Understanding the Power of Microsoft Intune in Locating Lost or Stolen Windows 10 / 11 Devices

Understanding the Power of Microsoft Intune in Locating Lost or Stolen Windows 10 / 11 Devices

Hi Friends,

We’ve all been there, losing a device or having it stolen is a stressful experience. But when that device contains sensitive work data or has access to important company resources, the risk gets even higher. Fortunately, Microsoft Intune is here to save the day. With its powerful tools, you can not only manage your devices but also locate them if they go missing. In this post, we’ll explore how Intune makes this possible and why it’s such a game-changer for keeping your devices and data safe.

Why Device Management Matters

In today’s world, we’re all carrying around devices that are like mini treasure troves of information. Whether it’s a work laptop, a tablet, or even a smartphone, these devices are essential to our daily lives. But with all that convenience comes risk. If a device gets lost or stolen, it’s not just the hardware you’re worried about; it’s the data inside that could potentially end up in the wrong hands.

This is where Microsoft Intune comes in. It’s a cloud-based service that allows you to manage all your devices from one place. Think of it as a control center for everything from updates and security policies to, yes, finding lost devices. By keeping track of where your devices are and who’s using them, Intune helps ensure that your company’s data stays safe, no matter what.

What Exactly is Microsoft Intune?

At its core, Microsoft Intune is part of Microsoft Endpoint Manager, a suite of tools designed to help you manage and secure your devices. Intune lets you do everything from setting up security policies to managing apps, but one of its most valuable features is the ability to locate devices that go missing.

One of the great things about Intune is that it respects the boundary between personal and work data. This is especially important if your employees use their personal devices for work. Intune can manage and protect work data on these devices without invading personal privacy, which is a big plus in today’s BYOD (Bring Your Own Device) world.

Quick Overview of Location Services and Privacy

Windows 10 uses the location service to give apps, features, and services details about where your device is or has been. This access is often needed to make certain apps work fully, whether it's for something simple like showing local ads or more complex tasks like finding nearby stores on a map.

Even some Windows features, like 'Find my device' and automatic time zone settings, depend on this information. Users can manually set up access to this location data, or it can be enforced by an IT administrator. However, the location data is only kept on the device for 24 hours.

The location service determines your device's location by using GPS, nearby Wi-Fi networks, cell towers, and your IP address. How accurate the location is depending on what features your device has. Microsoft also gets access to this location data to help improve their services, but they first, remove any personal information when accessing it.

Besides Windows, third-party apps can also access your location, but only if they're available through the Microsoft Store or built to follow Windows location settings. However, some apps can still figure out your location using other methods like Bluetooth or Wi-Fi, even if your device's location settings don’t allow it.

How Intune Helps You Locate Devices

So, what happens if a Windows 10 device gets lost or stolen? This is where Intune’s location feature really shines. When a device goes missing, time is of the essence. The sooner you can locate it, the better your chances of recovering it or at least securing the data it contains.

Here’s how Intune’s location feature works in theory:

1.  Protecting Your Data: The main goal of finding a lost device is to protect the sensitive data it holds. If the device itself can’t be recovered, knowing where it is helps you decide whether to remotely wipe it to prevent any data from being accessed.

2.  Tracking the Device’s Location: Intune gives you the ability to see where a device is on a map. Whether it’s misplaced somewhere or has traveled halfway across the city, you’ll have the visibility you need to act.

3.  Supported Platforms: Intune’s devices locate features that support Windows 10 and later devices, as well as Apple iOS/iPadOS devices. Unfortunately, this feature isn’t available for Android devices or macOS currently. This means you can use Intune to locate Windows laptops and tablets, as well as iPhones and iPads, giving you broad coverage for your most common devices. Here are supported devices in detail.

4. Android Enterprise: - this applies to dedicated devices, fully managed devices, and corporate-owned work profile devices. These devices need to have Google Play Services version 20.06.16 or later, with Location services turned on and "Google Location Accuracy" enabled. You can find the "Google Location Accuracy" setting by going to Settings > Location > Location Services. For corporate-owned work profile devices running Android 12 or later, users need to grant the Intune app location permission by navigating to Settings > Apps > Intune (in the Work tab) > Permissions > Location > Allow all the time.

·     5.  iOS/iPadOS 9.3 and later: - The device needs to be in supervised mode and in lost mode for       this feature to work.

·    6.  Windows 10 Devices: - These are the OS versions which support the locate device feature.

       Version 20H2 (10.0.19042.789) or later

       Version 2004 (10.0.19041.789) or later

       Version 1909 (10.0.18363.1350) or later

       Version 1809 (10.0.17763.1728) or later

·     7.  Windows 11 Devices: - all types of windows 11 versions support this feature.

Unsupported Platforms: - Device location capabilities aren't supported for the following platforms:

1.       Android device administrator
2.       Android Enterprise:
3.       Personally owned work profile
4.       macOS
5.       Windows Holographic for Business
6.       Windows Phone

To use location services, apps must have permission to access location data. By default, users can configure this access during the initial setup or later through the Settings app (under Privacy > Location). Additionally, IT administrators can enforce the required configuration on Windows devices. This setting is available through the Privacy CSP as an ADMX-backed policy. It can be configured using either a custom configuration profile or the new settings catalog. Using the settings catalog is generally preferred because it provides the same options and allows for configuration through the graphical user interface (GUI).

To know more about how to configure device locate feature in Intune. Please follow this detailed walkthrough.

Explaining How to Locate Lost or Stolen Windows 10 Devices with Microsoft Intune 

Important: Before implementing this configuration, ensure it complies with local privacy laws and regulations

Performing the remote action to locate Windows 10 devices

After enabling location access for the device, the IT administrator can locate it using a remote action. The following three steps outline how to trigger this remote action to find the Windows device.

Important: Before implementing this configuration, ensure it complies with local privacy laws and regulations

1. Open the Microsoft Endpoint Manager admin center portal and navigate to Devices > Windows > Windows devices

2.    Select the Windows device to locate and in the Overview click Locate device

On the Locate device dialog box, read the message “Before you continue, make sure you’re following local laws and regulations around receiving location data. Once received, the location data is visible in Intune for 24 hours. Request device location?” and click Yes to locate the device.

So, this is the end of this article, and you can refer to a fully detailed walkthrough by clicking this link.

So, it’s time to give the Microsoft Intune Admin Center a try and experience how to locate devices by using location services!

I hope you found this article helpful in understanding the locate devices future of Microsoft Intune Admin Center. If you enjoyed this post, don't forget to share it with your colleagues and friends who might benefit from this knowledge.

Have thoughts or questions? I'd love to hear from you! Drop a comment below, and let's discuss more…!!!

Also, I would like to invite you to read my other articles as well:

How to Manage Licenses in Microsoft 365 Admin Center

Microsoft will Remove License Management from Entra ID Portal on September 1st, 2024

Adding Charges for the Unlicensed OneDrive Accounts

Exploring Passwordless Authentication in Microsoft Entra ID

To stay updated on the latest tech news & trends and deep dives into Microsoft products, make sure to subscribe to Learn with D. Together, let's continue to explore and learn!