How to Setup Intune Compliance Policy for iOS Devices

Intune Compliance policies are one of the first security level of modern device management. Hence it's very important to plan it properly. PIN/Password settings along with OS versions which you want to allow.

3

In this post we will see how to setup Intune Compliance Policy for iOS. Intune Compliance Policy for iOS devices are to help to protect company data, the organization needs to make sure that the devices used to access company apps and data comply with certain rules. These rules might include using a password/PIN to access devices and encrypting data stored on devices. These set of such rules is called a compliance policy. Best option is to use compliance policy with Azure AD Conditional Access.

Video Tutorial to setup Intune Compliance Policy for iOS here

  • Intune Compliance policy setup for Windows 10 Devices here
  • Intune Compliance policy setup for Android Devices here
How to setup Intune Compliance Policy for iOS in Azure portal?
  1. Sign in to the Azure portal with an account that has Intune admin access.
  2. Select More services, enter Intune in the text box, and then select Enter.
  3. Select IntuneDevice ComplianceCompliancePolicies –  and Click on +Create policy button to create new compliance policy and select platform as “iOS”.
    How to Setup Intune Compliance Policy for iOS Devices 1
  4. Settings confgurations are really important for compliance policy. There are some improvements in Azure portal iOS compliance policies in terms of password settings.
  5. There are 4 categories in iOS compliance policies and those are Email, Device Health, Device Properties and System Security.
  6. Email setting requires mobile devices to have a managed email profile to get access to corperate resources.How to Setup Intune Compliance Policy for iOS Devices 2
  7. Device Health setting will check whether the device is jail brocken or not. If the iOS device is Jailbrocken it won’t provide access mail access to that device.
  8. Device Properties setting will check the OS version of the device and if the minimum version of the iOS OS.
  9. System Security setting is basally for password settings. There are some improvements over Intune silverlight portal here. We can have option  not to configure some of the settings like “Number of non-alphanumeric characters in password”. This was not possible with Intune silverlight portal.How to Setup Intune Compliance Policy for iOS Devices 3

Require a password to unlock mobile devices.
Simple passwords
Minimum password length
AlphanumericNot ConfiguredAlphanumericNumeric
Number of non-alphanumeric characters in password
Maximum minutes of inactivity before password is required
Password expiration (days)
Number of previous passwords to prevent reuse

10. Deploy Intune Compliance Policy for iOS to All iOS devices dynamic device group. Click on Assignment and select the dynamic device group. I would use AAD dynamic device groups to deploy compliance policies rather than AAD user groups.

(Update Device Groups are not supported for Compliance policies – hence use user groups for Intune compliance policies)

How to Setup Intune Compliance Policy for iOS Devices 4

Reference :-

What is device compliance in Intune Azure preview – here

3 COMMENTS

  1. i’m trying to set PIN on iOS Device with the simple password not permitted. Why the combination 307989 is considered too simple? thanks

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.