Forum Discussion
BYOD security for desktops - Windows/Mac
What is the best method to secure a Windows or Mac BYOD device without enrolment? Can Intune App Protection policies be applied to desktop client applications - Teams/Outlook/Word/Excel/PowerPoint? E.g., If a user is allowed to use Outlook or Teams desktop app on their personal Windows laptop, can that user be prevented from downloading an attachment or a file from within teams. How about stopping the user from taking a screenshot?
Or true BYOD security can only be achieved with enrolment of the device in Intune? If yes, it will be problematic as end users will not be happy to enrol their personal devices into Intune.
App protection for windows --> Windows information protection --> user needs to be in the mam scope. And of course configure WIP :).
Force Windows Information Protection with Conditional Access | (inthecloud247.com)
But WIP is not my cup of tea... I rather just make sure all devices are just managed and enforced with conditional access... but that is only me 🙂
BYOD is great for mobile devices... 🙂- Mr_HelaasSteel ContributorHi gurdev,
As Rudi already mentioned for mobile device with iOS/iPadOS/Android you can use mobile app protection policies without enrollment.
For windows you can use wip (windows information protection) to separate personal data from corporate data and personal data and a minimum protection.
You can use azure information protection to protect your data and it is also possible to combine it with wip.
For macOS is it not possible to use app protection policies. I know you’ve asked to protect the desktop apps but I want to make you aware of another solution what you can use.
You can also use the online version of office and microsoft defender for Cloud apps to protect for example copy/paste/print.
https://janbakker.tech/control-access-from-unmanaged-devices-with-cloud-app-security/
Kind regards,
Rene- As Rudi 😛 ? who is that 🙂
MCAS..ehhh Defender for cloud apps is indeed also a great addition into securing your byod devices and accessing data from your browser- Mr_HelaasSteel ContributorSorry I am so sorry Rudy! It was early haha