Nov 23 2022 02:06 AM - edited Nov 23 2022 02:07 AM
Hi everyone,
1) Is it possible in Microsoft Intune to set this up policy that every time a user wants to download, copy, or delete something, the admin has to get the notification?
2)Is it possible to prevent the user from installing any app or software unless the admin grants permission? If the user wants to install something, the admin must grant permission.
If anyone has knowledge on these two types of policies, please send the required settings. It will be so helpful for me.
Thank you in advance.
Nov 23 2022 03:25 PM - edited Nov 23 2022 03:27 PM
Hi Akhil,
1. You may need to use EndPoint for DLP, you may get overwhelmed with the notifications though!
https://learn.microsoft.com/en-us/microsoft-365/compliance/endpoint-dlp-learn-about?view=o365-worldw...
https://www.sharepointdiary.com/2020/06/disable-mass-delete-email-notification-in-sharepoint-online....
2. I would remove Admin privileges from the user and replace with standard user, this way user needs to check with IT before installing apps.
If still looking for notifications, you can use Log Analytics Agent and setup alerts to notify you on certain Event Viewer ID.
https://learn.microsoft.com/en-us/azure/azure-monitor/agents/data-sources-windows-events
Hope this helps!
Moe
.
Nov 23 2022 11:43 PM