Forum Discussion

StuartK73's avatar
StuartK73
Steel Contributor
Nov 30, 2018

Profile Type Best Practice

Hi All   Just a quick question, what do you guys do when implementing Device Configuration Profiles and what is the recommended Best Practice?   For example,    1 X Device Restrictions Configur...
Intune
mobile device management (mdm)
Oliver Moazzezi's avatar
Oliver Moazzezi
Brass Contributor
Dec 02, 2018

I think best practice dictates to sensibly name each policy you create, but to be honest how you go about planning your Intune roll out depends on the requirements you have for your Org.

 

I have consulted Orgs where one policy per corporate device type is all that is necessary. They had clear guidelines that there is only one agreed corporate policy per device type. Then, if personal devices are allowed, the creation of App Protection policies to allow that BYOD scenario.

 

However large Orgs will normally have different requirements, so if you are facing the scenario where you need multiple policies for different departments or business units, then that's fine - simply utilise a sound naming convention and utilise the description - and push the policies out based on 'assignment', based on Azure Security Groups that are again clearly labelled for their department and Intune purpose.

 

Whether you ultimately have to have multiple of each policy type will come out in the wash during your requirements planning, to see if certain global policies can be supported to minimise the total amount of policies you'll be creating.

 

Have fun!