But this doesn`t block Windows devices from accessing my cloud apps when those apps are not managed. I need to use some conditional access policy for that, but can somebody point me in the right direction (article) of the correct settings for such a CA policy?
We are in the process of a migration to Windows 10. We want to allow our users to access our data with their own device, but only when WIP is applied (so only allow Windows 10 with Creators Update). So we want to block all other Windows devices when the WIP policy is not applied. But because these are personal owned devices we cannot use a condition of domain-joined or compliant (because we cannot do MDM).