The MDM capabilities provided in Windows covers the complete lifecycle of the device.
- Enrollment capabilities to automate the MDM enrollment of the device as part of the Azure Active Directory join process.
- New controls for configuring and managing the Start menu.
- New controls over Windows updates, allowing you to control when specific Windows updates are deployed to MDM-managed devices (think “WSUS from the cloud”).
- New AppLocker and Enterprise Data Protection configuration settings.
- Integration with the Windows Store and the Business Store Portal (BSP) to enable automated app management.
- Full device wipe capabilities, even for PCs.
These capabilities are supported on all types of devices, including Windows phone devices, PCs and tablets, and Internet-of-Things (IoT) devices.