How do I block users from accessing mobile office apps on their personal devices?

Pat 1 Reputation point

As part of loss prevention and governance, I am looking for a way to block users from accessing Office apps (Word, Excel, etc.) on their personal devices.

I understand we can't really block them from downloading the app from the app store, but is there a way to prevent them from logging into the app using company domain credentials?

I assume this would be part of Azure AD conditional access, but I'm not sure where to start?

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,266 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,532 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Andy David - MVP 145.1K Reputation points MVP

  2. Andy David - MVP 145.1K Reputation points MVP

    You would still need to establish the compliance piece. When I referred to Defender for Cloud Apps , I meant as a supplement to a MDM solution like Intune.

    A true Device compliant architecture requires some sort of MDM to manage all the moving pieces and certificates etc...

    0 comments No comments