Serg Nvns - Fotolia

How IT can manage Office 365 for mobile devices

Office 365 is a cornerstone of office work, but how should IT manage the platform for mobile users? Find strategies to manage the software effectively in the enterprise.

Microsoft Office 365 is a crucial business tool for many end users -- and as more employees do work on their mobile devices, it is becoming even more important for IT to effectively manage Office 365 for mobile users.

There were over 120 million monthly active users for Office 365 in October 2017, according to Microsoft's earnings report. As of 2016, there were 340 million downloads for Office mobile apps, which indicates that a significant amount of users turn to their mobile devices to perform Office 365 tasks. With these high adoption rates, it's no surprise that IT has questions about managing Office 365 on mobile.

What are the recent changes to Office mobile apps?

Microsoft released a few messaging apps for Office 365 on mobile devices over the past few years, including Outlook and Outlook Groups. With Outlook Groups, users could experience the core features of Office 365 Groups on mobile. Google Android and Apple iOS users could also install an Outlook mobile app as of April 2017.

But in 2018, Microsoft discontinued the Outlook Groups app and Outlook Web App (OWA) mobile apps, encouraging users to log in through a mobile browser instead. These recent changes point to a potential future for Office 365 on mobile: one unified mobile app.

Microsoft Word on Office 365 for Android
Microsoft Word as viewed on Office 365 for Android

Despite these changes, Microsoft continues to improve Office 365 on mobile. Outlook's improved mobile architecture has native support for Exchange Online mailboxes.

How can IT manage Office 365 on mobile through EMM?

A few integrations and updates in the enterprise mobility management (EMM) market make it easier for IT to manage Office 365 for mobile. One change is Microsoft's Graph API, which enables third-party EMM platforms, including Citrix, BlackBerry and MobileIron, to apply policies to Office 365 apps from Intune.

IT can deploy MFA to Office 365 in three ways.

The capability enables IT to distribute apps securely, but, unfortunately, it requires a license for Microsoft Intune. Also, Intune's lack of advanced features may encourage larger enterprise customers to seek scalable management options and security policies elsewhere.

There is an alternate option -- BlackBerry Enterprise Bridge, through which iOS and Android users can access Office 365 for mobile via BlackBerry apps such as Work. Bridge offers users a way to perform Office 365 tasks without cumbersome processes. For example, users can view an email attachment from BlackBerry Work and then choose to open it natively in Microsoft Word. Bridge also uses Microsoft's Graph API, but unlike Intune, it integrates with the Intune and Dynamics container to add deeper security.

How can IT implement MFA for Office 365?

When users access sensitive business data on their mobile devices, it's even more essential for IT to keep the content secure. One of the best ways to enhance security is to implement multifactor authentication (MFA), which will grant access only when users provide multiple points of identification, such as a password and a fingerprint.

IT can deploy MFA to Office 365 in three ways. The organization can purchase an Office 365 subscription, which comes with support for MFA on Office 365 apps. Azure Active Directory (AD) also comes with a free version of MFA. Alternatively, IT could purchase an Azure AD Premium or Microsoft Enterprise Mobility + Security license to take advantage of Azure Multi-Factor Authentication.

To enhance the user experience, IT can choose the option to remember trusted devices for Office 365. This option requires users to reauthenticate after a certain number of days, but it still comes with security risks.

Dig Deeper on Mobile management