Share via

require biometrics to access Outlook app - Unmanaged device

Paul W. Specht 1 Reputation point
2023-01-20T15:15:33.2933333+00:00

Can we force Outlook app on un-managed devices to use the App lock feature (Biometrics or screen lock creds to unlock Outlook app)

I know we cannot use MFA, but we want to secure the app on users phones

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,177 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Ruud Gijsbers Rademakers 551 Reputation points
    2023-01-21T17:28:04.8366667+00:00

    Hi Paul,

    It depends on the device you're using. For mobile devices like iOS and Android, you can create App Protection Policies in Intune as described here, [https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policies

    Some more guidance around the app protection framework, can be found here: [https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-framework

    For other devices you could look at Conditional Access Policies in combination with Authentication Strengths. This is een example for external users: [https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-authentication-strength-external.

    Regards,

    Ruud

    0 comments
  2. Crystal-MSFT 49,271 Reputation points Microsoft Vendor
    2023-01-23T01:49:28.65+00:00

    @Paul W. Specht, Thanks for posting in Q&A.

    Based on my research, for unmanaged device, there's a setting named "Require Biometrics to access the app" under app configuration policy can help. When it sets to yes, Biometrics, such as TouchID or FaceID, can be required for users to access the app on their device.

    User's image

    Here is a link with more details for the reference:

    https://learn.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/outlook-for-ios-and-android/outlook-for-ios-and-android-configuration-with-microsoft-intune#general-app-configuration-scenarios

    We can deploy Intune app protection policy target to outlook for iOS and android to the user group. And assign an app configuration policy for Managed apps with the above setting and target the policy to outlook to make it work.

    Hope it can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.