Forum Discussion

  • Hi Alistair,

     

    I would build a Conditional Access rule to require approved apps targeted to your iOS and Android not Windows. This would force people to access your services via the MS apps which includes the Managed Browser:

     

    Approved apps list can be seen here: https://aka.ms/supportedmamapps

     

    best,

    Oliver

    • Alistair Trigg's avatar
      Alistair Trigg
      Brass Contributor

      Hi

       

      Thanks you have confirmed that I am in the right place but maybe I was looking at it from the wrong angle. So I had selected cloud apps - O365 exchange online, condition - browsers, access control - block.

       

      I was assuming that this would block any access to O365 in a browser on a mobile device but it doesn't seem to?

      • Oliver Kieselbach's avatar
        Oliver Kieselbach
        MVP

        Hm... I never tried it that way but I see another attack vector when designing it with a block rule. If someone builds an app which allows web requests by individual input, a kind of custom browser, this will not be recognized by the block rule. So I would prefer the way to limit the users to approved apps.

Resources