Forum Discussion
Blocking Personal Outlook and Gmail Accounts on Corporate Device
Is there a way to exclude certain users or devices? Some users need access to Gmail for testing purposes, but I haven’t been able to implement this policy successfully. I tried using a CA policy, but it doesn’t seem to work for some reason.
Yes, you need to first setup device groups under defender portal > setting > endpoints.
Then setup app scoped profiles under defender portal > setting > cloud apps > app tags > scoped profiles
in scoped profile, you basically pick which device group goes into which scoped profile. you will need to design it a bit; but my experience is that more profile/group you create the higher chance that it will become messy so try to limit within 3 main groups (all unblocked, some blocked, all blocked).
once that is setup, you will be able to select which app is blocked using the scoped profile instead of blocked for all devices
by default, there is already 1 scoped profile that is every device.