Intune Gets Privilege Management Controls for Windows 365 Users

Microsoft Intune's Endpoint Privilege Management capability now works with the Windows 365 service, Microsoft announced on Monday.

A September Intune service update enabled this capability. With it, organizations can specify "cloud PC" user privileges. A cloud PC is a virtual machine leveraged by Windows 365 desktop-as-a-service users to access Windows operating systems and applications.

Users of Windows 365 can be given standard user privileges by IT organizations, which is a typical practice. However, IT pros can occasionally elevate those privileges on an ad hoc basis using the Endpoint Privilege Management capability so that the user can perform some administrative-type task.

These elevated Windows 365 user privileges can be "scope and time limited," taking a least-privilege access approach, the announcement explained.

While having such control over Windows 365 user privileges may seem kind of basic, doing it will require having the requisite licensing for Endpoint Privilege Management, along with Intune and Windows 365 licensing. IT pros with "Global and billing administrators" privileges can start a trial.

Microsoft licenses the Endpoint Privilege Management solution as "either a standalone solution" or as "part of the Intune Suite." The Endpoint Privilege Management solution can be accessed via the "the Intune admin center, the Microsoft admin center, or by contacting your Microsoft account team."

Endpoint Privilege Management in Intune reached the general availability stage back in March, but its use with the Windows 365 service is apparently new. Microsoft is planning to bring Endpoint Privilege Management to its Azure Virtual Desktop virtual desktop infrastructure service for "single-session VMs" at some unspecified time, too.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.