The MDM capabilities provided in Windows covers the complete lifecycle of the device.

• Enrollment capabilities to automate the MDM enrollment of the device as part of the Azure Active Directory join process.
• New controls for configuring and managing the Start menu.
• New controls over Windows updates, allowing you to control when specific Windows updates are deployed to MDM-managed devices (think “WSUS from the cloud”).
• New AppLocker and Enterprise Data Protection configuration settings.
• Integration with the Windows Store and the Business Store Portal (BSP) to enable automated app management.
• Full device wipe capabilities, even for PCs.

These capabilities are supported on all types of devices, including Windows phone devices, PCs and tablets, and Internet-of-Things (IoT) devices.