Intune is Mobile Device Management (MDM), Mobile Information Management (MIM) and Mobile Application Management (MAM) SAAS solution by Microsoft. Intune can be used to protect the corporate data using Mobile Application Management policies and conditional access. When you deploy MAM enabled applications with MAM policies to mobile devices then you can restrict the transfer of data between managed applications and native mobile applications. In this series of posts, I’ll explain about end to end process of application addition/upload, deployment along with MAM policies.
In this post, we are going to cover, deployment of mobile applications along with MAM policies to Intune user or device groups. Go to Apps tab in Intune console and right click on the application which you want to deploy and click on Manage Deployment.
Deploy the software or application to Intune group. Select the groups to which you want to deploy this software. We can deploy applications to USER or DEVICE group. If you select DEVICE group for the application deployment then the only option you get is to select deployment type “Required Install” (force install). For USER group, you can select any of the deployment types (available install or required install). More details about deployment types in the following section.
Specify the type of deployment that you want to run for this software and then review the deployment settings. There are 2 types of deployment types “Available Install” or “Required Install“. Select deployment type “available install” when you want user driven installation on mobile devices. When you select “available install” option then the application will be available in the company portal. User needs to install it manually from the company portal.
Now, we need to select the mobile application management (MAM) policy. Select the MAM policy that you want to deploy for this software. As I mentioned in the previous post (Part 2), create and define separate MAM policies for iOS and Android devices respectively. Click on FINISH button to complete the deployment of application via Intune.
How to identify whether an application supports MAM policies in Intune? When you click on application at the bottom section of Intune console, it gives details about the application properties. Look at the property called “Support App Policy” and if it’s set to “Yes” then that means the application supports MAM policy.