In the latest Microsoft Intune service update, Microsoft is further expanding their conditional access capabilities. It allows you to manage access to corporate email, files and other resources based on customizable conditions that ensure security and compliance, including location, risk, user, device, and app compliance. As conditions shift, access policies which are defined by IT are triggered to ensure that your corporate data is protected. And all this is done without on-premises gateways or appliances.
What’s new in June update:
- Now, you can set a conditional access policy for Exchange Online and SharePoint Online, so that they can only be accessed from supported web browsers on managed and compliant iOS and Android devices. End users who try to sign in to Outlook Web Access (OWA) and SharePoint Online sites from unmanaged iOS and Android devices will be prompted to enroll their device with Intune as well as to fix any non-compliance issues before they can access their email and documents.
- Now, you can set a conditional access policy for Dynamics CRM Online, so that it can only be accessed by managed and compliant iOS and Android devices. End users who try to sign in to the Dynamics CRM mobile app on iOS and Android will be prompted to enroll with Intune as well as to remediate any non-compliance issues before the sign-in is complete. This is similar to what is already available for Exchange Online, SharePoint Online and Skype for Business Online.
- Customers who use the Cisco Identity Service Engine (ISE) 2.1 and also use Microsoft Intune can set a network access control policy in ISE that will ensure that only devices that are managed and compliant with Intune are allowed to connect to the network using WiFi or VPN. End users with noncompliant devices will be prompted to enroll and remediate any compliance issues to gain access to the network.
Check out the full list of changes coming in this update here.