Wednesday, January 12, 2022

How Microsoft Endpoint Manager helps equip frontline workers

This blog focuses on the unique endpoint needs of workers on the front line and recent Microsoft Endpoint Manager developments that help frontline workers share Android devices more securely and locate lost Android devices more easily using an audio alert. These plus other Microsoft innovations are helping frontline workers manage through the staff shortages, health requirements, and supply chain bottlenecks brought about by the pandemic.

If there’s one thing that the last two years have taught us, it’s the importance of the world’s two billion-plus frontline workers. Whether it is taking a swab for a COVID test or keeping a restaurant open in the face of staff shortages, the pandemic has helped everyone see the vital role played by frontline workers. As a result, Microsoft has increased its investments in tools that help the frontline manage their critical work more easily, supported by IT admins.

As Microsoft Teams makes exciting announcements about new features for frontline workers today, we also wanted to share some of the innovations we’re introducing to ensure Microsoft Endpoint Manager helps all frontline employees. In addition to major updates, such as support for Android Open Source Project (AOSP) devices like RealWear, there are three specific innovations in Endpoint Manager that I’d like to highlight today:

  1. New audio alerts in the Find My Device feature for Android Enterprise
  2. Improvements to Android shared device mode
  3. Azure Virtual Desktop innovations for Microsoft Endpoint Manager

Getting back to work faster with Find My Device for Android Enterprise dedicated devices

Given how many things a frontline worker juggles, it’s not surprising that a device is misplaced from time to time. For example, consider the scenario in a busy emergency room, where a nurse is called away from what they are doing by an urgent patient need. When the patient is stable and they are ready to go back to their task, it’s possible that the trolley they placed their device on has moved. Another customer scenario is at a car rental agency, where a worker has a device to check in returned hire cars, but also must put that device down from time to time to complete other tasks around the location. Lost devices mean immediate lost worker productivity (the task they could be completing with the lost device), as well as the time spent searching for the device and the cost of needing to replace a device if it cannot be located.

In September 2021, we shipped the ability for IT to locate a device remotely on a map from the Microsoft Endpoint Manager Admin Center. This is a helpful step forward, but we wanted to address some additional scenarios with this update. First, sometimes frontline workers lose their devices between equipment or in hard-to-find spots in a specific location, such as behind a machine. Additionally, some devices don't have GPS capabilities that make it possible to locate with a map.

For these devices, we have built the capability for IT admins to issue an audio alert. This way, when a device is considered lost, an IT administrator can remotely trigger an audio alert, which helps frontline workers locate the lost device by sound.

This feature will enter GA this quarter, and we look forward to taking one less stress away from frontline workers who may sometimes lose their devices.

The IT admin view when triggering an auto alert for a lost deviceThe IT admin view when triggering an auto alert for a lost device

Sharing frontline devices safely and productively with Android shared device mode

Frontline workers sometimes need to share devices: for example, consider a specialized device in big box retail that helps manage inventory. That device may be used by workers during a day shift, and then by different workers performing a similar task during a night shift. Or workers on a factory floor who need to take measurements as part of an industrial process every three hours over the course of an entire week. In these situations, it is vital for the frontline worker to easily log out of the apps they are using on a device so that the device is ready for the next worker.

Microsoft has recently been making enhancements to managing Android Enterprise dedicated devices configured with Shared device mode. Shared device mode allows multiple users to gain single sign-in and single sign-out from applications that have integrated with Shared device mode, meaning frontline workers can safely use any integrated app on their Android Enterprise dedicated devices. However, up to now, not all apps had been optimized with Shared device mode.

Now, IT admins can specify non-optimized apps to gain a local storage clear at the time of a sign-out from a Shared device mode application. This means that any app, including non-optimized third-party apps, can get sent a signal for sign-out, meaning one less thing to worry about for IT and frontline workers.

Today, Shared Device Mode is generally available for Teams and Managed Home Screen on Android. For more details, see Endpoint Manager supports sign-out for apps not optimized with Azure AD shared device mode.

Enabling the frontline more with Azure Virtual Desktop innovations

There is one further area of improvement to Microsoft Endpoint Manager for frontline workers that I’d like to highlight: those relating to Azure Virtual Desktop.

There are many customer scenarios where remote desktops make sense. For example, in a highly regulated industry like financial services or healthcare, where security is paramount. Or in a scenario with an elastic workforce, perhaps with more short-term employees or contractors. Or when you want to grant access to specific employees or for specialized workers (such as design and engineering). Many of these scenarios are performed by frontline workers.

To further support these customer scenarios, Azure Virtual Desktop single- and multi-session support for Azure Active Directory (Azure AD) joined devices is in public preview and will be generally available later in 2022. This allows frontline workers to use multi-session Azure Virtual Desktop (where device-only policies are supported), enabling greater flexibility for the frontline worker that needs to have more than one session of Azure Virtual Desktop on the go. Later this quarter we also plan to release into public preview Azure Virtual Desktop multi-session user configuration support. This will enable IT admins to customize the user configuration on Azure Virtual Desktop multi-session, which will help in customizing policy, certificates, VPN, and other specifics.

I hope you’re as excited as I am about helping our frontline heroes continue to do amazing work in a flexible and productive manner. It’s a key theme for Microsoft, and, as you can see from the new features discussed above, it’s a key theme for Microsoft Endpoint Manager in 2022 as well.

Return to the Microsoft Endpoint Manager blog. Join the conversation on Twitter at @MSIntune and LinkedIn.

Posted at