Let’s Manage Company Data Without Device Enrollment

While SCCM has been my subject for the past ten years, all of us traditional ConfigMgr guys and girls will eventually need to prepare for Intune to take over. I’ve consulted with several companies and ran into instances where the end-game is to fully manage everything in the cloud, nothing on-prem. Inevitably there is always that one person in every that says, “I don’t want the company having access to my personal device!!!!” As a consultant this response is passed to me and I always pitch Intune App Protection or Mobile Application Management without Enrollment. This solution is perfect for companies that want to protect company data without requiring a user to enroll their devices. With Intune app protection, you can implement the following policies for line-of-business application –

• Prevent Android or iCloud backups
• Allow app to transfer data to other apps
• Allow app to receive data from other apps
• Prevent “Save As”
• Restrict cut, copy and paste with other apps
• Restrict web content to display in the Managed Browser
• Encrypt app data
• Disable app encryption when device encryption is enabled
• Disable contact sync

Below is a sample policy I created to prevent backups, Save as, and restrict copy and paste between non-managed apps for Microsoft Excel on the iOS platform:
1 . In the search bar type in – “Intune App Protection”

Create a new policy

Select the app(s)

Select the polices and select “Create”

Once the policy is created, select the policy and click “Assignment”. Select the group to assign the policy.

n five steps company data can be managed without users enrolling their devices.


All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.



Contact Us

On Key

More Posts

Mastering Azure AD Connect - A Comprehensive Guide by WME
Active Directory

Mastering Azure AD Connect – A Comprehensive Guide

Modern businesses are fast moving toward cloud-based infrastructure. In fact, cloud-based business is not just a trend anymore but a strategic necessity. Microsoft’s Azure Active Directory (Azure AD) has become a frontrunner in this domain. It

Read More »
Security Best Practices in SharePoint
Office 365

Security Best Practices in SharePoint

Microsoft SharePoint is an online collaboration platform that integrates with Microsoft Office. You can use it to store, organize, share, and access information online. SharePoint enables collaboration and content management and ultimately allows your teams to

Read More »
The Ultimate Guide to Microsoft Intune - Article by WME
Active Directory

The Ultimate Guide to Microsoft Intune

The corporate world is evolving fast. And with that, mobile devices are spreading everywhere. As we venture into the year 2024, they have already claimed a substantial 55% share of the total corporate device ecosystem. You

Read More »
Protecting Microsoft 365 from on-Premises Attacks
Cloud Security

How to Protect Microsoft 365 from On-Premises Attacks?

Microsoft 365 is diverse enough to enrich the capabilities of many types of private businesses. It complements users, applications, networks, devices, and whatnot. However, Microsoft 365 cybersecurity is often compromised and there are countless ways that

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.