I am getting a bit confused about Conditional Access in the context of Intune MaM Without Enrollment.
Our employees use their own mobile phones (BYOD). Once users are assigned to a group that is targeted by the Intune license (E5), they are (after a while)
blocked from accessing emails with other apps than Outlook mobile, which is fine.
However, users not having an Intune license/not being part of this group for this purpose, can still access corporate emails via other apps.
How can I prevent access to corporate emails with other apps by default? Meaning that employees will only access them when they are "compliant" with Intune MaM-WE.
This could lead to a scenario where an employee not in being in the group (by mistake) use another email mobile app without us knowing and not benefit from our policies.
Any help with this?
Thank you very much.