Forum Discussion
StuartK73
Oct 21, 2019Iron Contributor
BYOD Policy Assignment
Hi All
With regards to BYOD, is it best to create a separate assignment group for policies etc?
For example:
App protection policy for Managed Devices
No app PIN when device is managed
Assigned to Intune Test Group
App protection policy for Unmanaged Devices
App PIN for targeted apps
Assigned to Intune BYOD Test Group
Info appreciated
With regards to BYOD, is it best to create a separate assignment group for policies etc?
For example:
App protection policy for Managed Devices
No app PIN when device is managed
Assigned to Intune Test Group
App protection policy for Unmanaged Devices
App PIN for targeted apps
Assigned to Intune BYOD Test Group
Info appreciated
- halbotBrass Contributor
Hi StuartK73
I would avoid this if at all possible. What happens if a user has a provided (enrolled) device, and also wants to BYOD their own?
With PIN however you should not have an issue, if you look at the info for setting 'App PIN when device PIN is set', it says that this applies to MDM enrolled devices only. So you can set that and the app PIN will still be required for BYOD (MAM) devices, since it is the app which is protected and not the device.
- StuartK73Iron ContributorYeah, are you suggesting 1 X App Protection policy per OS platform for both managed / unmanaged devices and the require app PIN when MDM not present?