cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to best deny mail access to third party apps?

Ion Zubia
Brass Contributor

‎Feb 19 2018 02:55 AM

‎Feb 19 2018 02:55 AM

How to best deny mail access to third party apps?

Hello,

 

What would be the best way to deny mail access to third party apps? I'm about to deploy Microsoft Intune to protect our data and I've noticed that when retrieving mail data from a device it will fail to do so with third party apps.

 

Is it possible for a 365 account to be able to access mail only by using Outlook?

 

Thank you,

 

Ion

820 Views
0 Likes
2 Replies
Reply
2 Replies
Joel Jerkin

‎Feb 19 2018 11:00 PM

‎Feb 19 2018 11:00 PM

Re: How to best deny mail access to third party apps?

Hi,

 

I would recommended looking at Conditional Access in Azure AD:
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-azure-po...

 

With Conditional Access you could create policies depending on the platform (Windows, Mac, iOS, Android), what type of application (Exchange Online, SharePoint, etc.) and if the application needs to be an approved application (Microsofts own applications), device is compliance in Intune and/or require MFA.

 

Regards

1 Like
Reply
Vasil Michev

‎Feb 20 2018 12:38 AM

‎Feb 20 2018 12:38 AM

Re: How to best deny mail access to third party apps?

If you are only concerned about email, you can block specific apps and protocols via the corresponding controls for Set-CasMailbox: https://technet.microsoft.com/en-us/library/bb125264(v=exchg.160).aspx

 

In addition, the mobile device policies can control access for any ActiveSync apps. The newly released Client Access Rules can also help: https://technet.microsoft.com/en-us/library/mt842508(v=exchg.150).aspx

 

Intune or Conditional Access offer additional options, but those come at a price.

0 Likes
Reply