Share via

How to classify MDM,MAM and Security policies?

Dave D 61 Reputation points
2020-11-30T04:54:40.767+00:00

Hello,

As there are plenty of policies to be managed, it's lil confusing often which policy comes under which area? Can you please share how can I classify MDM,MAM and Security ? Which policies comes under which area ? Are all security policies comes under MDM/MAM ? Or MDM or MAM has it's own security policy and Microsoft 365 Security policies are totally another different area?

How can I identify that policy is a part of MDM/MAM/Security? can anyone please clarify?

Thanks,

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator
    2020-12-02T00:07:59.607+00:00

    MDM and MAM are managed by management solutions such as Intune. Azure Security Center allows you to use both built-in and custom policies to ensure compliance for your organization.

    Intune MDM and MAM policies are separate from security center policies, and Intune also has endpoint security policies.

    The difference between MDM and MAM is that MDM is about the control of devices such smartphones and tablets, whereas MAM is focused on specific corporate applications. MAM also controls device data but also allows for more granular control at the application level. The differences are covered in this Microsoft overview, Differences between MDM and MAM.

    I've re-tagged this under "Intune" as this is more related to Intune than Azure Security Center.

    0 comments
  2. Dave D 61 Reputation points
    2020-12-02T06:19:42.183+00:00

    Thank you @MarileeTurscak for your response!

    I see there is an "App Protection/Security Policy" - which sounds like part of "Security and Protection" but it also comes under "Intune" so it could be part of MAM ? which is the base of MDM ? And therefore It's often confusing to categorize/understand the purpose of the policy based on it's name.

    There are security/protection/compliance policies in Intune/End Point Manager, then there are some in "Security and Compliance" center, there are some in Exchange Admin Center etc.

    Can you please clarify, how can I identify that "any" policy is a part of "MDM/MAM/Security/Protection/Exchange" ? (I assume device compliance would come under protection so I have not mentioned word "Compliance")

    Thank you for your understanding!

    Regards,

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.