Forum Discussion
Disallow O365 access from 'outside' of the Android for Work work profile?
Is there a way to block Android for Work users to connect to Office 365 with apps that are installed outside of the work profile? For example on my Android for Work capable device I have a work ...
We normally create multiple compliance policies for each os etc. This one is an example of an android workprofile compliance policy
When this is configurede you could create an CA policy something like this
*Target the proper platforms:
*Target the client apps
*Of course select the users 🙂 and make sure you create an exclusion group for every ca policy you make
*Target the apps (or choose office 365)
*And to make sure to require compliant devices
- thanks for Sharing Rudy, thoses CA and compliace policies will allow a compliant personnal device to connect to O365 so an up to date device with the required security can access O365 from the personnal profile after enrolling the device into intune for example.
- I have similar policies to that , but it still lets you add and use Outlook/O365 in the personal profile. You can require a device to be 'compliant', and require the use of Outlook etc , but there seems to be no way (that i have found) to stop the use of Outlook in the personal profile, and only allow it in the work profile.
- When the ca rules are implemented like i shown above there should be no way a personal non compliant android device could access your exchange online environment. There must be something wrong, what happens when you look at the what if in the ca ?
- Just to be sure…you also configured a specific ca rule to make sure activesync/legacy auth/other clients is blocked?
