cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Intune MAM Delve app dataloss issue?

Vegard Strømsøy
Brass Contributor

‎Nov 27 2018 02:37 AM

‎Nov 27 2018 02:37 AM

Intune MAM Delve app dataloss issue?

We have set up conditional access policy requiring approved apps for access to Office 365 data

Control access for approved client apps

 

The documentation https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/technical-reference#appro... lists Microsoft Delve as one of the client apps. It goes on to say "The approved client apps support the Intune mobile application management feature."

 

In Intune we have set up iOS app protection policy for Word, Excel etc., Delve is not a choice here. We add Delve using the bundle id, with the result that the sign-in in the Delve app now registers the device through Authenticator. None of the other app policy settings are applied however, no PIN requirement, copy paste is allowed to any app etc. These are restrictions we have working in the other apps such as Word and Excel.

 

In the Delve app users can still read all accessible documents from O365 with no PIN prompt and copy/paste anywhere. How do we prevent this so not to render the policy pointless? Does anyone have a recipe for blocking access to the Delve app (through conditional access?), or any way of managing the app properly?

3,372 Views
0 Likes
6 Replies
Reply
6 Replies
best response confirmed by Vegard Strømsøy (Brass Contributor)
esmugala

‎Dec 06 2018 04:05 PM

‎Dec 06 2018 04:05 PM

Solution

Re: Intune MAM Delve app dataloss issue?

This can by remediated by creating a Conditonal Access policy targeted to Office Delve and IOS/Android devices.  Setting that to block will prevent access.  Microsoft should really update their list of apps approved for CA for mobile though as we noticed the same thing.

1 Like
Reply
Vegard Strømsøy

‎Dec 17 2018 01:41 AM

‎Dec 17 2018 01:41 AM

Re: Intune MAM Delve app dataloss issue?

@esmugala wrote:

This can by remediated by creating a Conditonal Access policy targeted to Office Delve and IOS/Android devices.  Setting that to block will prevent access.  Microsoft should really update their list of apps approved for CA for mobile though as we noticed the same thing.

This works well, with the one caveat that Delve/My profile is not accessible anymore i Edge when browsing SharePoint Online sites in the tenant from iOS devices. Acceptable stop-gap I suppose whilst waiting for Microsoft to remedy this properly.  

0 Likes
Reply
EUXGuy

‎Mar 30 2020 12:20 PM

‎Mar 30 2020 12:20 PM

Re: Intune MAM Delve app dataloss issue?

Still waiting for an updated app...

0 Likes
Reply
Samuel Aderemi

‎Oct 08 2020 09:18 AM

‎Oct 08 2020 09:18 AM

Re: Intune MAM Delve app dataloss issue?

@Vegard Strømsøy What bundle id did you use for the iOS app protection policy here?

0 Likes
Reply
Vegard Strømsøy

‎Oct 09 2020 01:30 AM

‎Oct 09 2020 01:30 AM

Re: Intune MAM Delve app dataloss issue?

@Samuel Aderemi we created a conditional access policy which targets cloudapp Office Delve (94c63fef-13a3-47bc-8074-75af8c65887a)

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Vegard Strømsøy (Brass Contributor)
esmugala

‎Dec 06 2018 04:05 PM

‎Dec 06 2018 04:05 PM

Solution

Re: Intune MAM Delve app dataloss issue?

This can by remediated by creating a Conditonal Access policy targeted to Office Delve and IOS/Android devices.  Setting that to block will prevent access.  Microsoft should really update their list of apps approved for CA for mobile though as we noticed the same thing.

View solution in original post

1 Like
Reply