How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2? Intune is Mobile Device Management (MDM), Mobile Information Management (MIM), and Mobile Application Management (MAM) SAAS solution by Microsoft.
Intune can be used to protect corporate data using Mobile Application Management policies and conditional access. When you deploy MAM-enabled applications with MAM policies to mobile devices, then you can restrict the transfer of data between managed applications and native mobile applications.
In this series, I’ll explain an end-to-end process of application addition/upload and deployment along with MAM policies. 1st Part of this series has already been published, and 3rd part will be coming out next week.
Deploy Applications MAM Policies
In this post, we will cover the creation of the MAM policy for Android and iOS applications. These MAM policies will be used when we deploy applications to mobile devices or users; more details will be available in part 3 of this series.
Click on the Policy – Configuration Policies tab and click on the “ADD...” button to launch the Intune policy setup wizard.
Now, we need to select the policy template. For Mobile Application Management (MAM) policies, we need to select Software then either MAM for Android or MAM for iOS devices. How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2?
Intune MAM policies are only applicable for Android 4 above and iOS 7 above. Click on either of the policy templates as per your requirement. I recommend creating a policy with the recommended settings and clicking on the create policy button.
Once you create the default MAM policy for Android or iOS, then click on that policy and try to edit it, and see what are the settings of the default policy.
Mobile Application Management Policies – We can apply App Web Content policy restriction with this policy “Restrict web content to display in the manager browser”.
Data Relocation policy will help us to restrict or disable the options like copy, paste, “save as” etc… for managed applications.
You can restrict access to the managed applications using this policy. Once you set up the policy, whenever you launch the application, you will be asked for a pin or cooperate credentials to open the application from your mobile device.
Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a logger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…