This guide will allow administrators to add desired Microsoft applications they want to make accessible on end users mobile devices.
Deployment of this Conditional Access Policy applies to organizations that have also had a Device Security or Device Management configuration package deployment.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: Identity Security
Domain: Device Protection Management
Modifies: Sanctioned Mobile Applications
Mobile Application Allowance
- Navigate to Conditional Access Policies – Azure Active Directory, locate and select the Security Essentials: C7 – Default Mobile Application Restriction policy.
- A pop up will be displayed containing all the configured settings being enforced by the policy. Locate and select the Target Resources section followed by the Exclude header. Under the Select Excluded Cloud Apps option select the hyperlink to generate the list of all current cloud application that are exempt. Do not modify any other settings listed, failure to abide could result in resources not being protected properly or a mass lockout scenario due to misconfiguration.
- From the list you will be able to select the desired Cloud Applications specified by management. Use the provided text field to search for the application by name or backend process name, select the name in the generated list below, once selected they will be displayed in the Selected Items section. Finalize the app selection by hitting Select.
- Once the necessary exemptions have been made and the application is generating in the list of Selected Excluded Cloud Apps, select Save to finalize the Mobile Application Access exemption process.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.