Microsoft Intune’s Update Boosts Security and Remote Management for IT Admins

Microsoft Intune’s latest updates offer organizations enhanced oversight and protection with smarter access controls, deeper device insights, and broader platform support. With features like multiple admin approvals and improved remote help for corporate devices, this release strengthens both security and operational efficiency.

Multiple administrative approval (MAA)

First of all, Microsoft has introduced a new feature that allows administrators to configure access policies that will require approval from another IT admin before certain sensitive remote actions are taken, such as retiring, wiping, or deleting data. When someone initiates a remote action, they may be prompted to provide a business justification. The approver can review the request, add comments or notes, and then approve or deny the action.

Microsoft says that only specific administrators (who belong to a designated approval group and are assigned to a protected resource through an access protection policy) have the authority to approve sensitive changes. This feature is designed to prevent unauthorized or accidental remote actions.

Microsoft Intune Remote Help update

Microsoft Intune Remote Help now allows administrators to remotely manage Zebra and Samsung devices enrolled as corporate-owned without needing user interaction. The device screen is hidden to protect sensitive information during unattended sessions. It shows only a message that a remote session is active if someone tries to use the device. This new feature is designed to enhance security and privacy during remote support sessions.

Enhance Linux Server endpoint security and other updates

The latest Microsoft Intune update brings a new global exclusions policy for Linux Servers, allowing organizations to exclude trusted files and processes from security scans. It helps improve performance and reduce false alerts by focusing security efforts on real threats, even for devices managed by Defender for Endpoint but not enrolled in Microsoft Intune.

Last but not least, Microsoft Intune has expanded its device inventory capabilities to now include Android, iOS, and macOS devices. This feature automatically collects hardware details such as serial numbers and SIM card data.

This information is accessible in Resource Explorer for all Microsoft Intune admins, and organizations with advanced analytics licenses can also use it for custom reports and multi-device searches. This capability is available for organizations with the Microsoft Intune Advanced Analytics or the Microsoft Intune Suite subscriptions.