cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Restrict printing to corporate locations

Philip Büchler
Brass Contributor

‎Mar 12 2020 12:14 AM

‎Mar 12 2020 12:14 AM

Restrict printing to corporate locations

I was approached with the question if we can restrict printing with Intune. We have Intune managed clients where users are Admin, as we only protect the identity (Azure AD Conditional Access, CASB) and documents (Azure Information Protection) and the client is never entering the corporate network. 

 

Now Security wants to limit printing to corporate printers. 

 

I can't think of any way to achieve that, but I hope the community has solutions. 

 

Maybe Applocker, PowerShell or policies I don't know?

Labels:
8,280 Views
0 Likes
5 Replies
Reply
5 Replies
Moe_Kinani

‎Mar 12 2020 04:01 AM

‎Mar 12 2020 04:01 AM

Re: Restrict printing to corporate locations

It looks like you can achieve the objective using ‘MAM policies’, have you tried it?

https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/11600817-prevent-printout-via-...
0 Likes
Reply
Thijs Lecomte

‎Mar 12 2020 07:24 AM

‎Mar 12 2020 07:24 AM

Re: Restrict printing to corporate locations

@Philip Büchler 

 

It's only possible to blocking printing as a whole through MAM.

There is no built-in solution in-place.

 

I also can't think of a custom solution for the same.

1 Like
Reply
Philip Büchler

‎Apr 15 2020 05:30 AM

‎Apr 15 2020 05:30 AM

Re: Restrict printing to corporate locations

This unfortunately is for mobile OS. I was looking for a solution for Windows.
0 Likes
Reply
Thijs Lecomte

‎Apr 15 2020 08:23 AM

‎Apr 15 2020 08:23 AM

Re: Restrict printing to corporate locations

You could do that with WIP - https://docs.microsoft.com/en-us/windows/security/information-protection/windows-information-protect...

But be aware, the implementation is cumbersome and not straight forwarrd

I try to stay away from it as much as possible
0 Likes
Reply
Philip Büchler

‎Apr 16 2020 12:56 AM

‎Apr 16 2020 12:56 AM

Re: Restrict printing to corporate locations

Funny enough, this customer uses WIP and I can confirm its cumbersomeness. It would only work if we used RMS as well though. And then, I think, it would prevent printing on a document level.
What the CISO wants to achieve is to limit printing to company printers. So a user can't print on his printer at home, but can print in the office. I will recommend to use AIP and solve it on a document level.

Meanwhile I might test this out: https://docs.microsoft.com/en-us/mem/intune/configuration/device-restrictions-windows-10#printer
Setting the network printer as default and not allowing adding new printers.
0 Likes
Reply