![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 76%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
384 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@crib bar Thanks for posting in Q&A. Based on the information provided, it is important to ensure that devices periodically check in with the Intune service to maintain access to protected corporate resources. If a device has not checked in for several months or longer, it may be inactive or no longer in use. In order to maintain the security of the environment and focus resources on managing active devices, it is recommended to remove stale or unused devices.
For Android mobile devices in Intune, you can use the Inactive Devices Report to identify inactive or stale devices. The Microsoft Learn article titled "How To: Manage stale devices in Azure AD" provides steps for efficiently managing stale devices in your environment, which can also be applied to Android devices managed in Intune. One option is to retire or delete stale or unresponsive devices that have not checked in for a certain period of time.
Leaving unused or possibly disposed of devices in Intune poses potential security risks such as the devices being compromised or used to access corporate resources. It is important to ensure that all devices are managed properly to maintain the security of your environment. Therefore, it is recommended to periodically remove any stale or unused devices from Intune.
References:
- iOS or iPadOS devices aren't checking in with the Intune service: https://learn.microsoft.com/en-us/troubleshoot/mem/intune/device-enrollment/ios-devices-inactive
- How To: Manage stale devices in Azure AD: https://learn.microsoft.com/en-us/azure/active-directory/devices/manage-stale-devices
- Use compliance policies to set rules for devices you manage with Intune: https://learn.microsoft.com/en-us/mem/intune/protect/device-compliance-get-started#integrate-with-conditional-access
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
