Forum Discussion
Remove email access to non corporate devices
Hi there,
I've started to migrate all of our devices into InTune and naturally there are users out in the business against an MDM on their device.
With no view of assets I was wondering if it's possible to remove access to O365 from their device but create an exempt group for our Directors who have their own devices but require access?
Hi,
It sounds you need to create a conditional access policy that targets exchange online and all other users except the director group. (In my opinion, not the best group to exclude... they are the most likely targeted) and require compliant devices.
So all users need to have enrolled/comliant devices except the director group... please do not forgot the create app protection policies for managed and unmanaged devices.Here is some explanation:
The Chronicles of MAM - Call4Cloud Setting up IOS App protection policies
Hi,
It sounds you need to create a conditional access policy that targets exchange online and all other users except the director group. (In my opinion, not the best group to exclude... they are the most likely targeted) and require compliant devices.
So all users need to have enrolled/comliant devices except the director group... please do not forgot the create app protection policies for managed and unmanaged devices.Here is some explanation:
The Chronicles of MAM - Call4Cloud Setting up IOS App protection policies
- KurtisM1990Copper ContributorHi Rudy,
Yeah I agree on your director comment but I'm sure you know how it is! I'll have a look into it.- Hi,
Yes I do 🙂 I know it's hard... take a look at the link I just added with some explanation...