How to apply data protection to BYOD Desktops

Question

Hi,&nbsp;&nbsp;On BYOD mobiles, we can use CA to require accessing Office 365 services via browser to have APP applied, which will force user to use Edge and signed in. Then APP will provide the data protection.&nbsp;What do you do with BYOD desktops?Users can still access Office 365 on a home PC via Chrome browser and since there is no APP for Windows, there is no data protection can be utilized.&nbsp;Just curious how you guys all do it, or just block it.&nbsp;Cheers,

rahuljindal · Answer

CA policy with grant condition requiring a compliant device.

nhtkid · Answer

We cannot require a compliant device because home PC being BYOD, are not managed by Intune, and cannot return a compliant or non-compliant status.

Doing so will block the access on home PC completely.

We want to give staff to the flexibility to access Office 365 on BYOD PC, just need to provide some extra data protection on top of the standard MFA challenge.

rahuljindal · Answer

Access from personal Windows devices was not really called out as a requirement in your original post. In such a case you can apply Microsoft Purview data protection policies, but this cannot be tied to CA.

nhtkid · Answer

rahuljindal&nbsp;thanks Rahul.Purview or MCAS?Which one do you think provides better control and also ease of implementation?

Forum Discussion

How to apply data protection to BYOD Desktops

4 Replies