cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Remove email access to non corporate devices

KurtisM1990
Copper Contributor

‎Apr 15 2021 06:33 AM

‎Apr 15 2021 06:33 AM

Remove email access to non corporate devices

Hi there, 

 

I've started to migrate all of our devices into InTune and naturally there are users out in the business against an MDM on their device. 

 

With no view of assets I was wondering if it's possible to remove access to O365 from their device but create an exempt group for our Directors who have their own devices but require access? 

Labels:
2,587 Views
0 Likes
3 Replies
Reply
3 Replies
best response confirmed by KurtisM1990 (Copper Contributor)
Rudy_Ooms_MVP

‎Apr 15 2021 06:40 AM - edited ‎Apr 15 2021 06:40 AM

‎Apr 15 2021 06:40 AM - edited ‎Apr 15 2021 06:40 AM

Solution

Re: Remove email access to non corporate devices

Hi,

It sounds you need to create a conditional access policy that targets exchange online and all other users except the director group. (In my opinion, not the best group to exclude... they are the most likely targeted) and require compliant devices.

So all users need to have enrolled/comliant devices except the director group... please do not forgot the create app protection policies for managed and unmanaged devices.

 

Here is some explanation:

The Chronicles of MAM - Call4Cloud Setting up IOS App protection policies

0 Likes
Reply
KurtisM1990

‎Apr 15 2021 06:41 AM

‎Apr 15 2021 06:41 AM

Re: Remove email access to non corporate devices

Hi Rudy,

Yeah I agree on your director comment but I'm sure you know how it is! I'll have a look into it.
0 Likes
Reply
Rudy_Ooms_MVP

‎Apr 15 2021 06:42 AM

‎Apr 15 2021 06:42 AM

Re: Remove email access to non corporate devices

Hi,

Yes I do :) I know it's hard... take a look at the link I just added with some explanation...
0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by KurtisM1990 (Copper Contributor)
Rudy_Ooms_MVP

‎Apr 15 2021 06:40 AM - edited ‎Apr 15 2021 06:40 AM

‎Apr 15 2021 06:40 AM - edited ‎Apr 15 2021 06:40 AM

Solution

Re: Remove email access to non corporate devices

Hi,

It sounds you need to create a conditional access policy that targets exchange online and all other users except the director group. (In my opinion, not the best group to exclude... they are the most likely targeted) and require compliant devices.

So all users need to have enrolled/comliant devices except the director group... please do not forgot the create app protection policies for managed and unmanaged devices.

 

Here is some explanation:

The Chronicles of MAM - Call4Cloud Setting up IOS App protection policies

View solution in original post

0 Likes
Reply