Forum Discussion
iOS Devices can manually unenroll and still access corporate resource (Outlook app not removed)
We are looking to migrate to Intune for MDM on our phone but are having an issue with iOS. With Android, if you try to un-enroll your device it forces you to wipe the work profile. This means t...
Oktay thanks for the quick reply!
1. We do a stipend instead of Corp devices. We want to be able to remote wipe and have access control to corporate data for DLP and HIPAA reason.
2. Yes we have a CAE in place to require a device is marked as compliant and require use of an approved app. This policy is set to iOS and Android and for All Cloud Apps.
3. Users enroll using the Company Portal App
Yes we have app protection policy. One policy is target to iOS and MS Apps. We have conditions set for Offline grace period, disabled account and Jailbroken.
Your thought about relying on app protection MAM is interesting. I am going test using the conditional launch to see if that helps.
I don’t see how to create an App protection policy and distinguish between managed and non managed apps. All I can do is select either MS built in apps or Public apps (where the MS apps are already selected).
Is there a way to use an app protection policy to force an immediate wipe? If someone is unmanaged and leaves the company the best we could do is wipe the data after 1 day?
Thanks
John
1. We do a stipend instead of Corp devices. We want to be able to remote wipe and have access control to corporate data for DLP and HIPAA reason.
2. Yes we have a CAE in place to require a device is marked as compliant and require use of an approved app. This policy is set to iOS and Android and for All Cloud Apps.
3. Users enroll using the Company Portal App
Yes we have app protection policy. One policy is target to iOS and MS Apps. We have conditions set for Offline grace period, disabled account and Jailbroken.
Your thought about relying on app protection MAM is interesting. I am going test using the conditional launch to see if that helps.
I don’t see how to create an App protection policy and distinguish between managed and non managed apps. All I can do is select either MS built in apps or Public apps (where the MS apps are already selected).
Is there a way to use an app protection policy to force an immediate wipe? If someone is unmanaged and leaves the company the best we could do is wipe the data after 1 day?
Thanks
John
Hi JD1234535, I was wondering if you had time to have a look at this? Any updates? Thx and have a great Sunday 