Forum Discussion
Intune policy settings are required to restrict downloading, copying, and deleting... -Reg.
Hi everyone,
1) Is it possible in Microsoft Intune to set this up policy that every time a user wants to download, copy, or delete something, the admin has to get the notification?
2)Is it possible to prevent the user from installing any app or software unless the admin grants permission? If the user wants to install something, the admin must grant permission.
If anyone has knowledge on these two types of policies, please send the required settings. It will be so helpful for me.
Thank you in advance.
2 Replies
- 365vCloudBrass Contributor1)endpoint DLP or Intune+App Data Protction policy:https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy
2)All software is pushed to the company portal, or authorized by the administrator with the Azure AD access review - Moe_KinaniBronze Contributor
Hi Akhil,
1. You may need to use EndPoint for DLP, you may get overwhelmed with the notifications though!
https://learn.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldwide#:~:text=Endpoint%20data%20loss%20prevention%20(Endpoint,three%20latest%20released%20versions)%20devices
https://www.sharepointdiary.com/2020/06/disable-mass-delete-email-notification-in-sharepoint-online.html
2. I would remove Admin privileges from the user and replace with standard user, this way user needs to check with IT before installing apps.
If still looking for notifications, you can use Log Analytics Agent and setup alerts to notify you on certain Event Viewer ID.
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-windows-events
Hope this helps!
Moe
.