I have a high level executive that wants to use the native outlook client that comes built in with iOS. I know about the "apple internet" app in azure, so i know i can achieve modern auth. The question i have is how can i compare the "Mobile device mailbox policy" settings against what is offered in a compliance policy in Intune ?
You can go through the documentation below, I think you need to compare against Compliance Policy and more importantly App Protection Policy. Are you trying to disable un-approved apps from accessing your email? If yes, use combination of App Protection Policy and Conditional Access.
I am not exactly sure what you are asking but +1 App Protection as it is really important and the native email app on an Ios is not capable of having app protection applied.
Device Mailbox Policy --> you set the things that are checked if you are compliant Compliance Policy --> you check the things that are set to be compliant Something like this?
Got it. So even if the device is managed through Intune, and we allow the native iOS mail client, we cant create an app protection policy to prevent the user from merging company data with personal data, Is this correct ?
best response confirmed by
skipster311-175 (Brass Contributor)
Yes indeed... the native mail client cant be targetted with app protection so when you are stepping it up a notch and creating a conditional access rule to require app protection.... you will be blocked
