How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2

How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2? Intune is a Mobile Device Management (MDM), Mobile Information Management (MIM), and Mobile Application Management (MAM) SAAS solution by Microsoft.

Intune can protect corporate data using Mobile Application Management policies and conditional access. When you deploy MAM-enabled applications with MAM policies to mobile devices, you can restrict data transfer between managed and native mobile applications. 

In this series, I’ll explain the end-to-end application addition/upload and deployment process and MAM policies. The first part has already been published; the third will be out next week.

In this post, we will cover the creation of the MAM policy for Android and iOS applications. These MAM policies will be used when we deploy applications to mobile devices or users; more details will be available in part 3 of this series.

Patch My PC
Index
Deploy Applications MAM Policies
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 – Table 1

Deploy Applications MAM Policies

Click on the PolicyConfiguration Policies tab and the “ADD...” button to launch the Intune policy setup wizard.

How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 - Fig.1
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 – Fig.1

Now, we need to select the policy template. For Mobile Application Management (MAM) policies, we need to select Software, then either MAM for Android or MAM for iOS devices. How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2?

Adaptiva

Intune MAM policies only apply for Android 4 above and iOS 7 above. Click on either of the policy templates to meet your requirements. I recommend creating a policy with the recommended settings and clicking the Create policy button.

How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 - Fig.2
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 – Fig.2

Once you create the default MAM policy for Android or iOS, click on that policy, try to edit it, and see what the settings are.

How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 - Fig.3
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 – Fig.3

Mobile Application Management Policies – We can apply the App Web Content policy restriction with this policy: “Restrict web content to display in the manager browser“.

Data Relocation policy will help us restrict or turn off options like copy, paste, “save as,” etc., for managed applications.

How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 - Fig.4
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 – Fig.4

Using this policy, you can restrict access to the managed applications. Once you set up the policy, whenever you launch the application, you will be asked for a PIN or cooperation credentials to open the application from your mobile device.

Data Relocation SettingsDetails
Prevent Android backupsYes
Allow the app to transfer data to other apps.Policy Managed Apps
Allow the app to receive data from other appsAny App
Prevent Save AsYes
Restrict cut, copy, and paste with other appsPolicy Managed Apps with Paste In
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 – Table 2
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 - Fig.5
How to Deploy Applications MAM Policies to Mobile Devices Using Intune Part 2 – Fig.5

Resources

Intune Device Management – HTMD Blog #2 (howtomanagedevices.com)

We are on WhatsApp now. To get the latest step-by-step guides, news, and updates, Join our Channel. Click here. HTMD WhatsApp.

Author

Anoop C Nair is Microsoft MVP! He is a Device Management Admin with more than 20 years of experience (calculation done in 2021) in IT. He is a Blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. He writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.