Forum Discussion
How do I keep company data off of personally owned devices?
Hi Chris, not something I have tried but you are looking at Device-based conditional access with Intune to achieve something like this, along with the extra licences that would be needed for this. There may be other ways of doing this but this is what I came across:
Identify devices as corporate-owned
"As an Intune admin, you can identify devices as corporate-owned to refine management and identification. Intune can perform additional management tasks and collect additional information such as the full phone number and an inventory of apps from corporate-owned devices. You can also set device restrictions to block enrollment by devices that aren't corporate-owned."
A few more links that explain what this is all about
Common ways to use conditional access with Intune
Get started with Microsoft Intune device compliance policies
Lots of different permutations for controlling access which the links go into.
Thanks for the info!
Is Intune really the only way to achieve this? It looks like each device must be enrolled in Intune to be identified as corporate or personal. Is that right? If so, it's a non-starter. To identify a device as personal and, block installations, you have to enroll first. OK so I just won't enroll my personal device and then I can connect to all the services I want! :)
Am I wrong for thinking is this is a big oversight/blunder from MS?