Intune
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Intune

      Mobile Device Application Protection Policy Creation

      This guide will provide background information on creating an application protection policy that will influence the specified application on a mobile device platform; offers data protection and access requirements capabilities.

      App Protection Policy

      App protection policies (APP) are rules that ensure an organization's data remains safe or contained in a managed app.

      A policy can be a rule that is enforced when the user attempts to access or move "corporate" data, or a set of actions that are prohibited or monitored when the user is inside the app.

      A managed app is an app that has app protection policies applied to it and can be managed by Intune.

      Mobile Application Management (MAM) app protection policies allow you to manage and protect your organization's data within an application.

      Many productivity apps, such as the Microsoft Office apps, can be managed by Intune MAM.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Creating a Mobile Device Application Protection Policy

      1. Navigate to the App Protection Policy - Intune portal, locate and select the Create policy dropdown followed selecting the mobile device platform you wish to create the policy for.
      2. You will supply basic identification information such as the Name and Description for the policy. Select Next to proceed.
      3. Supply the type of applications you want to protect. Select Next to continue.
      4. Next you will be able to configure settings related to data loss protection such as restrictions related to copy, paste, sharing, etc. Select Next to proceed.
      5. You will be able to set authentication requirements such as pin to access a device, password complexity and length, etc. Select Next to continue.
      6. Next you can set conditional access constraints for both application use and device access. Select Next to proceed.
      7. You will be able to configure Group Assignments or Exclusion for the policy. Locate and select the Add groups action. A pop-up will be displayed where you will supply the name of the group in the provided search bar, make sure to select the Group from the list. If done correctly they will be generated in the Selected Items section, finalize the addition by clicking Select. Select Next to proceed to revisions.
      8. The review page will allow you to see all configured settings for the policy creation process, if you detect a discrepancy at this stage make note of the section and select Previous to go back to make the necessary alterations before finalization. If everything checks out, select Create to publish the rule.
      9. Upon successful creation the rule will show up in the list of all app protection policies managed through Intune.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.