They include all Microsoft 365 mobile applications, such as Edge, Outlook, OneDrive, Office, or Teams, as this ensures that users can access and manipulate work or school data within any Microsoft app in a secure fashion. These policies, at a minimum, must meet the following conditions: Regardless of whether the device is enrolled in a unified endpoint management (UEM) solution, an Intune app protection policy needs to be created for both iOS and Android apps, using the steps in How to create and assign app protection policies. To see the specific recommendations for each configuration level and the minimum apps that must be protected, review Data protection framework using app protection policies. This configuration is desirable for users that are accessing high risk data.
For Android devices, this level validates Android device attestation. Enterprise basic data protection (Level 1) ensures that apps are protected with a PIN and encrypted and performs selective wipe operations.The APP data protection framework is organized into three distinct configuration levels, with each level building off the previous level: To help organizations prioritize mobile client endpoint hardening, Microsoft has introduced taxonomy for its APP data protection framework for iOS and Android mobile app management.
For some, it may not be obvious which policy settings are required to implement a complete scenario. The choices available in APP enable organizations to tailor the protection to their specific needs. Create Intune app protection policiesĪpp Protection Policies (APP) define which apps are allowed and the actions they can take with your organization's data.
For more information, see App-based Conditional Access with Intune. For Android devices, the Intune Company Portal app is required. To leverage app-based conditional access policies, the Microsoft Authenticator app must be installed on iOS devices.
0 kommentar(er)
