Share via

Is there a policy to enforce iOS updates on personal devices for company data access without full MDM control?

Madison544 20 Reputation points
2024-09-13T15:08:13.2933333+00:00

Our company wants users to access Outlook and/or Teams on their personal devices, but without full MDM control over their personal devices. How can we ensure that the personal device has the latest iOS before accessing company data on their phones? We are trying to avoid users with compromised devices from accessing valuable company data. Are there any policies that we can enforce to ensure that devices must be updated to access company data while still leaving device control to the user?

I have explored MAM and MAM-WE, but these approaches only allow for settings for the app to be met, rather than requiring the device itself to be up to date. Any help is appreciated.

Outlook
Outlook
A family of Microsoft email and calendar products.
3,980 questions
Microsoft Intune iOS
Microsoft Intune iOS
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.iOS: An Apple mobile operating system.
232 questions
Microsoft Intune Application management
Microsoft Intune Application management
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Application management: The process of creating, configuring, managing, and monitoring applications.
957 questions
Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,372 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,182 questions
Accepted answer
  1. ZhoumingDuan-MSFT 13,635 Reputation points Microsoft Vendor
    2024-09-16T02:09:22.65+00:00

    @Madison544, Thanks for posting in Q&A.

    From your description, I know you want to create a policy to enforce lasted iOS on personal devices for company data access without full MDM control.

    Based on my research, we can create an app protection policy for both Outlook and Teams, and in the configuration of Condition launch session, we can configure the Max OS version or Min OS version to restrict the required OS version access the apps.

    https://learn.microsoft.com/en-us/mem/intune/apps/app-protection-policy-settings-ios#conditional-launch

    Hope it will help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.