Intune CA Policy
I am working on setting up the Android and iOS platform for both corporate ( MDM+MAM ) and Personal ( Only MAM ) for an Org.
My query is, what are the recommended CA policy we can configure as part of best practices for both corporate and personal devices scenarios.
Answer ( 1 )
One of the must policies that is configured by most organizations is to provide access to Microsoft 365 apps (aka Office 365) and intranet apps access only when the device is compliant with Intune policies. This is achieved via Conditional Access policies.
One example to create Compliance Policy – https://www.anoopcnair.com/create-intune-compliance-policy-for-windows-365/ (follow the same method for Android and iOS) select the different platforms and create one policy for each platform.
Then create a conditional access policy using the template example given below. https://www.anoopcnair.com/enable-mfa-for-admins-aad-conditional-access/
This is one end-user experience example