Microsoft Intune: Your New Mobile Solution

Helping you connect anytime, anywhere

At Booz Allen, we’re constantly looking for ways to empower you to achieve your best by providing access to information and tools to do your job, and making it easier for you to connect and engage with your teams and the firm in a secure, reliable manner. One way we do that is through our mobile management tools. These tools allow you to access Booz Allen email and data remotely while keeping our information secure.

Introducing Mobile Email Encryption

To help meet the growing demand for on-the-go access to firm resources, we offer Mobile Email Encryption—a simple option to read and send encrypted or digitally-signed emails from your iPhone’s Outlook application. This capability provides a convenient option for reviewing encrypted emails from your iPhone when you don’t have access to your Booz Allen laptop and smart card.

Mobile Email Encryption eligibility requirements include:

  • Mobile Email Encryption—a simple option to read and send encrypted or digitally-signed emails from your iPhone's Outlook application
  • iPhone (17.1 minimum OS version)
  • MDM enrollment
  • Active Booz Allen smart card certificates
  • Booz Allen-issued Windows computer or virtual machine (Mac)

To learn more about encryption guidelines, please read the Information Security Policy.

Check out the Mobile Email Encryption FAQs for enrollment information and more.

Mobile Devices Access

Booz Allen provides two options for accessing Booz Allen information securely from your personal mobile device. Each option offers a different experience and benefits.

Mobile Device Management (MDM) secures your entire personal mobile device. As part of Cybersecurity Maturity Model Certification (CMMC) security requirements, MDM provides the best experience when accessing Booz Allen information from your personal mobile device. Note: MDM is required for all corporate mobile devices.

  • Allows you to access and use firm resources—for example, copy/paste from mobile email, opening files in mobile apps—just like you would from a Booz Allen computer

Mobile Application Management (MAM) is an additional mobile solution that allows you to connect with the firm without registering your personal mobile device through MDM. It maintains and secures Booz Allen apps via our Intune company portal for the resources you want to access the most (e.g., Outlook, Huddle, Microsoft Teams).

  • Provides limited access and use of firm resources

MDM vs. MAM Features

Pick the option that works best for you based on your personal and business needs and monitoring comfort level.

If  You Need:

Mobile Application Management (MAM)

Mobile Device Management (MDM)
Access to firm email and calendar X X
Access to firm applications (e.g., Outlook, Microsoft Teams, Huddle) X X
Copy/paste within or between Office 365 applications (e.g., Outlook, Word, Excel, PowerPoint) X X
Paste data out to local machine   X
Print from Office 365 applications   X
Saving to mobile device from Office 365 applications   X
"Open in desktop version" feature of the online applications (i.e., web version).   X
Edit Office 365 online documents in the online version of the tool X X

Edit Office 365 online documents in the mobile app-version of the tool

   X
Access to the limited features offered by the online versions of Office applications (e.g., Excel Online, Word Online, PowerPoint Online) X X
Access to all features of device-installed versions of Office applications   X
Access to firm Wi-Fi when you’re in a Booz Allen office X
Manual login to guest Wi-Fi		 X
Automatic connection to firm Wi-Fi
Locate a lost device or remote phone wipe (if device is lost)  

X
Secure and register your entire mobile device   X

If I enroll my device in MDM, can the firm see my personal items, such as pictures and apps?

Mobile Device Management (MDM) helps secure firm content on your device. 

Firm can never see information such as texts, emails, and pictures within personal apps.

Getting Started

Select which option is best for you and follow these simple steps:

  • New to Mobile: If you are new to Booz Allen mobile offerings and would like to enroll in MDM or use MAM, simply follow these instructions to get connected.

To enroll in MDM: Please follow these iOS instructions or Android Instructions. (Note: MDM is required for corporate mobile devices.)

To use MAM: Please follow these iOS instructions or Android instructions.

To unenroll from MDM please follow these instructions.

  • Already have MDM or MAM, but not sure which one?

For your iOS device: Open and sign into the Company Portal app. Choose the “devices” tab. Choose the first device (It should say “This is the device you are currently using”). If it says “Can access company resources,” then your device is enrolled in Booz Allen MDM. Otherwise, if it says “Begin setup,” you are using MAM.

For your Android device: Open and sign into the Company Portal app. Choose the “devices” tab. Choose the first device in the list (it should be bolded and may have a red icon). If you see “This device is not managed,” then you are using MAM. Otherwise, your device is enrolled in Booz Allen MDM.

Questions

We would love to hear from you! Please share your feedback in our Intune for Mobile Yammer community or if you need immediate assistance, please contact the Help Desk at 877-927-8278 or assistme.bah.com.

Additional Resources

  • Android MDM FAQs
  • Android Legacy MDM Replacement Instructions
  • Intune Minimum Operating Systems Requirements
  • Intune Mobile Device Requirements