endpoint and third-party services, to emphasize endpoint security, enabling policies for real-time threat response and automated remediation.
Intune’s web-based admin center emphasizes endpoint management and data-driven reporting, allowing admins to sign in from any device with internet access.
Configuration Manager
Configuration Manager is an on-premises management solution to manage desktops, Windows servers, and laptops that are on your network or internet-based. Configuration Manager boosts IT productivity by reducing manual tasks and letting you focus on high-value projects. Configuration Manager enhances IT services by securely deploying applications and updates at scale, facilitating real-time actions on devices, offering cloud-driven analytics for both on-site and online devices, managing compliance settings, and providing thorough oversight of servers and computers. Configuration Manager collaborates with numerous Microsoft technologies. You can cloud-attach your Configuration Manager environment allowing you to modernize and streamline your management solution.
Co-management
Co-management is one of the primary ways to attach your existing Configuration Manager deployment to the Microsoft 365 cloud, enhancing capabilities like conditional access. It allows simultaneous management of Windows 10 or later devices through both Configuration Manager and Microsoft Intune, enhancing your Configuration Manager’s functions. Devices with the Configuration Manager client enrolled in Intune benefit from both services. The authority to shift specific workloads from Configuration Manager to Intune is in your control, while Configuration Manager retains authority over other workloads.
Tenant-attach
Tenant attach allows your device records to be in the cloud, enabling you to act on these devices from a cloud console. It provides real-time data from Configuration Manager clients, including those online. It also lets you manage endpoint security for both Windows Servers and Client devices from the Intune admin center, including antivirus status and malware reports.
Endpoint Analytics
Endpoint Analytics is a cloud-native service that provides metrics and recommendations on the health and performance of your Windows client devices. Endpoint Analytics is part of the Microsoft Adoption Score. These analytics give you insights for measuring how your organization is working and the quality of the experience you’re delivering to your users. Endpoint analytics can help identify policies or hardware issues that might be slowing down devices and help you proactively make improvements before end-users generate a help desk ticket. You can use Endpoint Analytics on devices that are managed with Intune or Configuration Manager connected to the cloud.
Windows Autopilot
Windows Autopilot is a cloud-native service that sets up and pre-configures new devices, getting them ready for use. You can also use Windows Autopilot to reset, repurpose, and recover devices. It’s designed to simplify the lifecycle of Windows devices, for both IT and end-users, from initial deployment through end of life. You can use Autopilot to preconfigure devices, automatically join devices to Microsoft Entra ID (formally known as Azure Active Directory or Azure AD) or enroll devices in Intune, customize out of box experience and more. You can also integrate Autopilot with Configuration Manager and co-management for more device configurations.
Windows Autopatch
Windows Autopatch is a cloud service that automates Windows, Microsoft 365 Apps for enterprise, Microsoft Edge, and Microsoft Teams updates to improve security and productivity across your organization. The goal of Windows Autopatch is to deliver software updates to registered devices; the service frees up IT and minimizes disruptions to your end users. Once a device is registered with the service and depending on your subscription, you have access to a variety of features through the Microsoft Intune admin center such as update rings, autopatch groups, hotpatch updates, driver and firmware updates and more.
Windows 365
Windows 365 is a cloud-based service that automatically creates a new type of Windows virtual machine (VM), known as Cloud PCs, for your end users. Windows 365 introduces a new way to experience Windows client to organizations of all sizes. Securely stream the full Windows experience including apps, data, and settings, from the Microsoft cloud to any personal or corporate device.
Here’s what you can do with Windows 365:
Stream your apps, data, content, and settings from the Microsoft cloud to any device and pick up where you left off.
Personalized Windows 365 Cloud PCs available across devices.
Dedicated to a single user.
Simple to deploy and manage from a single console.
Easily set up and scale Cloud PCs to fit your needs and securely support changing workforce needs and new business scenarios.
Assign a license to a user and Windows 365 is automatically provisioned for that user.
Azure computing and storage are managed by Microsoft with a fixed cost.
Azure Virtual Desktop
Azure Virtual Desktop (AVD) is a modern and secure desktop and app virtualization solution that runs on the cloud. AVD allows users to connect to a Windows desktop running in the cloud. It’s the only solution that delivers multi-session on Windows. AVD gives you the ability to access your desktop and applications from virtually anywhere.
Here’s what you can do with Azure Virtual Desktop:
Set up a multi-session Windows Client deployment that delivers a full Windows experience with scalability.
Dedicated to a single user or used by multiple users, using FSLogix technology.
Present Microsoft 365 Apps for Enterprise and optimize it to run in multi-user virtual scenarios.
Bring your existing Remote Desktop Services (RDS) and Windows Server desktops and apps to any computer.
Virtualize both desktops and apps.
Manage desktops and apps from different Windows and Windows Server operating systems with a unified management experience.
Azure computing and storage are customer managed with consumption-based costs.
Reports in other admin centers
Each specialist admin center gives you more options for that specific area including reports. The following list describes some of the other admin centers and some of the reports available:
Security - Microsoft 365 Defender. View information about security trends and track the protection status of your identities, data, devices, apps, and infrastructure.
Compliance - Microsoft Purview. View status and trends for the compliance of your Microsoft 365 devices, data, identities, apps, and infrastructure.
Endpoint Manager. View reports through Microsoft Intune on endpoint compliance, health, and trends in your organization.
Microsoft Entra ID (formally known as Azure Active Directory or Azure AD). View activity reports, which include registration and usage. These reports help you understand the behavior of users in your organization like registrations and sign-ins.
Exchange. View reports of email flow within your organization and mailbox migration batches created for your organization.
SharePoint. View reports on the security and compliance of your data in SharePoint. These reports include sharing links to identify potential oversharing and sensitivity labels applied to files to monitor sensitive content.
Teams. View usage reports to gain insights and information on Teams usage. Your organization can use these reports to better understand usage patterns like how users are using Teams, and what devices they use to connect to Teams.
Deployment rings
Deployment rings are a deployment method used to separate devices into a deployment timeline. Each “ring” comprises a group of users or devices that receive a particular update together. IT administrators set criteria that should be met to control delay time or completion before deployment to the next broader ring of devices and users can occur.
A common ring structure uses three deployment groups:
Preview is for planning and development.
The purpose of the preview ring is to evaluate the new features of the update.
Limited is for pilot and validation.
The purpose of the limited ring is to validate the update on representative devices across the network.
Broad is for wide deployment.
Once the devices in the limited ring have had a sufficient stabilization period, it’s time for broad deployment across the network.
