Intune Extension: privilege management for Windows 365

Microsoft has announced that Intune’s Endpoint Privilege Management functionality is now compatible with the Windows 365 service. Thanks to a September update, organizations can now specify privileges for “cloud PC” users. A cloud PC allows Windows 365 desktop-as-a-service users to access Windows operating systems and applications.

Management of User Privileges

Standard user privileges for Windows 365 can be granted by IT departments. However, IT experts can incidentally increase these privileges with the Endpoint Privilege Management feature, allowing a user to perform administrative tasks.

These increased privileges for Windows 365 users can be both “scope and time limited,” providing a minimal-privilege access approach.

Licenses and Access

Having control over the privileges of Windows 365 users may seem obvious, but to accomplish this requires specific licenses for Endpoint Privilege Management, in addition to Intune and Windows 365 licenses. IT professionals with “Global and Billing Administrator” privileges can start a trial period.

Microsoft offers the Endpoint Privilege Management solution as “a standalone solution” or as “part of the Intune Suite.” Access to the Endpoint Privilege Management solution is available through “the Intune management center, the Microsoft management center or by contacting your Microsoft account team.”

Future Integrations

Endpoint Privilege Management in Intune became generally available in March. However, its use with the Windows 365 service is new. Microsoft also plans to introduce Endpoint Privilege Management for its Azure Virtual Desktop virtual desktop infrastructure service for “single-session VMs” in the near future.