Forum Discussion
Intune MAM - Questions about Company Data Removal
Hey all, we're looking to deploy Intune MAM for an organization.
The organization only has BYOD devices (users have their own personal phones and company-provided phones are NOT an option.)
Our end goal is the ability to wipe company data from a phone once a user has been offboarded (Outlook, Teams, etc.).
To reduce friction, we identified that MAM may be the policy to allow for company data removal with little to no friction.
Upon doing some reading, we came across a source that said that if a user uninstalls the broker agent (Intune Company for Android and Microsoft Authenticator for iOS), that an App Selective Wipe will NOT complete, especially if the user uninstalls the app BEFORE the wipe or DURING the pending wipe.
Has this been the case for anyone else and do you have suggestions as how we can get to our end goal?
3 Replies
That is indeed the case. However if you tie the access to conditional access then the data will not be accessible unless the broker apps are found to be installed.
So to confirm
- Setup MAM
- Setup Conditional Access
- It should work despite broker apps uninstalled?
No. The CA will ensure that org data is not accessible until the broker apps are installed.
