Oct 02 2018 03:49 AM
Our BYOD policy requires us to lock down access to 365 via browser only and prevent data egress. We can do this using app protection but it only works 100% as required once the device is azure ad registered. As far as I can see this is a user driven task - this will never work as probably 50%+ of users wouldn't bother - is there a way to force a user down this route?
Or is there another option we haven't thought of?
Second issue is we have requirements around both MAM and MDM which is causing a headache but that's secondary. If I could fix issue 1 above then I can probably win the argument on the rest.
How is everyone else approaching intune and BYOD?
Oct 02 2018 12:17 PM
Hi,
You can force them to use the Managed Apps using Conditional access then they will not be able to access the services using a non manged app. Maybe some users will not bother but then they won't have access to their mail/calender on their mobile device either..
Regards,
Jörgen