This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 76%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
Purely out of interest for some research I am doing, when configuring a ‘compliance policy’ for Android smartphones in InTune, aside from the obvious, such as minimum OS levels (specifying only supported versions), encryption status, PIN/password/biometric requirement/complexity settings, what other types of 'setting' do you include in your compliance policies? These would be for managed devices, not BYOD devices.
I appreciate each organisation has its own requirements & risk tolerance, and some organisations will also be subject to specific security regulations that will influence their policy settings.
Hi,
Thank you for posting in Microsoft Q&A forum.
Per my experience, the most used compliance policy items are as you mentioned and what kind of special compliance policy to set depends on the company's requirements.
Here are some tips for compliance policy:
Assign your compliance policies to groups of users
Configure Conditional Access to block non-compliant devices
Test before deployment
Update your policies when necessary
Keep your policies simple to understand and follow
Thanks for your time. Have a nice day!
Best regards,
Simon
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.