While SCCM has been my subject for the past ten years, all of us traditional ConfigMgr guys and girls will eventually need to prepare for Intune to take over. I’ve consulted with several companies and ran into instances where the end-game is to fully manage everything in the cloud, nothing on-prem. Inevitably there is always that one person in every that says, “I don’t want the company having access to my personal device!!!!” As a consultant this response is passed to me and I always pitch Intune App Protection or Mobile Application Management without Enrollment. This solution is perfect for companies that want to protect company data without requiring a user to enroll their devices. With Intune app protection, you can implement the following policies for line-of-business application –
• Prevent Android or iCloud backups
• Allow app to transfer data to other apps
• Allow app to receive data from other apps
• Prevent “Save As”
• Restrict cut, copy and paste with other apps
• Restrict web content to display in the Managed Browser
• Encrypt app data
• Disable app encryption when device encryption is enabled
• Disable contact sync
Below is a sample policy I created to prevent backups, Save as, and restrict copy and paste between non-managed apps for Microsoft Excel on the iOS platform:
1 . In the search bar type in – “Intune App Protection”
Create a new policy
Select the app(s)
Once the policy is created, select the policy and click “Assignment”. Select the group to assign the policy.
n five steps company data can be managed without users enrolling their devices.
All content provided on this blog is for information purposes only. Windows Management Experts, Inc makes no representation as to accuracy or completeness of any information on this site. Windows Management Experts, Inc will not be liable for any errors or omission in this information nor for the availability of this information. It is highly recommended that you consult one of our technical consultants, should you need any further assistance.