How to Create App Protection Policies for Windows MAM Devices

Let’s learn How to Create App Protection Policies for Windows MAM Devices. App protection Policies for Windows are used to protect the data using Intune. Intune MAM provides health checks for Unmanaged devices using CA and App Configuration policies.

Intune Admins can easily create an App protection policy to protect the organization’s data. Mobile Application Management (MAM) allows you to deploy apps without enrollment. You can easily create App protection policies for Windows devices using Intune MAM.

This blog post helps you easily create policies for Protecting Apps. Using this policy, you can protect your App data, know the device’s condition, etc. Conditional Access Policies for Windows MAM Devices are important to protect these types of Windows devices.

Health checks allow you to specify the criteria that must be met before your data can be accessed and to allow you to specify the automated action warn block or wipe that occurs if the health check fails. Microsoft shared detailed information on Windows MAM-related App protection policy with the latest Technical Takeoff session by Danniel Emerson.

Patch My PC

What are the Advantages of App Protection Policies?

How to Create App Protection Policies for Windows MAM Devices

App protection policy is essential for the protection of organizational data. This policy helps to do a health check of the device. The following are the Advantages of App Protection Policies.

1. It allows to Protect the Company data at the app level
2. Helps to protect company data without touching personal data
3. Helps to protect data on both managed and unmanaged devices

Intune MAM Create App Protection Policies for Windows Devices

You can easily create App Protection Policies for Windows Devices via Microsoft Intune Admin Center. By protecting the app data you can increase the productivity of your organization.

How to Create an App Protection Policy
Open Microsoft Intune Admin Center
Select the App section on the left side of the Microsoft Intune Admin Center window
Select the App Protection Policies option
Click on the Create Policy option
Select the Windows option from Create Policy
How to Create App Protection Policies for Windows MAM Devices – Table.1
How to Create App Protection Policies for Windows MAM Devices - Fig.1 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.1 – Creds to Danniel Emerson Microsoft

After selecting the Windows option for creating a Policy, name the policy. Here, the (Windows MAM app) is given as the name of the policy. After that, select Microsoft Edge as the target app and click on the Select option. Then click on the Next option from the below window.

Adaptiva
How to Create App Protection Policies for Windows MAM Devices - Fig.2 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.2 – Creds to Danniel Emerson Microsoft

After that, Select the Apps option and click on the Next option from the below window. This screenshot below shows Microsoft Edge is shown as the selected app.

How to Create App Protection Policies for Windows MAM Devices - Fig.3 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.3 – Creds to Danniel Emerson Microsoft

In the below window, the Data Protection option is selected. We support a simplified data container for Windows where organization data sharing is allowed or blocked from the protected application.

This demo will block all incoming and outgoing sharing clipboard usage and printing. Select the Next option after selecting the appropriate Data transfer and functionality options.

How to Create App Protection Policies for Windows MAM Devices - Fig.4 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.4 – Creds to Danniel Emerson Microsoft

Health Checks in App Protection Policy

The Health check is an important section in the App Protection Policy. Health checks we support both app condition checks, such as how long the app can go offline without a policy check-in, and device checks.

How to Create App Protection Policies for Windows MAM Devices - Fig.5 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.5 – Creds to Danniel Emerson Microsoft

The Device conditions include the OS version for the demo. They will configure the maximum allowed device threat level triggered by the client health data from the Windows Security Centre. If the check fails to report the device is secure, it will block access.

  • Click the Next button
How to Create App Protection Policies for Windows MAM Devices - Fig.6 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.6 – Creds to Danniel Emerson Microsoft

After that, you will need to Target user groups for the demo to Target the policy. Here choose the same group targeted with a conditional access policy, and clicking Create will allow you to save and deploy the policy to your users.

  • Select the Add Groups option
  • Select Windows MAM Groups to include
  • Click on the Select option
  • Click on the Next option
How to Create App Protection Policies for Windows MAM Devices - Fig.7 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.7 – Creds to Danniel Emerson Microsoft

After clicking on the Next option, another window will appear. In this section, you can see the platform, Data protection, Health Checks, and Assignments of the policy. Click on the Create option to Create the policy.

How to Create App Protection Policies for Windows MAM Devices - Fig.8 - Creds to Danniel Emerson Microsoft
How to Create App Protection Policies for Windows MAM Devices – Fig.8 – Creds to Danniel Emerson Microsoft

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click here for HTMD WhatsApp.

Author

Gopika S Nair is a computer enthusiast. She loves writing on Windows 11 and related technologies. She is here to share quick tips and tricks with Windows 11 or Windows 10 users. She is Post Graduate Diploma Holder in Computer Science.

1 thought on “How to Create App Protection Policies for Windows MAM Devices”

  1. Is there a solution to only apply the windows app protection policy to unmanaged windows devices. The filter for windows apps doesn’t have the same option as Android and iOS to create the following query:

    (app.deviceManagementType -eq “Managed”)

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.