This post helps you to monitor App Protection Policy status from Intune Admin portal. Intune App protection policies are rules that ensure corporate data remains safe or contained in a managed app.
Intune App Protection Policy allows organizations to enforce specific security and data protection measures on mobile apps used within their managed environment. By defining and applying Intune App Protection Policies, admins can control app behavior, protect sensitive data, and ensure compliance with organizational security policies.
These policies can be configured to prevent data leakage, restrict app access based on device compliance, require app-level authentication, enable encryption, and implement other security measures.
Intune App Protection Policies provide a comprehensive and flexible approach to securing mobile apps, empowering organizations to protect their data while allowing employees to use their preferred devices and applications.
By monitoring the Intune App Protection Policy status in the Intune admin center, you can stay informed about the enforcement and assignment status of your policies and take necessary actions to address any issues.
- Best Guide to Configure Email Settings for Android Devices in Intune
- How To Create Application Configuration Policies For Managed Apps In Intune
Monitor Intune App Protection Policy Status
Intune app protection policies platform support aligns with Office mobile application platform support for Android and iOS/iPadOS devices. Let’s follow the steps to check Intune App Protection policy status report.
- Sign in to the Microsoft Intune admin center https://intune.microsoft.com/.
- Select Apps > Monitor.
Once you are inside the Monitor section, Click on App protection status. The following list provides details about the app protection status, along with additional details that help you get an overview.
Note! App protection data is retained for a minimum of 90 days. Any app instances that have checked in to the Intune service within the past 90 days is included in the app protection status report.
- User: The name of the user.
- Email: The email of the user.
- App: The name of the app.
- App version: The version of the app.
- App Instance Id: The instance ID is unique across all app instances.
- Device Name: Names of any devices that are associated with the user’s account.
- Device Manufacturer: This lists the manufacturer of the device (Android only).
- Device Model: This lists the manufacturer of the device (Android only).
- Android Patch Version: The date of the last Android Security Patch.
- AAD Device ID: This column gets populated if the device is AAD-joined.
- MDM Device ID: This column gets populated if the device is enrolled in Intune MDM.
- Platform: The operating system.
- Platform version: The operating system version.
- Management Type: Type of management on device. For example, Android Enterprise, unmanaged, or MDM.
- App Protection Status: Unprotected or protected.
- Policy: The app protection policies are associated with the app.
- Last Sync: When the app was last synced with Microsoft Intune.
- Compliance State: Whether the app on the user’s device is compliant with any app-based Conditional Access policies.
- Sdk Version: The version of the software development kits (sdk).
In the Column details, You can get detailed reports containing valuable information allowing you to Search by device name, Policy name, App, App Version, Intune device ID, or Azure AD device ID.
You can also get a summary of app protection status, Clicking on Apps, Overview allows you to get the following details.
- Assigned users: The total number of assigned users using an app associated with a policy in a work context and are protected and licensed, as well as the assigned users that are unprotected and unlicensed.
- Flagged users: The number of users who are experiencing issues with their devices. Jailbroken (iOS/iPadOS) and rooted (Android) devices are reported under Flagged users.
- User status for iOS/ Android: The number of users who have used an app and have a policy assigned to them in a work context for the related platform.
App Protection Policy Insights from Intune Troubleshooting Pane
The troubleshooting pane lets you explore new Troubleshooting Experiences from Intune for checking user and device issues, For More details, you can Explore New Intune Troubleshooting Dashboard For Intune Issues.
Once a user is selected, their information is loaded into a new tabbed format that starts with an overview of their licensing and account status. The following tabs are available to help troubleshoot and diagnose issues your users may be experiencing:
The App protection policy tab shows you all the app protection policies targeted to that user. Clicking the policy name will take you to the policy for greater detail.
About Author – Jitesh, Microsoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.