Intune is Mobile Device Management (MDM), Mobile Information Management (MIM) and Mobile Application Management (MAM) SAAS solution by Microsoft. Intune can be used to protect the corporate data using Mobile Application Management policies and conditional access. When you deploy MAM enabled applications with MAM policies to mobile devices then you can restrict the transfer of data between managed applications and native mobile applications. In this series, I’ll explain about end to end process of application addition/upload, deployment along with MAM policies. 1st Part of this series already published and 3rd part will be coming out in next week.
In this post, we are going to cover, creation of MAM policy for Android and iOS applications. This MAM policies will be used when we deploy application to mobile devices or users, more details will be available in part 3 of this series . Click on Policy – Configuration Policies tab and click on the “ADD...” button to launch the Intune policy setup wizard.
Now, we need to select the policy template. For Mobile Application Management (MAM) policies, we need to select Software then either MAM for Android or MAM for iOS devices. Intune MAM policies are only applicable for Android 4 above and iOS 7 above. Click on either of the policy template as per your requirement. I would recommend to create a policy with the recommended settings and click on create policy button.
Once you create the default MAM policy for Android or iOS then click on that policy and try to edit it and see what are the settings of the default policy.
Mobile Application Management Policies – We can apply App Web Content policy restriction with this policy “Restrict web content to display in the manager browser”. Data Relocation policy will help to us to restrict or disable the options like copy, paste, “save as” etc… for managed applications.
You can restrict the access to the managed applications using this policy. Once you setup the policy whenever you launch the application, you will be asked for a pin or cooperate credentials to open the application from your mobile device.