Intune
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Intune

      Mobile Device Application Protection Policy Modification

      This guide will provide background information on modifying an existing application protection policy.

      App Protection Policy

      App protection policies (APP) are rules that ensure an organization's data remains safe or contained in a managed app.

      A policy can be a rule that is enforced when the user attempts to access or move "corporate" data, or a set of actions that are prohibited or monitored when the user is inside the app.

      A managed app is an app that has app protection policies applied to it and can be managed by Intune.

      Mobile Application Management (MAM) app protection policies allow you to manage and protect your organization's data within an application.

      Many productivity apps, such as the Microsoft Office apps, can be managed by Intune MAM.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Modifying a Mobile Device Application Protection Policy

      1. Navigate to App Protection - Intune, select the policy you wish to alter.
      2. Upon opening the policy, select Properties; all the information of the MAM policy will be displayed, from naming all the way to group assignment. 7 points of interest will be available to You can modify the sections as needed.
        1. Basics: Adjusts non-functional items of the policy, such as Name or Description.
        2. Apps: Specifies the scope of applications that are being monitored, such as All Apps or All Microsoft Apps.
        3. Data Protection: Specifies how data will be handled within the applications if users will be allowed to backup application data or have access to copy & paste functionality.
        4. Access Requirements: Specifies authentication requirements that must be met when accessing an application if users are required to enter a pin before accessing the app or setting a session timeout for inactivity.
        5. Conditional Launch: Specifies device compliance requirements that must be maintained, or application access will be denied.
        6. Assignments: Specifies which groups will have the MAM policy enforced on their mobile devices.
        7. Scope Tags: Specifies which administrators will be able to view and modify this object.
      3. The Sections will all have the same prompt for adjustments, either add, remove, or delete the setting and select Review + Save to finalize the changes.
      4. Once on the revisions page, if all the necessary adjustments look correct, select Save to finalize the modification process.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.