Forum Discussion

Jason_B1025's avatar
Jason_B1025
Brass Contributor
Mar 10, 2021

MEM device restrictions

How is personally owned defined?

We have exchange set to quarantine any new mobile device. but it seems like the outlook app "gets around" that setting and doesn't get quarantined but is approved.

So I'm looking at device restrictions to only allow users in a group to use personal iPhone and android devices. But I can't figure out what the definition of personally owned is.

mobile device management (mdm)

2 Replies

  • Nathan Blasac's avatar
    Nathan Blasac
    Iron Contributor
    Jun 03, 2021
    "Personally" just means the enrollment was initiated by a user, and Intune doesn't "know" about it, If you proactively upload the serial number to Intune, and a user initiates enrollment, it should then show as a "corporate" ,
  • NicklasAhlberg's avatar
    NicklasAhlberg
    Brass Contributor
    Mar 11, 2021
    Hello,

    Have you looked at what conditional access can do to you? I believe that you would come a long way by using conditonal access policies to not only get control of what users and devices connect to Exchange - but to all cloud apps.

    Here are some good articles:

    This one describes the different enrollment methods:
    https://docs.microsoft.com/en-us/mem/intune/enrollment/windows-enrollment-methods

    This one describes conditional access:
    https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/overview

Resources