First published on TechNet on Jul 17, 2018 Laura Arrizza | Intune PM
Intune recently released an updated capability that’s been requested through support and other feedback channels. In this post, we share how you can use this feature to help your end users stay current with the latest OS updates while accessing corporate data.
A common use of Intune App Protection Policies (APP) is to configure settings to block end users from accessing a corporate application or account. These settings target data relocation and access requirements set by your organization for things like jailbroken devices and minimum OS versions. In the latest release of Intune, we’ve expanded the functionality of this feature to allow you to explicitly choose to wipe your company’s corporate data from the end user’s device as the action to take on non-compliance.
For some settings, you will be able to configure multiple actions, such as block access and wipe data based on different specified values. You can select from a common list of additional actions including:
Block access – Block the end-user from accessing the corporate app.
Wipe data – Wipe the corporate data from the end-user’s device.
Warn – Provide dialog to end-user as a warning message.
One way you’ll be able to use this expanded feature is to take different actions based on your device OS policy. For example, say you want to:
Wipe corporate data from Min OS version 6.0.
Block access to corporate data from Min OS version 7.0.
Warn the end user that they’re not compliance to access corporate data from Min OS version 8.0.
In this example, you now have granularity in how you can control end users’ access to corporate data pending their OS version. This is what the min OS version setting looks like from the console:
Once a setting is fully configured, the row will now appear in a read-only view and be available to be edited at any time. The row after it will appear to have a dropdown available for selection in the Setting column.
For the settings that have already been configured and do not allow for multiple actions, they will not be available for selection in the dropdown.