@EnterpriseArchitect Thanks for posting in our Q&A. From your description, did you mean that you want to make the device safety? If there is anything misunderstanding, feel free to let us know.
From intune's point of view, endpoint security policy may achieve your requirements. Please refer to the following article:
https://learn.microsoft.com/en-us/mem/intune/protect/endpoint-security
Hope it will give you some ideas.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.