Intune
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Intune

      Mobile Device Application Protection Policy Modification

      This guide will provide background information on modifying an existing application protection policy.

      App Protection Policy

      App protection policies (APP) are rules that ensure an organization's data remains safe or contained in a managed app.

      A policy can be a rule that is enforced when the user attempts to access or move "corporate" data, or a set of actions that are prohibited or monitored when the user is inside the app.

      A managed app is an app that has app protection policies applied to it and can be managed by Intune.

      Mobile Application Management (MAM) app protection policies allow you to manage and protect your organization's data within an application.

      Many productivity apps, such as the Microsoft Office apps, can be managed by Intune MAM.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Modifying a Mobile Device Application Protection Policy

      1. Navigate to the App Protection Policy - Intune portal, locate and select the policy you wish to alter.
      2. Upon selecting the policy, select the Properties tab; all the information of the rule will be displayed. Seven points of interest will be available to Edit. You can modify the sections as needed.
        1. Basics: Adjusts non-functional items of the rule, such as the Name or Description of the rule.
        2. Apps: Specifies the scope of applications that are being monitored, such as All Apps or All Microsoft Apps.
        3. Data Protection: Specifies how data will be handled within the applications if users will be allowed to backup application data or have access to copy & paste functionality.
        4. Access Requirements: Specifies authentication requirements that must be met when accessing an application if users are required to enter a pin before accessing the app or setting a session timeout for inactivity.
        5. Conditional Launch: Specifies device compliance requirements that must be maintained, or application access will be denied.
        6. Assignments: Specifies which Groups will be included or excluded from rule enforcement.
        7. Scope Tags: Specifies which administrators will have access to the viewing and altering this object.
      3. Regardless of which section is selected to be Edited, the same redirect to the Edit Policy page will be displayed. The first page will display the selected sections current configuration and will allow you to make the necessary adjustments (additions, removals, editing, etc.) The second page will be the Review section where you will finalize the changes. Once the necessary adjustments have been configured for the selected section select Review + save to continue to the modification finalization stage.
      4. Once on the revisions page, if all the necessary adjustments look correct, select Save to finalize the modification process.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.