How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2? Intune is a Mobile Device Management (MDM), Mobile Information Management (MIM), and Mobile Application Management (MAM) SAAS solution by Microsoft.
Intune can protect corporate data using Mobile Application Management policies and conditional access. When you deploy MAM-enabled applications with MAM policies to mobile devices, you can restrict data transfer between managed and native mobile applications.
In this series, I’ll explain the end-to-end application addition/upload and deployment process and MAM policies. The first part has already been published; the third will be out next week.
In this post, we will cover the creation of the MAM policy for Android and iOS applications. These MAM policies will be used when we deploy applications to mobile devices or users; more details will be available in part 3 of this series.
Index |
---|
Deploy Applications MAM Policies |
- Part 1 – Upload/add iOS and Android applications to Intune.
- Part 3 – Deploy mobile applications along with MAM policies to Intune user or device groups
Deploy Applications MAM Policies
Click on the Policy – Configuration Policies tab and the “ADD...” button to launch the Intune policy setup wizard.
Now, we need to select the policy template. For Mobile Application Management (MAM) policies, we need to select Software, then either MAM for Android or MAM for iOS devices. How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2?
Intune MAM policies only apply for Android 4 above and iOS 7 above. Click on either of the policy templates to meet your requirements. I recommend creating a policy with the recommended settings and clicking the Create policy button.
Once you create the default MAM policy for Android or iOS, click on that policy, try to edit it, and see what the settings are.
Mobile Application Management Policies – We can apply the App Web Content policy restriction with this policy: “Restrict web content to display in the manager browser“.
Data Relocation policy will help us restrict or turn off options like copy, paste, “save as,” etc., for managed applications.
Using this policy, you can restrict access to the managed applications. Once you set up the policy, whenever you launch the application, you will be asked for a PIN or cooperation credentials to open the application from your mobile device.
Data Relocation Settings | Details |
---|---|
Prevent Android backups | Yes |
Allow the app to transfer data to other apps. | Policy Managed Apps |
Allow the app to receive data from other apps | Any App |
Prevent Save As | Yes |
Restrict cut, copy, and paste with other apps | Policy Managed Apps with Paste In |
Resources
Intune Device Management – HTMD Blog #2 (howtomanagedevices.com)
We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.
Author
Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.