Forum Discussion
MCAS Session Rule for Personal Devices
Hello
Is it possible to create an MCAS Session Policy to block uploads/downloads for Personal Devices only (not corp devices)? I don't seem to have the option to do this. I can only set a policy for non-compliant machines. This would work, but I do not want it to affect corporate devices.
Thanks
2 Replies
- Just a clarification. In general sense, all corporate devices would Domain join / Azure AD join and hence compliant.. Personal device would not join Azure AD.
Is that not the case in your environment?- MCAS supports client certificates for device identification, so I suppose you could install client certificates on corp devices, to distinguish corp devices from personal devices.
https://docs.microsoft.com/en-us/defender-cloud-apps/proxy-intro-aad#managed-device-identification
